DHCPv6-Shield: Protecting against Rogue DHCPv6 Servers
RFC 7610

Revision differences

Document history

Date Rev. By Action
2015-10-14
08 (System) Notify list changed from draft-ietf-opsec-dhcpv6-shield@ietf.org, draft-ietf-opsec-dhcpv6-shield.ad@ietf.org, draft-ietf-opsec-dhcpv6-shield.shepherd@ietf.org, kk.chittimaneni@gmail.com, opsec-chairs@ietf.org, brian.e.carpenter@gmail.com to brian.e.carpenter@gmail.com
2015-08-20
08 (System) RFC published
2015-08-14
08 (System) RFC Editor state changed to AUTH48-DONE from AUTH48
2015-08-04
08 (System) RFC Editor state changed to AUTH48 from RFC-EDITOR
2015-07-28
08 (System) RFC Editor state changed to RFC-EDITOR from EDIT
2015-07-07
08 Cindy Morgan IESG state changed to RFC Ed Queue from Approved-announcement sent
2015-07-07
08 (System) RFC Editor state changed to EDIT
2015-07-07
08 (System) Announcement was received by RFC Editor
2015-07-06
08 (System) IANA Action state changed to No IC from In Progress
2015-07-06
08 (System) IANA Action state changed to In Progress
2015-07-06
08 Cindy Morgan IESG state changed to Approved-announcement sent from Approved-announcement to be sent
2015-07-06
08 Cindy Morgan IESG has approved the document
2015-07-06
08 Cindy Morgan Closed "Approve" ballot
2015-07-06
08 Cindy Morgan Ballot approval text was generated
2015-07-06
08 Joel Jaeggli Ballot writeup was changed
2015-07-06
08 Joel Jaeggli IESG state changed to Approved-announcement to be sent from Approved-announcement to be sent::Point Raised - writeup needed
2015-07-06
08 Will LIU New version available: draft-ietf-opsec-dhcpv6-shield-08.txt
2015-07-02
07 Jean Mahoney Closed request for Telechat review by GENART with state 'No Response'
2015-05-15
07 Fernando Gont IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed
2015-05-15
07 Fernando Gont New version available: draft-ietf-opsec-dhcpv6-shield-07.txt
2015-05-14
06 Cindy Morgan IESG state changed to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation::AD Followup
2015-05-14
06 Amanda Baber IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed
2015-05-13
06 Terry Manderson [Ballot comment]
Thank you for the effort invested in this document. From my reading it appears that -06 addresses the discuss raised by Ted.
2015-05-13
06 Terry Manderson [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson
2015-05-13
06 Ben Campbell
[Ballot comment]
I'm not going to block on this, but it seems weird to me that this would be a BCP. (And I see I ...
2015-05-13
06 Ben Campbell [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell
2015-05-13
06 Deborah Brungard [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard
2015-05-11
06 Alvaro Retana [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana
2015-05-07
06 Jean Mahoney Request for Telechat review by GENART is assigned to Ben Campbell
2015-05-07
06 Jean Mahoney Request for Telechat review by GENART is assigned to Ben Campbell
2015-04-20
06 Alissa Cooper
[Ballot comment]
I see that the normative recommendations about logging have been removed, so I am clearing my DISCUSS. However, I still think the document ...
2015-04-20
06 Alissa Cooper [Ballot Position Update] Position for Alissa Cooper has been changed to No Objection from Discuss
2015-04-19
06 Joel Jaeggli Telechat date has been changed to 2015-05-14 from 2015-01-22
2015-02-25
06 Fernando Gont IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed
2015-02-25
06 Fernando Gont New version available: draft-ietf-opsec-dhcpv6-shield-06.txt
2015-02-07
05 Ted Lemon
[Ballot discuss]
When I began with this DISCUSS, my understanding was that in order to implement DHCPv6 Shield and be sure of stopping all DHCP ...
2015-02-07
05 Ted Lemon
[Ballot comment]
This is the original text of this DISCUSS:

This text makes sense, but I think it needs to be changed somewhat:

