Secure DHCPv6 with Public Key

The information below is for an old version of the document
Document Type None Internet-Draft (dhc WG)
Last updated 2014-06-19
Replaces draft-jiang-dhc-sedhcpv6
Stream IETF
Intended RFC status (None)
Expired & archived
pdf htmlized bibtex
Additional URLs
- Mailing list discussion
Stream WG state (None)
Document shepherd Tomek Mrugalski
IESG IESG state Unknown state
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) enables DHCPv6 servers to pass configuration parameters. It offers configuration flexibility. If not secured, DHCPv6 is vulnerable to various attacks, particularly spoofing attacks. This document analyzes the security issues of DHCPv6 and specifies a Secure DHCPv6 mechanism for communication between DHCPv6 clients and DHCPv6 servers. This mechanism is based on public/private key pairs. The authority of the sender may depend on either pre-configuration mechanism or Public Key Infrastructure.


Sheng Jiang (
Sean Shen (
Dacheng Zhang (
Tatuya Jinmei (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)