Security of Messages Exchanged between Servers and Relay Agents, August 2017
Discuss this RFC: Send questions or comments to the mailing list [email protected]
The Dynamic Host Configuration Protocol for IPv4 (DHCPv4) has no guidance for how to secure messages exchanged between servers and relay agents. The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) states that IPsec should be used to secure messages exchanged between servers and relay agents but does not require encryption. With recent concerns about pervasive monitoring and other attacks, it is appropriate to require securing relay-to-relay and relay-to-server communication for DHCPv6 and relay-to-server communication for DHCPv4.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.