Sign in
Version 5.13.0, 2015-03-25
Report a bug

Secure DHCPv6 Using CGAs

Document type: Expired Internet-Draft (dhc WG)
Document stream: IETF
Last updated: 2013-04-17 (latest revision 2012-09-14)
Intended RFC status: Proposed Standard
Other versions: (expired, archived): plain text, pdf, html

IETF State: WG Document
Document shepherd: No shepherd assigned

IESG State: Expired (IESG: Dead)
IANA Review State: IANA - Review Needed
IANA Action State: None
Responsible AD: Ted Lemon
IESG Note: Ted Lemon ( is the document shepherd.
Send notices to:,

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found here:


The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) enables DHCPv6 servers to pass configuration parameters. It offers configuration flexibility. If not secured, DHCPv6 is vulnerable to various attacks, particularly spoofing attacks. This document analyzes the security issues of DHCPv6 and specifies a Secure DHCPv6 mechanism based on using CGAs.


Sheng Jiang <>
Sean Shen <>

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid)