A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : A DHCP Extension To Provide Initial Random Material
Author(s) : Yaron Sheffer
Paul Hoffman
Filename : draft-sheffer-dhc-initial-random-00.txt
Pages : 8
Date : 2013-12-04
Abstract:
Some network devices get little or no entropy from their underlying
operating systems when they are first started. As a result,
cryptographic applications started before there is sufficient entropy
in the operating system's pool can be initialized into a state that
can be exploited by an attacker. This document defines a DHCP
extension that can provide the operating system of a network device
with some initial randomness that can only be known by an attacker
who is on the same network segment as the device and its DHCP server.
The operating system can mix this random input into its random pool
early in the boot procedure and thus have more entropy available when
cryptographic applications start.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-sheffer-dhc-initial-random
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-sheffer-dhc-initial-random-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