  3.  ...
2015-02-07
05 Ted Lemon Ballot comment and discuss text updated for Ted Lemon
2015-02-07
05 Ted Lemon Notification list changed to draft-ietf-opsec-dhcpv6-shield@ietf.org, opsec@ietf.org, draft-ietf-opsec-dhcpv6-shield.ad@ietf.org, draft-ietf-opsec-dhcpv6-shield.shepherd@ietf.org, kk.chittimaneni@gmail.com, opsec-chairs@ietf.org, brian.e.carpenter@gmail.com from "KK Chittimaneni" <kk.chittimaneni@gmail.com>
2015-01-22
05 Cindy Morgan IESG state changed to IESG Evaluation::AD Followup from IESG Evaluation
2015-01-22
05 Brian Haberman [Ballot comment]
I agree with Stephen's point and believe that Ted's suggested change of the default behavior is one way to address that issue.
2015-01-22
05 Brian Haberman Ballot comment text updated for Brian Haberman
2015-01-22
05 Ted Lemon
[Ballot discuss]
This text makes sense, but I think it needs to be changed somewhat:

  3.  When parsing the IPv6 header chain, if the ...
2015-01-22
05 Ted Lemon [Ballot Position Update] New position, Discuss, has been recorded for Ted Lemon
2015-01-22
05 Stephen Farrell
[Ballot comment]

There is one thing here I can't figure out, maybe you can
enlighten me though...

section 5, bullet 3: this seems like another ...
2015-01-22
05 Stephen Farrell [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell
2015-01-22
05 Jari Arkko [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko
2015-01-21
05 Richard Barnes [Ballot Position Update] New position, No Objection, has been recorded for Richard Barnes
2015-01-21
05 Alia Atlas [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas
2015-01-21
05 Amanda Baber IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed
2015-01-21
05 Alissa Cooper
[Ballot discuss]
= Section 5 =

I think the point that Pete makes about sub-bullet 3 is valid, and that it's possible for an implementer ...
2015-01-21
05 Alissa Cooper
[Ballot comment]
= Section 1 =
s/meant to DHCPv6 clients/intended for DHCPv6 clients/

s/a specific ports/specific ports/

s/DCHPv6-Shield/DHCPv6-Shield/

s/only mitigates only/only mitigates/

= Section 5 ...
2015-01-21
05 Alissa Cooper [Ballot Position Update] New position, Discuss, has been recorded for Alissa Cooper
2015-01-21
05 Kathleen Moriarty
[Ballot comment]
I'd like to understand why this is a BC and if that's the right designation.  Hannes brought this up in his SecDir review: ...
2015-01-21
05 Kathleen Moriarty [Ballot Position Update] New position, No Objection, has been recorded for Kathleen Moriarty
2015-01-21
05 Martin Stiemerling [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling
2015-01-21
05 Brian Haberman [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman
2015-01-20
05 Pete Resnick
[Ballot comment]
Abstract:

  This document specifies
  a Best Current Practice for the implementation of DHCPv6 Shield.

No, this does not specify a Best ...
2015-01-20
05 Pete Resnick [Ballot Position Update] New position, No Objection, has been recorded for Pete Resnick
2015-01-20
05 Benoît Claise
[Ballot comment]
- We note that DHCPv6-Shield only mitigates only DHCPv6-based attacks
  against hosts.
Remove one "only"

-
OLD:
      DHCPv6-Shield MUST ...
2015-01-20
05 Benoît Claise [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise
2015-01-19
05 Spencer Dawkins [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins
2015-01-19
05 Fernando Gont IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed
2015-01-19
05 Fernando Gont New version available: draft-ietf-opsec-dhcpv6-shield-05.txt
2015-01-09
04 Adrian Farrel [Ballot Position Update] New position, No Objection, has been recorded for Adrian Farrel
2015-01-05
04 Barry Leiba [Ballot Position Update] New position, No Objection, has been recorded for Barry Leiba
2014-12-31
04 Joel Jaeggli IESG state changed to IESG Evaluation from Waiting for Writeup
2014-12-31
04 Joel Jaeggli [Ballot comment]
a dreft to be posted to address lc coments from ralph droms and Sheng Jiang
2014-12-31
04 Joel Jaeggli Ballot comment text updated for Joel Jaeggli
2014-12-31
04 Joel Jaeggli Placed on agenda for telechat - 2015-01-22
2014-12-31
04 Joel Jaeggli Changed consensus to Yes from Unknown
2014-12-31
04 Joel Jaeggli Ballot has been issued
2014-12-31
04 Joel Jaeggli [Ballot Position Update] New position, Yes, has been recorded for Joel Jaeggli
2014-12-31
04 Joel Jaeggli Created "Approve" ballot
2014-12-31
04 Joel Jaeggli Ballot writeup was changed
2014-12-31
04 Joel Jaeggli
As required by RFC 4858, this is the current template for the Document
Shepherd Write-Up.

