Secure DHCPv6 Using CGAs

Document Type Replaced Internet-Draft (individual)
Last updated 2010-02-04
Replaced by draft-ietf-dhc-secure-dhcpv6
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-dhc-secure-dhcpv6
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) enables DHCP servers to pass configuration parameters. It offers configuration flexibility. If not secured, DHCPv6 is vulnerable to various attacks, particularly fake attack. This document analyzes the security issues of DHCPv6 and specifies security mechanisms, mainly using CGAs.


Sheng Jiang (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)