Last Call Review of draft-ietf-dhc-dhcpv6-opt-netboot-
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments.
The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) provides a
framework for passing configuration information to nodes on a
network. This document describes new options for DHCPv6 which are
required for booting a node from the network.
This is a simple and straightforward DHCPv6 extensions. The Security considerations section is appropriate. Authors may consider highlighting the fact that downloading the wrong operating system could lead to compromise of data on local storage:
7. Security considerations
In untrusted networks, a rogue DHCPv6 server could send the new
DHCPv6 options described in this document. The booting clients could
then be provided with a wrong URL so that the boot either fails, or
even worse, the client boots the wrong operating system which has
been provided by a malicious file server. To prevent this kind of
attack, clients can use authentication of DHCPv6 messages (see
chapter 21. in [RFC3315]).