Re: [Gen-art] Gen-ART LC Review of draft-ietf-dhc-forcerenew-nonce-03

Ted Lemon <> Tue, 14 February 2012 13:52 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id AF07C21F869D; Tue, 14 Feb 2012 05:52:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -105.625
X-Spam-Status: No, score=-105.625 tagged_above=-999 required=5 tests=[AWL=-0.830, BAYES_00=-2.599, HTML_MESSAGE=0.001, LONGWORDS=1.803, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id MVobxRrWo+0S; Tue, 14 Feb 2012 05:52:53 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id AD0C721F8602; Tue, 14 Feb 2012 05:52:50 -0800 (PST)
Received: from ([]) (using TLSv1) by ([]) with SMTP ID; Tue, 14 Feb 2012 05:52:51 PST
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by (Postfix) with ESMTP id 11D6C1B82FC; Tue, 14 Feb 2012 05:52:47 -0800 (PST)
Received: from ( []) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client CN "", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by (Postfix) with ESMTPS id F38CF190052; Tue, 14 Feb 2012 05:52:46 -0800 (PST) (envelope-from
Received: from MBX-01.WIN.NOMINUM.COM ([]) by CAS-02.WIN.NOMINUM.COM ([]) with mapi id 14.01.0339.001; Tue, 14 Feb 2012 05:52:41 -0800
From: Ted Lemon <>
To: Maglione Roberta <>
Thread-Topic: Gen-ART LC Review of draft-ietf-dhc-forcerenew-nonce-03
Thread-Index: AQHM5SWUy8EqSdK3C0aOhQFr8l21aJY2slwAgAG8tQCAA3NmAIAA3poAgAA6lIA=
Date: Tue, 14 Feb 2012 13:52:40 +0000
Message-ID: <>
References: <> <282BBE8A501E1F4DA9C775F964BB21FE3EC1467FB2@GRFMBX704BA020.griffon.local> <> <> <282BBE8A501E1F4DA9C775F964BB21FE3EC1467FC5@GRFMBX704BA020.griffon.local>
In-Reply-To: <282BBE8A501E1F4DA9C775F964BB21FE3EC1467FC5@GRFMBX704BA020.griffon.local>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_F96A644A5ABF47E8A519FA6A252FA03Bnominumcom_"
MIME-Version: 1.0
Cc: Ben Campbell <>, The IETF <>, " Review Team" <>, "" <>, Ullio Mario <>, "Henderickx, Wim (Wim)" <>
Subject: Re: [Gen-art] Gen-ART LC Review of draft-ietf-dhc-forcerenew-nonce-03
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 14 Feb 2012 13:52:59 -0000

On Feb 14, 2012, at 5:23 AM, Maglione Roberta wrote:
Please let me know if you have additional comments.

Thanks!   I think you should change this text in the introduction:

The mandatory authentication was
   originally motivated by a legitimate security concern whereby in some
   network environments DHCP messages can be spoofed and an attacker
   could more accurately guess the timing of DHCP renewal messages by
   first sending a FORCERENEW message.  However, in some networks native
   security mechanisms already provide sufficient protection against
   spoofing of DHCP traffic.  An example of such network is a Broadband
   Forum TR-101 [TR-101i2] compliant access network.  In such
   environments the mandatory coupling between FORCERENEW and DHCP
   Authentication [RFC3118] can be relaxed and a lighter authentication
   mechanism can be used for the FORCERENEW message.

To this:

[paragraph break]
The motivation for making authentication mandatory in DHCPFORCERENEW was to prevent an off-network attacker from taking advantage of DHCPFORCERENEW to accurately predict the timing of a DHCP renewal.   Without DHCPFORCERENEW, DHCP renewal timing is under the control of the client, and an off-network attacker has no way of predicting when it will happen, since it doesn't have access to the exchange between the DHCP client and DHCP server.

However, the requirement to use the DHCP authentication described in RFC3118 is more stringent than is required for this use case, and has limited adoption of DHCPFORCERENEW.   RFC3315 defines an authentication protocol using a nonce to prevent off-network attackers from successfully causing clients to renew.   Since the off-network attacker doesn't have access to the nonce, it can't trick the client into renewing at a time of its choosing.