On 10/22/13 3:58 PM, Ted Lemon wrote:
On Oct 22, 2013, at 6:52 PM, Michael Thomas <[email protected]> wrote:
Oh, ok. This goes back to the duality problem with DHCP then (discovery,
configuration).
Has anybody ever posited a DHCP configuration-only protocol where you could have
normal transport (ie, not to a broadcast address, you could have, say, (d)TLS,
it doesn't
have to be link local, etc, etc)?
Or maybe what they really want is tr-069?
Doesn't TR-069 use DHCP?
Sheng Jiang has proposed a mechanism for securing DHCP messages using public
key encryption. It's up for discussion in the DHC working group at the moment.
I haven't looked at how to use DTLS to secure DHCP messages. It would be nice
if it were possible.
Tr-069 is just a plain old tcp protocol afaik. The cpe might use a dhcp option
to find
the tr-069 headend though. TR-069 is pretty isp-oriented too, so i doubt they'd
have a
problem adding stuff like dnssec roots to their data model.
Mike
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
