Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 - Respond by Nov 3, 2014
神明達哉 <jinmei@wide.ad.jp> Wed, 29 October 2014 17:58 UTC
Return-Path: <jinmei.tatuya@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF2051A8745 for <dhcwg@ietfa.amsl.com>; Wed, 29 Oct 2014 10:58:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.978
X-Spam-Level:
X-Spam-Status: No, score=-0.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UoHQnXXuZYhy for <dhcwg@ietfa.amsl.com>; Wed, 29 Oct 2014 10:58:46 -0700 (PDT)
Received: from mail-wi0-x236.google.com (mail-wi0-x236.google.com [IPv6:2a00:1450:400c:c05::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 874311A01EA for <dhcwg@ietf.org>; Wed, 29 Oct 2014 10:58:26 -0700 (PDT)
Received: by mail-wi0-f182.google.com with SMTP id d1so5324202wiv.9 for <dhcwg@ietf.org>; Wed, 29 Oct 2014 10:58:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=IqmcMSN2qqYaExpSC7QIzfldTjs2v9Xx5QhXmo9ZwzU=; b=vgbBrGFx5/P0RZZL0Z+35HHbeNRfvsL6riLi3h12KmpL0Meiy3F4fuhlHoJ0x1W44M Ei8aYaCDvt6WwoZDqljp3h6QkcRa7FRfkeqTbSWncpUR/qNiDEglGNLbs6tNcbOZhmJB hpvChcnVh72ANxBlgJGCLhGzswLw1X3fwFYZsWqKL0IYyC6AkkSxkQN9PvssfvoRz1Mo UIRP2+ai//a/Hm8mT7bFgDoDGIvOBYUQISbIunKUM3azD7fHrLm5v6b8gYzI5wEAaIIm Kl20AqQhpauSyAFyzF/uK9MF4FWMsRLMdq42Ozj8ZidFRUPQPuF2r7XzQ7HZy2UWZaEv C4vw==
MIME-Version: 1.0
X-Received: by 10.194.8.73 with SMTP id p9mr14461297wja.87.1414605505038; Wed, 29 Oct 2014 10:58:25 -0700 (PDT)
Sender: jinmei.tatuya@gmail.com
Received: by 10.194.19.136 with HTTP; Wed, 29 Oct 2014 10:58:24 -0700 (PDT)
In-Reply-To: <2134F8430051B64F815C691A62D9831832D6E707@XCH-BLV-504.nw.nos.boeing.com>
References: <489D13FBFA9B3E41812EA89F188F018E1B6F6882@xmb-rcd-x04.cisco.com> <2134F8430051B64F815C691A62D9831832D5B51E@XCH-BLV-504.nw.nos.boeing.com> <5D36713D8A4E7348A7E10DF7437A4B923AF6A5C0@nkgeml512-mbx.china.huawei.com> <2134F8430051B64F815C691A62D9831832D6E707@XCH-BLV-504.nw.nos.boeing.com>
Date: Wed, 29 Oct 2014 10:58:24 -0700
X-Google-Sender-Auth: b_9EIL0OZGSqH4EZdVNvGXiJR0U
Message-ID: <CAJE_bqeLugy4UuJdT2wLYN6Kr_B-WGBnqXo5x5j0iNGAmCqNCA@mail.gmail.com>
From: 神明達哉 <jinmei@wide.ad.jp>
To: "Templin, Fred L" <Fred.L.Templin@boeing.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/dhcwg/vHOfaXt-KyFfRGFI8mWp5v5fsLI
Cc: "dhcwg@ietf.org" <dhcwg@ietf.org>, "Bernie Volz (volz)" <volz@cisco.com>
Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 - Respond by Nov 3, 2014
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Oct 2014 17:58:48 -0000
At Tue, 28 Oct 2014 14:56:35 +0000, "Templin, Fred L" <Fred.L.Templin@boeing.com> wrote: > > This version has provided a certificate-based mechanism for the client to authenticated by the server. It is assuming the client has a > > certificate honored by the server. > > Right, I saw that but help me out here. If the client claims a DUID is the certificate > proof enough that the client is the authorized owner of the DUID? In my understanding it's not guaranteed by the described protocol: any client that has a valid certificate can "steal" someone else's DUID in a signed DHCPv6 message that will be validated. Enforcing it could be part of the server implementation/configuration, though. -- JINMEI, Tatuya
- [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 - Res… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Templin, Fred L
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Sheng Jiang
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Templin, Fred L
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Templin, Fred L
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Templin, Fred L
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Templin, Fred L
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Templin, Fred L
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Sheng Jiang
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Templin, Fred L
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Francis Dupont
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Francis Dupont
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Francis Dupont
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Francis Dupont
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Sheng Jiang
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Tomek Mrugalski
- [dhcwg] WGLC summary on draft-ietf-dhc-sedhcpv6-0… Tomek Mrugalski
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 -… Sheng Jiang
- Re: [dhcwg] WGLC summary on draft-ietf-dhc-sedhcp… Sheng Jiang