[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dhcwg] [New I-D] DHCP User-based Authentication

To: Amy Zhao <zhaoyuping at huawei.com>
Subject: Re: [dhcwg] [New I-D] DHCP User-based Authentication
From: Eliot Lear <lear at cisco.com>
Date: Wed, 11 Oct 2006 08:26:45 +0200
Authentication-results: sj-dkim-4.cisco.com; header.From=lear@cisco.com; dkim=pass ( sig from cisco.com verified; );
Cc: dhcwg at ietf.org
Dkim-signature: a=rsa-sha1; q=dns; l=564; t=1160548007; x=1161412007; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=lear@cisco.com; z=From:Eliot=20Lear=20<lear@cisco.com> |Subject:Re=3A=20[dhcwg]=20[New=20I-D]=20DHCP=20User-based=20Authentication; X=v=3Dcisco.com=3B=20h=3DPudNmJyZCJP4ypN2YeIgRYjo7Wg=3D; b=fzDS50Tlt+J10b0ezIC7n6Bl/wyDIsNecHUrx/Vwb+QQP0UsswkJCElaqNh7610pT30fZLMS i6rDIx2U/ALWsvrE9b8/4RDmn0K7zBn8oAQOf/3H92bKs+yKMNTVchxN;
In-reply-to: <005201c6ea86$dd069070$1b05a40a@china.huawei.com>
List-help: <mailto:dhcwg-request@ietf.org?subject=help>
List-id: dhcwg.ietf.org
List-post: <mailto:dhcwg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
References: <005201c6ea86$dd069070$1b05a40a@china.huawei.com>
User-agent: Thunderbird 1.5.0.7 (Macintosh/20060909)

I have the following three questions:

   1. Why is DHCP the correct protocol to do user-based authentication?
   2. How would this work interact with RFC 3118 (as mentioned by Andre
      Kostur)?
   3. At this late date it seems wise to at least address the issue of
      the authentication server proving itself to the connecting
      device.  This seems to me to change the nature of risk with regard
      to who is giving up information.  What in your proposal is to
      prevent a rogue DHCP server from snarfing passwords?

Thanks,

Eliot

_______________________________________________
dhcwg mailing list
dhcwg at ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

Follow-Ups:
- RE: [dhcwg] [New I-D] DHCP User-based Authentication
  - From: Amy Zhao

References:
- [dhcwg] [New I-D] DHCP User-based Authentication
  - From: Amy Zhao

Prev by Date: RE: [dhcwg] [New I-D] DHCP User-based Authentication
Next by Date: RE: [dhcwg] [New I-D] DHCP User-based Authentication
Previous by thread: [dhcwg] [New I-D] DHCP User-based Authentication
Next by thread: RE: [dhcwg] [New I-D] DHCP User-based Authentication
Index(es):
- Date
- Thread