marcelo bagnulo braun wrote: [...] >>> - DHCP support for CGAs. An analysis of possible approaches to allow >>> the usage of the DHCP protocol to assign CGAs will be produced. The >>> output of the analysis will be an informational document describing >>> the recommended approaches that will be provided as an input to the >>> DHC working group where the actual DHCP extensions needed for the >>> recommended approaches will be defined. >> >> DHCP and security shouldn't be mixed > > not sure what do you mean here, but considering that CGAs are addresses > and that CGAs are used for security and that some folks may want to use > dhcp for configuring CGAs, then it seems that there should be some > relation here... > >> - for laughs, look at the current DHCPv6.. It basically assumes that >> all network links DHCPv6 is used on are trusted, > > that may be a reasonable assumption when current parameters are > configured, but probably this is not a valid assumption when we want to > configure cgas which will be used for security purposes, i guess > >> and effectively due to that anyone on the server-relay, or >> relay-client legs could 'acquire' the CGA information if you really >> pushed the address+key tuple that way. > > this is certainly a model, but it is not the only one. > > I mean, it really depends what are the motivations for using dhcp and > what are the motivations for using CGAs. I mean this model assumes an > underlying trust model, where the node can fully trust not only the > links but also the dhcp server. It may well be the case that the node > doesn't want to dhcp server to have its CGA key or that simply you > cannot trust the underlying links for this purposes.
I agree that there are some challenges, but we should work on understanding what those are, and see if it is worthwhile to work on it. I for one would like to think more about that (I guess you may have thought more about this than me Markus :) I have only passing knowledge of CGAs, but I wonder if there could also be ways of proving that an address really was handed out by a given DHCP server. Stig > >> >> I don't see a single good reason for standardizing that but multiple >> reasons why not to. If someone really cares, I can provide the reasons >> off-band :) >> > > please expand on this since seems to be a central point for this > proposed item > > Thanks again, marcelo > >> Cheers, >> >> -Markus >> >> > > > > _______________________________________________ > Int-area mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/int-area _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
