> wrt the above "when":
>
> s/when/after
>
> IMO this makes the statement more direct and to the point.
Yes, it's more clear.
> >When implementing a DHCP server that will serve
> >clients across an uncontrolled network, one
> >should consider the potential security risks."
>
> I assume that for controlled networks -- this doesn't apply?
I suppose that depends on what "uncontrolled" means. My (perhaps incorrect) assumption was that "uncontrolled" meant a network that did not employ security mechanisms such as link layer security or even packet filtering. Perhaps another term might be appropriate?
The security risks discussed in the section include disclosure and packet modification.
The section advocates use of DHCP authentication to address packet modification threats.
In -06, I inserted a sentence to address the disclosure aspect:
"Link layer confidentiality may also be employed to reduce the risk of location disclosure."
Which begs the question of what additional potential security risks the sentence is advocating that we consider.
