Authentication, Authorization and key management for DHCPv6
Dynamic Host Configuration Protocol version 6 (DHCPv6) authentication, as described in RFC3315, makes use of a model described in RFC3118. The DHCP threat model is described in RFC3118. However, RFC3118 does not discuss the distribution of keys to the server and the client. It assumes that the keys are transferred to the server and client using out of band mechanisms. This draft proposes to make use of the security association that the client shares with its home Authentication, Authorization and Accounting (AAA) servers. The security association between the client and server are established during DHCPv6 messaging. This document specifies options to DHCPv6 messages that can be used to create DHCPv6 Security Associations between the client and server.