Hello, Brian.
As I presented last IETF 6MAN meeting, our draft aims to provide automatic
revocation of DHCPv6 clients in case that invocation of clients can be done in
accordance with the RFC2462. Thus, requirement of our security model is that we
should not intoduce additional threats to the
It would seem quite dangerous to enable/disable DHCPv6 clients
arbitrarily based on bit settings in un-protected RA messages.
This support already exists with the definition of the M O bits.
Setting these in an RA means run DHCPv6. As Joseph pointed out, the
draft defines a mechanism to stop
So, given this, I can't see how this adds any security issues that don't
already exist (ie, to cause DHCPv6 to be run). If DHCPv6 is not
requested by valid RAs, all rogue RAs can do is cause DHCPv6 to be run.
Right. In addition, though the revocation method in the draft, clients invoked
by