Changes are expected over time. This version is dated 24 ...
2014-12-11
04 Tero Kivinen Request for Last Call review by SECDIR Completed: Has Nits. Reviewer: Hannes Tschofenig.
2014-12-01
04 (System) IESG state changed to Waiting for Writeup from In Last Call
2014-11-24
04 (System) IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed
2014-11-24
04 Amanda Baber
IESG/Authors/WG Chairs:

IANA has reviewed draft-ietf-opsec-dhcpv6-shield-04, which is currently in Last Call, and has the following comments:

We understand that this document doesn't require any ...
2014-11-24
04 Gunter Van de Velde Request for Last Call review by OPSDIR Completed: Has Nits. Reviewer: Jürgen Schönwälder.
2014-11-20
04 Tero Kivinen Request for Last Call review by SECDIR is assigned to Hannes Tschofenig
2014-11-20
04 Tero Kivinen Request for Last Call review by SECDIR is assigned to Hannes Tschofenig
2014-11-18
04 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Jürgen Schönwälder
2014-11-18
04 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Jürgen Schönwälder
2014-11-17
04 Jean Mahoney Request for Last Call review by GENART is assigned to Ben Campbell
2014-11-17
04 Jean Mahoney Request for Last Call review by GENART is assigned to Ben Campbell
2014-11-17
04 Amy Vezza IANA Review state changed to IANA - Review Needed
2014-11-17
04 Amy Vezza
The following Last Call announcement was sent out:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
CC: <opsec@ietf.org>
Reply-To: ietf@ietf.org
Sender: <iesg-secretary@ietf.org>
Subject: Last Call: <draft-ietf-opsec-dhcpv6-shield-04.txt> ...
2014-11-17
04 Amy Vezza IESG state changed to In Last Call from Last Call Requested
2014-11-17
04 Amy Vezza Last call announcement was changed
2014-11-16
04 Joel Jaeggli Last call was requested
2014-11-16
04 Joel Jaeggli Last call announcement was generated
2014-11-16
04 Joel Jaeggli Ballot approval text was generated
2014-11-16
04 Joel Jaeggli Ballot writeup was generated
2014-11-16
04 Joel Jaeggli IESG state changed to Last Call Requested from AD Evaluation
2014-11-07
04 Joel Jaeggli IESG state changed to AD Evaluation from Publication Requested
2014-11-02
04 Chittimaneni Kk
As required by RFC 4858, this is the current template for the Document
Shepherd Write-Up.

Changes are expected over time. This version is dated 24 ...
2014-11-02
04 Chittimaneni Kk Responsible AD changed to Joel Jaeggli
2014-11-02
04 Chittimaneni Kk IETF WG state changed to Submitted to IESG for Publication from WG Document
2014-11-02
04 Chittimaneni Kk IESG state changed to Publication Requested
2014-11-02
04 Chittimaneni Kk IESG process started in state Publication Requested
2014-11-02
04 Chittimaneni Kk Intended Status changed to Best Current Practice from None
2014-11-02
04 Chittimaneni Kk Changed document writeup
2014-11-02
04 Chittimaneni Kk Notification list changed to "KK Chittimaneni" <kk.chittimaneni@gmail.com>
2014-11-02
04 Chittimaneni Kk Document shepherd changed to KK Chittimaneni
2014-07-01
04 Fernando Gont New version available: draft-ietf-opsec-dhcpv6-shield-04.txt
2014-06-05
03 Fernando Gont New version available: draft-ietf-opsec-dhcpv6-shield-03.txt
2014-02-03
02 Fernando Gont New version available: draft-ietf-opsec-dhcpv6-shield-02.txt
2013-10-21
01 Fernando Gont New version available: draft-ietf-opsec-dhcpv6-shield-01.txt
2012-12-12
00 Fernando Gont New version available: draft-ietf-opsec-dhcpv6-shield-00.txt