[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!

To: "Bernie Volz (volz)" <volz at cisco.com>
Subject: Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
From: Robert Elz <kre at munnari.OZ.AU>
Date: Tue, 15 Jul 2008 01:36:47 +0700
Cc: dhcwg at ietf.org, "Mark Stapp $mjs$" <mjs at cisco.com>
Delivered-to: ietfarch-dhcwg-web-archive at core3.amsl.com
Delivered-to: dhcwg at core3.amsl.com
In-reply-to: <8E296595B6471A4689555D5D725EBB21080CA1A1@xmb-rtp-20a.amer.cisco.com>
List-archive: <https://www.ietf.org/mailman/private/dhcwg>
List-help: <mailto:dhcwg-request@ietf.org?subject=help>
List-id: <dhcwg.ietf.org>
List-post: <mailto:dhcwg@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
References: <8E296595B6471A4689555D5D725EBB21080CA1A1@xmb-rtp-20a.amer.cisco.com> <8E296595B6471A4689555D5D725EBB21080CA037@xmb-rtp-20a.amer.cisco.com> <8E296595B6471A4689555D5D725EBB21080C9FAD@xmb-rtp-20a.amer.cisco.com> <8E296595B6471A4689555D5D725EBB21080C9F72@xmb-rtp-20a.amer.cisco.com> <808.1216031570@epsilon.noi.kre.to> <005401c8e5b0$4607f2f0$c80c6f0a@china.huawei.com> <13363.1216042143@epsilon.noi.kre.to> <11031.1216046188@epsilon.noi.kre.to> <6140.1216057704@epsilon.noi.kre.to>
Sender: dhcwg-bounces at ietf.org

    Date:        Mon, 14 Jul 2008 14:04:58 -0400
    From:        "Bernie Volz (volz)" <volz at cisco.com>
    Message-ID:  <8E296595B6471A4689555D5D725EBB21080CA1A1 at xmb-rtp-20a.amer.cisco.com>

  | Actually, I suspect that both client and server have to deal with it as

I knew that using "client" was touchy - I mean the receiver of the option,
whatever role they play in the DHCP exchange. "client" was just easier
to type.   Apologies...

  | For a received packet, the node would already have had to find the
  | location of the option containing this data and it also has the length
  | (of the option as well as the packet). So, to skip to the end of the
  | option isn't exactly rocket science (start of option + sizeof(unsigned
  | short) + sizeof(unsigned short) + length of option data).

No, it's not, but do you want to imagine the number of off by one type
errors code like that has experienced over history - like does the code
remember the length field does, or does not, include the size of the
length field itself, ...  (as you write it above, clearly it doesn't,
but in other usages, it does, and implementors get confused...)  And
if in practice there's never anything there, the bug lies dormant.
That's what I was most worried about.

  | When sending a packet, putting the packet together is a bit more complex
  | if the option isn't at the end, especially if the size of the field
  | isn't known. But again, that is an implementation issue and left to the
  | implementer - it can always be added "last" or dealt with by moving the
  | parts of the data around.

Yes, I am not so much worried about the sender, which can do things as it
desires - though as I started to say in the paragraph I didn't finish typing
I now realise, ideally you don't want the private key to be in use more than
it needs to be, so requiring it to be accessed twice, once for a length
calc, and once for the sig calc, seems like just bad design.

But this is the kind of thing that someone who really understands the security
issues should be examining, and that is certainly not me.

kre

ps: really for the last time, unless of course I get a question I must
answer...

_______________________________________________
dhcwg mailing list
dhcwg at ietf.org
https://www.ietf.org/mailman/listinfo/dhcwg

References:
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Bernie Volz (volz)
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Bernie Volz (volz)
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Bernie Volz (volz)
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Bernie Volz (volz)
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Robert Elz
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Robert Elz
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Robert Elz
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Robert Elz

Prev by Date: Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
Next by Date: [dhcwg] DHCPv6 and DHCPv4 Vendor Message Drafts (Individual Submissions) / Agenda Time Request
Previous by thread: Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
Next by thread: Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
Index(es):
- Date
- Thread