[ntpwg] [dhcwg] Re: Network Time Protocol (NTP) Optionsfor DHCPv6

[Brian Utterback]

TS Glassey wrote:
>   
>> But we are not talking about anything to due with the security model, 
>> assurance or reliability. The
>> question at hand is how to avoid abusive spamming of servers by persistent 
>> and pervasive clients.
>>     
>
> OK but that sounds like Integrity of Opertions insurance to me, si?
>
> Isnt the issue is how to authenticate any control processes since without 
> this I can slam the server's with bad requests to make it unavailable to the 
> legit users.
>
> ?????
>
> Todd
>
>   
Sort of. We aren't talking about any protection from malicious clients, 
we are dealing with the inadvertent
slamming of a server due to long term up time of multiple clients that 
use the same IP address forever and
ever.  If a client is served an IP address at start up time, it has no 
choice but to use that address for the
entire time it is up and running. If a particular DHCP server serves the 
same IP to all of its clients, the
problem is multiplied. If the DHCP happens to be an embedded client, 
with the server IP hard-coded and
this embedded client is deployed to multiple thousands of home 
appliances, then we have the Netgear/Wisc
fiasco again.

Is this scenario likely enough to be worth making major modifications to 
the way DHCP does things?
This is what seems unlikely to Ted and I. Rather than jump through hoops 
at the client protocol
level, a requirement that the IP served not be hard coded at the server 
might be enough. A compromise
on Danny's compromise might be that the addresses must either be 
site-local, or determined dynamically
by the server via DNS lookup.

Brian Utterback