Re: [dhcwg] Fwd: New Version Notification for draft-ietf-dhc-sedhcpv6-20.txt

Ted Lemon <mellon@fugue.com> Sat, 18 February 2017 17:17 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9499512954C for <dhcwg@ietfa.amsl.com>; Sat, 18 Feb 2017 09:17:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L1xbJn8GwgZA for <dhcwg@ietfa.amsl.com>; Sat, 18 Feb 2017 09:17:14 -0800 (PST)
Received: from mail-lf0-x233.google.com (mail-lf0-x233.google.com [IPv6:2a00:1450:4010:c07::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F0B5129549 for <dhcwg@ietf.org>; Sat, 18 Feb 2017 09:17:13 -0800 (PST)
Received: by mail-lf0-x233.google.com with SMTP id o140so20105563lff.1 for <dhcwg@ietf.org>; Sat, 18 Feb 2017 09:17:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ECXKWLWB51Ll0heYSub514HNUZ7rk44ayCBU7A7IugE=; b=CGBP8DPWYvqhnGM78rRxLxd3G8fnnhH+zfB/hwKJc81omSKC2TT67bRlxA6ypE0sR0 p7wEmTJ58hCiC8Ws4HbyfMfslQLMlJAQ5eN0SdPcea6et9YNaO45BrWMhyjJmMLcnvGu 5QxzP/9O1wM9FEukD6TYOuDv58OiR/N1JONVIXfLGZvXRJ6/828fYiUdP6lp/NQp+5hl wc4pFbmEJOzGXnBbMwRlqgGWJV7ypamsGOH5pes9BnkOgVFrQQ9exVJMxF8bTOYJuYoq uBUDJ4IKZhlSRVIw7tDXTLn7my9XgDBAzQUIi3MmnGIVbchYnHPEmmUgMjYf7lMba6hw 8suw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ECXKWLWB51Ll0heYSub514HNUZ7rk44ayCBU7A7IugE=; b=VfZCB1DuWIi63NJLwsOvDqNFa7jrywZMQdvXIvLKK2TBUplg6WKl0hXETvbwGf4ZNk hvMdjFZZ+3dMbVfnflty+bW9xeSp41r74a0oSQClt2Pp9A0lEFb2IMqKj+wW/F0RqRQv 6CmLecvoOwOU+1EOe5UjYXhVArqWHTsRRXrZ/0RL6bis4p0dn+u+RMWtQBb/0pgPHNov rF1AjewSvnRtd7bxb7tsnHCDOzSjbOVZDaEfBbvgxgEig6HAslLoAIE81vwKznW9Avvk HrPH3vAIJiJhPX8/Pze6NybyUMMMjmerVFqiSc7nTjuypk0wqQrNmhLHGUyF5J7l5n9W M7HA==
X-Gm-Message-State: AMke39lMDA6OH4NlH06bHX79sol8GwC9bQkujSog7J1Gqolrqc2/IS7/nyKNVHQ7rB09aaTdb6II70yUx3taKQ==
X-Received: by 10.25.76.85 with SMTP id z82mr3195967lfa.181.1487438231711; Sat, 18 Feb 2017 09:17:11 -0800 (PST)
MIME-Version: 1.0
Received: by 10.25.20.153 with HTTP; Sat, 18 Feb 2017 09:17:10 -0800 (PST)
Received: by 10.25.20.153 with HTTP; Sat, 18 Feb 2017 09:17:10 -0800 (PST)
In-Reply-To: <CAPt1N1kt51wpxwp94RyYGTtgYpWvBs8qxhHp5F0XOML39TRiEw@mail.gmail.com>
References: <148455739520.22478.14651605359463322132.idtracker@ietfa.amsl.com> <CAJ3w4NdCk8CBfNagcXT_VW_50+=xK=N7aB5HHqqn3stMt7Gy-Q@mail.gmail.com> <CAJE_bqf_AP9w1Bh_5kSB4YkLaV9XJ1tngufAiOMxVqQLwMruNA@mail.gmail.com> <aba52c11e462426bb3cbf66fcdca7783@XCH15-06-08.nw.nos.boeing.com> <CAJE_bqcG004FuUkKa0Xk1AiOo-bO4aHweYDpxMeeg+_=dSK6FQ@mail.gmail.com> <5c9ed55cfdc94456baf19740ba62910c@XCH15-06-08.nw.nos.boeing.com> <CAJE_bqeshAHmvGukto+PKs_skVPF5bnukvw8+5_04YEx_6m_sQ@mail.gmail.com> <ABDD8B01-EC93-4ADD-AF59-57332A9C255E@fugue.com> <9d9d50b20005459aafffcd8f64bfb281@XCH-ALN-003.cisco.com> <21bd317edc764fc89dc4a13aa541b1c1@XCH15-06-08.nw.nos.boeing.com> <3e5776023c0d447aaccb81dc8ec8724a@XCH-ALN-003.cisco.com> <49129cb6c19c4be3bd483ceb3312bd72@XCH15-06-08.nw.nos.boeing.com> <CAPt1N1nuL8dPWc_o_je9C5YGwVOC-jn412U2Z367RFBrgebO+A@mail.gmail.com> <CAPt1N1kt51wpxwp94RyYGTtgYpWvBs8qxhHp5F0XOML39TRiEw@mail.gmail.com>
From: Ted Lemon <mellon@fugue.com>
Date: Sat, 18 Feb 2017 12:17:10 -0500
Message-ID: <CAPt1N1ndGDz2q3ZRpzb1o51QyfzQHEZFNc0w-NmS1-Seak53-g@mail.gmail.com>
To: "Templin, Fred L" <Fred.L.Templin@boeing.com>
Content-Type: multipart/alternative; boundary=001a114b19586d4d4d0548d13368
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/v3y6RfpUcAtgLztWISVwlDNdpZY>
Cc: dhcwg <dhcwg@ietf.org>, =?UTF-8?B?56We5piO6YGU5ZOJ?= <jinmei@wide.ad.jp>, "Bernie Volz \(volz\)" <volz@cisco.com>
Subject: Re: [dhcwg] Fwd: New Version Notification for draft-ietf-dhc-sedhcpv6-20.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Feb 2017 17:17:16 -0000

Fred, I think we all agree that this problem needs to be solved. We don't
agree that work on the security draft must stop until the raan draft is
done. It's just not that hard.

