[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt

To: Ralph Droms <rdroms@cisco.com>
Subject: Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt
From: Pekka Savola <pekkas@netcore.fi>
Date: Mon, 22 Mar 2004 15:08:08 +0200 (EET)
Cc: v6ops@ops.ietf.org
In-reply-to: <4.3.2.7.2.20040319055603.00c43600@flask.cisco.com>

On Fri, 19 Mar 2004, Ralph Droms wrote:
> In section 4.1.2, while the statement "The basic use of DHCP is insecure." 
> is technically true, it does not apply to the discussion of DHCPv6 prefix 
> delegation.  Section 15 of RFC3396 gives specific guidelines for the use of 
> DHCPv6 authentication for DHCPv6 PD.  DHCPv6 authentication is defined as 
> part of the base DHCPv6 specification, in section 21 of RFC3315.

Right.

> The statement "To be useful in such environment in practice, the practical 
> details of managing the DHCP authentication need to be analyzed." needs to 
> be explained.  How is the authentication specified in RFC3315 and 
> recommended for DHCPv6 PD in RFC3396 not adequate?

(Operational) key management seems problematic, even though DHCP 
provides support for that.

Maybe reword:

   The basic use of DHCP is insecure. This may be a problem if the link
   between gateway and ISP is shared by multiple subscribers. DHCP
   specification includes authentication options, but does not describe
   the task of managing the keys, and how the information would be
   shared between the customer and the ISP.  To be useful in such
   environment in practice, the practical details of managing the DHCP
   authentication need to be analyzed.

to:

   DHCP is insecure unless authentication is used. This may be a
   particular problem if the link between gateway and ISP is shared by 
   multiple subscribers. DHCP specification includes authentication 
   options, but the operational procedures for managing the keys and 
   methods for sharing the required information between the customer 
   and the ISP are unclear.  To be secure in such environment in 
   practice, the practical details of managing the DHCP authentication 
   need to be analyzed.

Perhaps that is a bit more fair statement of the issue(s) involved.

> What are the security implications of ND proxy?

Roughly equal or slightly worse, but then again, it would probably not
be applicable in this specific ("multiple subscribers in one big LAN")
environment in any case.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

Follow-Ups:
- Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt
  - From: Ralph Droms <rdroms@cisco.com>

References:
- Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt
  - From: Ralph Droms <rdroms@cisco.com>

Prev by Date: Re: [tcpm] TCP, multiple addresses and soft errors when connecting
Next by Date: RE: Recent navel gazing - we need to stop wasting cycles on FUD
Previous by thread: Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt
Next by thread: Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt
Index(es):
- Date
- Thread