The Authentication Suboption for the Dynamic Host Configuration Protocol (DHCP) Relay Agent Option
RFC 4030

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>, 
    dhc mailing list <>, 
    dhc chair <>
Subject: Protocol Action: 'The Authentication Suboption for the 
         DHCP Relay Agent Option' to Proposed Standard 

The IESG has approved the following document:

- 'The Authentication Suboption for the DHCP Relay Agent Option '
   <draft-ietf-dhc-auth-suboption-06.txt> as a Proposed Standard

This document is the product of the Dynamic Host Configuration Working 

The IESG contact persons are Margaret Wasserman and Mark Townsley.

A URL of this Internet-Draft is:

Technical Summary
   The DHCP Relay Agent Information Option (RFC 3046) conveys
   information between a DHCP Relay Agent and a DHCP server. This
   specification defines an authentication suboption for that option
   which supports source entity authentication and data integrity for
   relayed DHCP messages. The authentication suboption contains a
   cryptographic signature in its payload.
Working Group Summary
This is a work item of the DHCP WG.  There was WG consensus to 
advance this work.  While working on this draft and the related
draft draft-ietf-dhc-relay-agent-ipsec, there was extensive
discussion in the WG regarding which should be "mandatory to
implement".  The WG reached a conclusion that there are valid
reasons to prefer either choice, and they have chosen to proceed
with to draft, both optional to implement (since relay agents
are widely deployed today with no authentication).  We are 
working on wording that will explain this choice in response to
Allison's discuss on the relay-agent-ipsec document, and will
include corresponding wording here when that issue is resolved.
Protocol Quality
This document was reviewed for the IESG by Margaret Wasserman.