Hi,
i have a few comments on draft-jiang-csi-dhcpv6-cga-ps-03.txt
In section 3. What DHCPv6 can do for CGA it reads:
Generating a key pair, which will be used to generate a CGA, also
requires a notable computation. Generation and distribution of a key
pair can also be done by DHCPv6 server. Of course, when designing
these new functions, one should carefully consider the impact on
security. However, the security considerations of specific solutions
are out of scope of this document.
While i agree that the security aspects of a specific solution are out
of scope, i am not sure we can completelly dump the issue. I mean, in
order for the DHCP server to convey the SEC information, the ecurity is
critical. Is it really feasible to provide enough security, without
breaking the dhcp model? I think further analysis on this is needed.
Then, in 4. What CGA can do for DHCPv6, it is described that CGa can be
used to secure dhcp. Now, i think a bit more analysis of what features
would be provided if we do this i.e. what types of attacks are
prevented, it would be useful AFAICT, this would much like an ssh type f
security (i.e. also called oportunistic or leap of faith security) I
think this is worht the trouble, But i think needs to be more clearly
stated.
So, if we cover these two topics, i think the document does a fairly
good job analysis the different apsects. Now, i think it would be
interesting also to discuss (even though maybe not include in the
document at this point) what parts of this interaction we would like to
work on if any.
Regards, marcelo
_______________________________________________
CGA-EXT mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cga-ext
