Hello,
I have a small comment on section 4 of your draft:
" DHCPv6 message (from either a server, relay
agent or client) with a CGA as source address, can carry the CGA
Parameters data structure and a digital signature. The receiver can
verify both the CGA and signature, then process the payload of the
DHCPv6 message only if the validation is successful. In this way
DHCPv6 messages can be protected."
Maybe I missed something, but what is the gain from a security point of
view ? An attacker can still generate its own CGA and craft misleading
DHCP messages. Maybe you implicitly implied there was a mechanism similar
to ADD of SEND or that the Public Key is learned in a previous RS/RA
message exchange and ADD has been performed on the CGA. Either way, the
text seems unclear on this point, can you clarify this text in the next
version ?
Best regards,
Tony Cheneau
_______________________________________________
CGA-EXT mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cga-ext
