> > >Which begs the question of what additional potential security risks
> > >the sentence is advocating that we consider.
> >
> > this might be opening up pandora's box here, so let's keep this
> > between just you and me...
> >
>
>Rather than open that box, why not close it and remove this entirely:
>
> When implementing a DHCP server that will serve clients across an
> uncontrolled network, one should consider the potential security
> risks.
>
>There's sufficient specific advice already. This doesn't really add
>anything that can be acted upon directly; it's sort of vague.
>
> > ... you're thinking of L2 hop-by-hop,
> > or between the endhost and the first L3 node...
>
>I don't see a great deal of value in belabouring the point, unless
>we're aware of a specific attack. We've already highlighted the
>disclosure problem - if the network uses hop-by-hop confidentiality,
>then I'd hope that it would be clear that any hops can get the data.
I agree with each point made here
James
>--Martin
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
