> >the sentence is advocating that we consider.
>
> this might be opening up pandora's box here, so let's keep this
> between just you and me...
>
Rather than open that box, why not close it and remove this entirely:
When implementing a DHCP server that will serve clients across an
uncontrolled network, one should consider the potential security
risks.
There's sufficient specific advice already. This doesn't really add anything that can be acted upon directly; it's sort of vague.
> ... you're thinking of L2 hop-by-hop,
> or between the endhost and the first L3 node...
I don't see a great deal of value in belabouring the point, unless we're aware of a specific attack. We've already highlighted the disclosure problem - if the network uses hop-by-hop confidentiality, then I'd hope that it would be clear that any hops can get the data.
--Martin
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