On Feb 18, 2017 11:28 AM, "Templin, Fred L" <Fred.L.Templin@boeing.com>
wrote:

Hi Bernie,



My understanding  is that sedhcpv6 is intended to be a product of the IETF,

so I therefore assume that it is intended to be a product of engineering. It

has been shown that sedhcpv6 has an omission that will limit its
applicability,

and that that omission can be rather easily remedied prior to publication.
It

therefore makes good engineering sense to fix the omission now.



The proposal again is to have sedhcpv6 specify the RAAN option as part of

the base document.



Thanks - Fred



*From:* Bernie Volz (volz) [mailto:volz@cisco.com]
*Sent:* Friday, February 17, 2017 3:00 PM
*To:* Templin, Fred L <Fred.L.Templin@boeing.com>om>; Ted Lemon <
mellon@fugue.com>gt;; 神明達哉 <jinmei@wide.ad.jp>

*Cc:* dhcwg <dhcwg@ietf.org>
*Subject:* RE: [dhcwg] Fwd: New Version Notification for
draft-ietf-dhc-sedhcpv6-20.txt



I think the plan here makes some sense … seDHCPv6 has had several attempts
and been kicked back to the WG. So, I think the WG wants to go slowly and
not develop a solution until seDHCPv6 is likely to advance in the IESG
(encryption was only added fairly “recently”).



And, it isn’t like the day after seDHCPv6 is “approved” that every client
(and server) will support this. It will take time to roll out. And,
hopefully we can get the RAAN work out in a fairly short time.



In your networks, if you can’t support seDHCPv6 until you have something to
so solve the RAAN issues, you obviously can’t deploy seDHCPv6. But there
may be plenty of other networks where this isn’t an issue and it could
start to be deployed (coffee shops and enterprises).



-          Bernie



*From:* Templin, Fred L [mailto:Fred.L.Templin@boeing.com
<Fred.L.Templin@boeing.com>]
*Sent:* Friday, February 17, 2017 5:35 PM
*To:* Bernie Volz (volz) <volz@cisco.com>om>; Ted Lemon <mellon@fugue.com>om>;
神明達哉 <jinmei@wide.ad.jp>
*Cc:* dhcwg <dhcwg@ietf.org>
*Subject:* RE: [dhcwg] Fwd: New Version Notification for
draft-ietf-dhc-sedhcpv6-20.txt



Bernie,



The discussion gravitated towards not resurrecting until the sedhcpv6

I-D progresses further. We will reevaluate this once sedhcpv6 is done.



This does not make sense to me; sedhcpv6 is the very reason that RAAN is
important.

Just like RFC3971 did with IPv6 ND Timestamp and Nonce options, sedhcpv6
could

define the RAAN operation and have everything over and done with in one
pass.

And, I have already identified a use case where RAAN is absolutely
necessary.

Also, I was unable to attend  IETF97, where I certainly would have stood up
and

voiced my position.



Thanks - Fred



*From:* dhcwg [mailto:dhcwg-bounces@ietf.org <dhcwg-bounces@ietf.org>] *On
Behalf Of *Bernie Volz (volz)
*Sent:* Thursday, February 16, 2017 2:39 PM
*To:* Ted Lemon <mellon@fugue.com>om>; 神明達哉 <jinmei@wide.ad.jp>
*Cc:* dhcwg <dhcwg@ietf.org>
*Subject:* Re: [dhcwg] Fwd: New Version Notification for
draft-ietf-dhc-sedhcpv6-20.txt



I presented about resurrecting draft-ietf-dhc-dhcpv6-agentopt-delegate at
IETF-97 (see https://www.ietf.org/proceedings/97/slides/slides-
97-dhc-resurrect-draft-ietf-dhc-dhcpv6-agentopt-delegate-00.pdf).



And the conclusion then was (see https://www.ietf.org/
proceedings/97/minutes/minutes-97-dhc-00.txt):



The discussion gravitated towards not resurrecting until the sedhcpv6

I-D progresses further. We will reevaluate this once sedhcpv6 is done.



-          Bernie



*From:* dhcwg [mailto:dhcwg-bounces@ietf.org <dhcwg-bounces@ietf.org>] *On
Behalf Of *Ted Lemon
*Sent:* Wednesday, February 15, 2017 1:49 PM
*To:* 神明達哉 <jinmei@wide.ad.jp>
*Cc:* dhcwg <dhcwg@ietf.org>
*Subject:* Re: [dhcwg] Fwd: New Version Notification for
draft-ietf-dhc-sedhcpv6-20.txt



On Feb 15, 2017, at 1:32 PM, 神明達哉 <jinmei@wide.ad.jp> wrote:

I personally don't think it a blocking issue for sedhcpv6, but, of
course, the wg should decide it.



It definitely isn't a blocking issue, but Fred is right that if we are
going ahead with encryption-only, which I agree is the right move, we need
to do this work as well.