Security of Messages Exchanged between Servers and Relay Agents
RFC 8213, “Security of Messages Exchanged between Servers and Relay Agents”, is a Proposed Standard document published in August 2017 by B. Volz, Y. Pal. The canonical text is published by the RFC Editor.
Abstract
The Dynamic Host Configuration Protocol for IPv4 (DHCPv4) has no guidance for how to secure messages exchanged between servers and relay agents. The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) states that IPsec should be used to secure messages exchanged between servers and relay agents but does not require encryption. With recent concerns about pervasive monitoring and other attacks, it is appropriate to require securing relay-to-relay and relay-to-server communication for DHCPv6 and relay-to-server communication for DHCPv4.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8213 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8212 Default External BGP Route Propagation Behavior without Policies
- RFC 8214 Virtual Private Wire Service Support in Ethernet VPN
- RFC 8211 Adverse Actions by a Certification Authority or Repository Manager in the Resource Public Key Infrastructure
- RFC 8215 Local-Use IPv4/IPv6 Translation Prefix
- RFC 8210 The Resource Public Key Infrastructure to Router Protocol, Version 1
- RFC 8216 HTTP Live Streaming
- RFC 8209 A Profile for BGPsec Router Certificates, Certificate Revocation Lists, and Certification Requests
- RFC 8217 Clarifications for When to Use the name-addr Production in SIP Messages