draft-ietf-dhc-forcerenew-nonce-05.txt		draft-ietf-dhc-forcerenew-nonce-06.txt
	dhc D. Miles		dhc D. Miles
	Internet-Draft Google		Internet-Draft Google
	Updates: 3203 (if approved) W. Dec		Updates: 3203 (if approved) W. Dec
	Intended status: Standards Track Cisco Systems		Intended status: Standards Track Cisco Systems
	Expires: September 10, 2012 J. Bristow		Expires: September 12, 2012 J. Bristow
	Swisscom Schweiz AG		Swisscom Schweiz AG
	R. Maglione		R. Maglione
	Telecom Italia		Telecom Italia
	March 9, 2012		March 11, 2012
	Forcerenew Nonce Authentication		Forcerenew Nonce Authentication
	draft-ietf-dhc-forcerenew-nonce-05		draft-ietf-dhc-forcerenew-nonce-06
	Abstract		Abstract
	Dynamic Host Configuration Protocol (DHCP) FORCERENEW allows for the		Dynamic Host Configuration Protocol (DHCP) FORCERENEW allows for the
	reconfiguration of a single host by forcing the DHCP client into a		reconfiguration of a single host by forcing the DHCP client into a
	Renew state on a trigger from the DHCP server. In Forcerenew Nonce		Renew state on a trigger from the DHCP server. In Forcerenew Nonce
	Authentication the server sends a nonce to the client in the initial		Authentication the server sends a nonce to the client in the initial
	DHCP ACK that is used for subsequent validation of a FORCERENEW		DHCP ACK that is used for subsequent validation of a FORCERENEW
	message. This document updates RFC 3203.		message. This document updates RFC 3203.
	skipping to change at page 1, line 40		skipping to change at page 1, line 40
	Internet-Drafts are working documents of the Internet Engineering		Internet-Drafts are working documents of the Internet Engineering
	Task Force (IETF). Note that other groups may also distribute		Task Force (IETF). Note that other groups may also distribute
	working documents as Internet-Drafts. The list of current Internet-		working documents as Internet-Drafts. The list of current Internet-
	Drafts is at http://datatracker.ietf.org/drafts/current/.		Drafts is at http://datatracker.ietf.org/drafts/current/.
	Internet-Drafts are draft documents valid for a maximum of six months		Internet-Drafts are draft documents valid for a maximum of six months
	and may be updated, replaced, or obsoleted by other documents at any		and may be updated, replaced, or obsoleted by other documents at any
	time. It is inappropriate to use Internet-Drafts as reference		time. It is inappropriate to use Internet-Drafts as reference
	material or to cite them other than as "work in progress."		material or to cite them other than as "work in progress."
	This Internet-Draft will expire on September 10, 2012.		This Internet-Draft will expire on September 12, 2012.
	Copyright Notice		Copyright Notice
	Copyright (c) 2012 IETF Trust and the persons identified as the		Copyright (c) 2012 IETF Trust and the persons identified as the
	document authors. All rights reserved.		document authors. All rights reserved.
	This document is subject to BCP 78 and the IETF Trust's Legal		This document is subject to BCP 78 and the IETF Trust's Legal
	Provisions Relating to IETF Documents		Provisions Relating to IETF Documents
	(http://trustee.ietf.org/license-info) in effect on the date of		(http://trustee.ietf.org/license-info) in effect on the date of
	publication of this document. Please review these documents		publication of this document. Please review these documents
	skipping to change at page 10, line 9		skipping to change at page 10, line 9
	capability for Forcerenew Nonce Protocol authentication in the DHCP		capability for Forcerenew Nonce Protocol authentication in the DHCP
	OFFER and the subsequent ACK received by the client while in the		OFFER and the subsequent ACK received by the client while in the
	selecting state omits a valid DHCP authentication option for the		selecting state omits a valid DHCP authentication option for the
	Forcerenew Nonce Protocol, the client MUST discard the message and		Forcerenew Nonce Protocol, the client MUST discard the message and
	return to the INIT stat		return to the INIT stat
	The client MUST record the Forcerenew Nonce from any valid ACK it		The client MUST record the Forcerenew Nonce from any valid ACK it
	receives, if the ACK contains one.		receives, if the ACK contains one.
	To authenticate a Forcerenew message, the client computes an HMAC-		To authenticate a Forcerenew message, the client computes an HMAC-
	MD5, based on the procedure specified in section 21.5 of [RFC3315],		MD5, based on the procedure specified in section 21.5 of [RFC3315],
	over the DHCP FORCERENEW message, using the Forcerenew Nonce received		over the DHCP FORCERENEW message (after setting the HMAC-MD5 field in
	from the server. If this computed HMAC-MD5 matches the value in the		the Authentication option to zero), using the Forcerenew Nonce
	Authentication option, the client accepts the FORCERENEW message.		received from the server. If this computed HMAC-MD5 matches the
			value in the Authentication option, the client accepts the FORCERENEW
			message.
	4. Acknowledgements		4. Acknowledgements
	Comments are solicited and should be addressed to the DHC WG mailing		Comments are solicited and should be addressed to the DHC WG mailing
	list (dhcwg@ietf.org) and/or the authors. This contribution is based		list (dhcwg@ietf.org) and/or the authors. This contribution is based
	on work by Vitali Vinokour. Major sections of this draft use		on work by Vitali Vinokour. Major sections of this draft use
	modified text from [RFC3315]. The authors wish to thank Ted Lemon,		modified text from [RFC3315]. The authors wish to thank Ted Lemon,
	Matthew Ryan and Bernie Volz for their support.		Matthew Ryan and Bernie Volz for their support.
	5. IANA Considerations		5. IANA Considerations
End of changes. 5 change blocks.
	7 lines changed or deleted		9 lines changed or added
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/