Forcerenew Nonce Authentication
RFC 6704
Yes
No Objection
Note: This ballot was opened for revision 04 and is now closed.
(Jari Arkko; former steering group member) Yes
Thanks for writing this document. I believe it is ready to move forward, despite the unsubstantiated worries about weakening RFC 3118 security :-) One small comment: > The server SHOULD NOT include the nonce in an ACK when responding to > a renew unless a nonce was generated. ... unless a *new* nonce was generated ...?
(Ralph Droms; former steering group member) Yes
(Adrian Farrel; former steering group member) No Objection
Should you describe a mechanism whereby the nonce can be changed? --- Section 6 Please don;t refer to this as a "proposal". It is just about to become an RFC. Use "document".
(Gonzalo Camarillo; former steering group member) No Objection
(Pete Resnick; former steering group member) No Objection
The portion of 3.1.2 which starts "The following fields are set in an DHCP authentication option for the Forcerenew Nonce Authentication Protocol:" is poorly written. The fields are not listed in order, the explanation for length is incorrect. This needs to be rewritten.
(Peter Saint-Andre; former steering group member) No Objection
I concur with the DISCUSS that Russ lodged (based on the Gen-ART review).
(Robert Sparks; former steering group member) (was Discuss) No Objection
(Ron Bonica; former steering group member) No Objection
(Russ Housley; former steering group member) (was Discuss) No Objection
(Sean Turner; former steering group member) (was Discuss) No Objection
(Stephen Farrell; former steering group member) No Objection
- I agree with Russ' discuss based on the gen-art review. - I like the idea as explained in the response to the gen-art review, but didn't get that from the abstract or writeup so I think fixing those to make the purpose of this clear (make off-path attacks hard) would be good. - What is an RDM? (3.1.3) Better to spell that out rather than force the reader off to rfc 3115. - Shouldn't there be a requirement to use a different "reconfigure key value" every single time? If those are re-used, then a client could pretend to be the server. - I guess I wondered if you can do this, why can't the server just sign the response with a private key? - Should there be an IANA registry for the type field here in case you ever want more than hmac-md5?
(Stewart Bryant; former steering group member) No Objection
(Wesley Eddy; former steering group member) No Objection