Technical Summary:
This document specifies a new security mechanism for DHCPv6 based
Cryptographically Generated Addresses (CGAs).
Working Group Summary:
This document was first presented to the DHC working group in
August of 2010. There was significant interest in the document at
that time, and it was reviewed by several key DHC participants,
myself included.
At the time my feeling about the document was that it lacked
clarity and might not be implementable; I also didn't feel
comfortable that the document had been vetted by anybody with
expertise in security other than the authors. At my urging, the
authors sought review from Stephen Kent and the security
directorate, and updated the document to address their comments.
I still wasn't happy with the document, and other work intervened,
so it languished for a while, finally passing last call with fairly
limited support but no opposition in July of 2012.
Because I still wasn't happy with the document (I felt it lacked
clarity) I worked with Sheng at the summer IETF to address the
problems I saw in it, and we managed to do a pretty good rewrite to
address my concerns.
The document at this point is pretty solid, although I think it
will benefit from IESG review. I wish we'd gotten broader
participation during the working group last call, but it's a
difficult document, and getting the review we did was hard
enough--several people who reviewed it in 2011 didn't remember in
2012 that they'd reviewed it. I think the work is important, so
I'd rather advance it with the support we had than drop it and lose
the work.
Document Quality:
I'm not aware of any existing implementations. The people who
reviewed the document are mentioned in the acknowledgements
section.
Personnel:
Ted Lemon is the document shepherd. Ralph Droms is the responsible
AD.
RFC Editor Note
(Insert RFC Editor Note here or remove section)
IRTF Note
(Insert IRTF Note here or remove section)
IESG Note
(Insert IESG Note here or remove section)
IANA Note
(Insert IANA Note here or remove section)