RE: [rfc2462bis] whether we need the M/O flags

["Bound, Jim" <jim.bound at hp.com>]

DHCPv6 is secure read the spec.
/jim 

> -----Original Message-----
> From: ipv6-admin@ietf.org [mailto:ipv6-admin@ietf.org] On 
> Behalf Of Alain Durand
> Sent: Wednesday, April 28, 2004 2:37 PM
> To: Tim Chown
> Cc: IETF IPv6 Mailing List
> Subject: Re: [rfc2462bis] whether we need the M/O flags
> 
> 
> On Apr 27, 2004, at 2:21 AM, Tim Chown wrote:
> 
> > On Mon, Apr 26, 2004 at 10:14:02AM -0700, Alain Durand wrote:
> >> Let me try to explain why I, as an implementor, do not 
> like the M/O 
> >> bits very much.
> >> ...
> >
> > Alain,
> >
> > Could you explain how the functionality of the O/M bits will be 
> > replaced within the ND/etc protocols?  Or should they not 
> be replaced?
> 
> I'm not convinced they are needed in the first place.
> 
> > Until now, most people have not worried about DNS resolver 
> discovery 
> > because they run dual-stack networks (and thus use IPv4 transport 
> > DNS), but hosts autoconfiguring in an IPv6-only environment need a 
> > method to get DNS and other configuration info.  I agree 
> they can just 
> > try DHCPv6, rather than being told to do so.  So is your 
> argument that 
> > the client should decide which protocols to try, as per 
> IPv4, rather 
> > than be "forced" to use DHCPv6 when
> > DHCPv6 may not be secure?
> 
> It has nothing to do with DHCPv6 being secure or not.
> I think it is up to the client to decide what to do. I have 
> nothing against hints provided by the network that DHCPv6 may 
> be here, but I'm not comfortable in having host being told to 
> use it despite other configuration they may have.
> 
> > But whether the client decides to use DHCP, or an RA tells it to do 
> > so, there is no way to know whether the DHCP response is 
> from a real 
> > or malicious server
> > (who uses authenticated DHCP? :).   And if you're not using 
> DHCP you 
> > trust
> > the RA for the network settings anyway.
> 
> not necessarily. You can use manual config. Or still use 
> stateless autoconf and have an external verification.
> 
> >  So isn't SEND the answer to this,
> > rather than deprecating flags?   You either run in an 
> > authenticated/trusted
> > environment, or you don't...
> 
> I agree with you for the M bit. Not for the O bit, as you can 
> trivially mount attacks that were more difficult to do 
> before. Overriding the configuration of the DNS server would 
> be much more difficult to detect than overriding the default router.
> 
> 	- Alain.
> 
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
> 
> 

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------