Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Relay Agent Subscriber-ID Option
RFC 4580
Yes
No Objection
Note: This ballot was opened for revision 01 and is now closed.
(Margaret Cullen; former steering group member) Yes
(Allison Mankin; former steering group member) No Objection
No further objection, but I agree with Mark, this one needs highlighted security comments - not just the usual pointer to the weak security of DHCP. I think DHCP needs an a document like DNS's RFC 3833, which might stimulate some action towards work about DHCP spoof prevention which is not otherwise happening.
(Bert Wijnen; former steering group member) (was Discuss) No Objection
(Bill Fenner; former steering group member) No Objection
(Brian Carpenter; former steering group member) No Objection
I did wonder whether reference [4] shouldn't be normative.
(Jon Peterson; former steering group member) No Objection
(Mark Townsley; former steering group member) (was Discuss) No Objection
This is a "subscriber ID" used for roaming between access points, apparantly sent in the clear. It seems to me that there should be some mention in the security considerations section that if this value is snooped, it could be used to aid in hijacking service of the subscriber.
(Russ Housley; former steering group member) No Objection
(Sam Hartman; former steering group member) No Objection
(Scott Hollenbeck; former steering group member) No Objection
(Ted Hardie; former steering group member) No Objection
I agree with Brian that [4] is probably normative, as it is a normative reference in RFC3993, which is noted as a source document in the Acknowledgements. This seems like something that can be fixed in AUTH48, though.