RFC 3118 (rfc3118) - Page 3 of 17
Authentication for DHCP Messages
Alternative Format: Original Text Document
RFC 3118 Authentication for DHCP Messages June 2001
3. Limit state required by the server.
4. Limit complexity (complexity breeds design and implementation
errors).
1.3 Requirements Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY" and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [5].
1.4 DHCP Terminology
This document uses the following terms:
o "DHCP client"
A DHCP client or "client" is an Internet host using DHCP to
obtain configuration parameters such as a network address.
o "DHCP server"
A DHCP server or "server" is an Internet host that returns
configuration parameters to DHCP clients.
2. Format of the authentication option
The following diagram defines the format of the DHCP authentication
option:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Code | Length | Protocol | Algorithm |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| RDM | Replay Detection (64 bits) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Replay cont. |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Replay cont. | |
+-+-+-+-+-+-+-+-+ |
| |
| Authentication Information |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The code for the authentication option is 90, and the length field
contains the length of the protocol, RDM, algorithm, Replay Detection
fields and authentication information fields in octets.
Droms & Arbaugh Standards Track