IETF Logo Mail Archive

Re: [Geopriv] Confirmation of GEOPRIV IETF 68 Working Group Hums

"David W. Hankins" <David_Hankins@isc.org> Wed, 27 June 2007 21:01 UTC

Return-path: <geopriv-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I3edx-00056n-Ra; Wed, 27 Jun 2007 17:01:41 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HgmBI-0003r2-5s; Wed, 25 Apr 2007 14:25:32 -0400
Received: from goliath.isc.org ([2001:4f8:3:bb::72]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HgmBG-00046T-EG; Wed, 25 Apr 2007 14:25:32 -0400
Received: by goliath.isc.org (Postfix, from userid 10200) id 6B99D7D2D; Wed, 25 Apr 2007 11:25:15 -0700 (PDT)
Date: Wed, 25 Apr 2007 11:25:15 -0700
From: "David W. Hankins" <David_Hankins@isc.org>
To: ietf@ietf.org
Subject: Re: [Geopriv] Confirmation of GEOPRIV IETF 68 Working Group Hums
Message-ID: <20070425182515.GB30775@isc.org>
References: <8EE0969F-E866-49E7-AAFC-5B9845BCB419@cisco.com> <198A730C2044DE4A96749D13E167AD370124CCA9@MOU1WNEXMB04.vcorp.ad.vrsn.com>
Mime-Version: 1.0
In-Reply-To: <198A730C2044DE4A96749D13E167AD370124CCA9@MOU1WNEXMB04.vcorp.ad.vrsn.com>
User-Agent: Mutt/1.5.9i
X-Spam-Score: -2.3 (--)
X-Scan-Signature: 10d3e4e3c32e363f129e380e644649be
X-Mailman-Approved-At: Wed, 27 Jun 2007 17:01:32 -0400
Cc: GEOPRIV WG <geopriv@ietf.org>
X-BeenThere: geopriv@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Geographic Location/Privacy <geopriv.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:geopriv@ietf.org>
List-Help: <mailto:geopriv-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1633212604=="
Errors-To: geopriv-bounces@ietf.org

On Wed, Apr 25, 2007 at 06:50:28AM -0700, Hallam-Baker, Phillip wrote:
> But how does my application access it?

The "proper" way from my point of view would be to read from your
system's option cache, so whatever DHCP the system does filters
down to applications.


> DHCP is not something that an application layer program should be allowed
> to perform.

Amen, brother!  But, you're preaching to the choir.

Macromedia Flash Proxy whatsimahoosits...sends a DHCPINFORM.
Doesn't set ciaddr, chaddr, htype or hlen.  Let me tell you,
becoming "similarly compatible" to this as other servers
evidently are was not an experience I would like to repeat.  [1]

Microsoft Industry Update Control.  Refuses to stop sending
DHCPINFORMs until any server responds with the WPAD option,
without placing that option on the PRL.  [2]


> It is a security issue. For good reason performing DHCP operations
> requires privileges beyond mere network connectivity on Windows.

I expect it doesn't, actually, as the relevant flash proxy bits
are sufficiently nonpriveleged.  That's via a "dot net" facility,
I've been told.  I see no reason to hold the system's option cache
secret from applications, when taht cache is got by a packet that
anyone can sniff off the wire.  I understand that applications
such as Opera, Firefox, and ID [3], are said to digest at least
one option in this way.

But, I'm not a "Windows guy," so if someone knows how that actually
works it would be helpful.  I just know that it works from the
outside looking in.


> That is why configuring application programs from DHCP never caught on.  

The reason you have made this statement is false.

But that doesn't, on its own, mean that the conclusion is false.  I
would say it certainly is not mainstream, but it is pervasive.


[1] http://marc.info/?l=dhcp-server&m=113466843320099&w=2

[2] http://marc.info/?l=dhcp-server&m=110928450802695&w=2

[3] http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol

[4] http://www.ietf.org/proceedings/99nov/I-D/draft-ietf-wrec-wpad-01.txt

    "The DHCP option code for WPAD is 252 by agreement of the DHC working 
     group chair."

    Possible alternative text:

    "I can't believe it's not IANA!"

-- 
David W. Hankins	"If you don't do it right the first time,
Software Engineer		you'll just have to do it again."
Internet Systems Consortium, Inc.	-- Jack T. Hankins

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv

v2.23.0 | Report a Bug | By Email