IETF Logo Mail Archive

Re: [5gangip] Network tokens draft

Yiannis Yiakoumis <yiannis@selfienetworks.com> Fri, 10 July 2020 17:23 UTC

Return-Path: <yiannis@selfienetworks.com>
X-Original-To: 5gangip@ietfa.amsl.com
Delivered-To: 5gangip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 537B53A00C9 for <5gangip@ietfa.amsl.com>; Fri, 10 Jul 2020 10:23:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=selfienetworks-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t_1yCHsgbtvD for <5gangip@ietfa.amsl.com>; Fri, 10 Jul 2020 10:23:04 -0700 (PDT)
Received: from mail-ua1-x92d.google.com (mail-ua1-x92d.google.com [IPv6:2607:f8b0:4864:20::92d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31D453A00C3 for <5gangip@ietf.org>; Fri, 10 Jul 2020 10:23:04 -0700 (PDT)
Received: by mail-ua1-x92d.google.com with SMTP id p6so2045866uaq.12 for <5gangip@ietf.org>; Fri, 10 Jul 2020 10:23:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=selfienetworks-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:message-id:references:in-reply-to:date:subject:to :cc; bh=hAMhcz58tBlTYqGjZlW+cSNBtKSINpufi6sfViMemLU=; b=wHgTtLptu9VrWNVojZ6kvAqUNqzY0vWb++e13sLx9Wdn2Z8yin41CGX5ZRXXSOU9e1 CqfGM9SuPmvCwBQdkPY5yLcaG8h+AxR5BID9JBcUGmPxeOYLntxkjAA8TJe6bUamQW8M exf8piuHVPLlOBKAyopDU+NIlKOPa+ZgnUjxbIlEx2twxlQ9smXwv+fuWUTGQ5PN+nOJ FRIY7mBpFVYoPaEpJdi/XCbVOVLeAEDkVMQl2I/9yJ0QurXOv98iZREndVPRJksZ3T/q GnYZSB42XbdPGp7O77F2HOCo8lPVGetaA2JzmBuUe+tHZJtjVC+Thqt6+RwoVK3uggAy lDxA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:message-id:references :in-reply-to:date:subject:to:cc; bh=hAMhcz58tBlTYqGjZlW+cSNBtKSINpufi6sfViMemLU=; b=q0MeNVHVxCbAvqms5FJUxMYaap2IWYjn4VJwIr1Mbl3ELPgq17oFWcCYcCGBmT/BZ4 L9miK+Dzfg8+6Mfyp7ggWOycO47rGlUdacVCaZCfgvQVxZXFPFWtcIsoEPd8oXMbbf3j +S2Y33z+RzLirDpiqorzbMhjwww8rUv+wWxbUO+bqV2ts4wJztPPRtExtJvNF+PMqtfX +A3tSF3Zv8zClpjk35paquZraUkKKuCFwChex7K0TYyLH5+DZBTXHsa06ZiKeZC5g9M4 pkJiVQSQa2+c/aJovNTkif4SoSx/Hvt9RYYh9DOVRbwDWPrfAIcEjg5k08rX9hrtY1e5 ZbEg==
X-Gm-Message-State: AOAM530ZkTiFjthrMDcTnhJn57H03qQmr9bsh0v7ma5w2BpbgKujdQH8 YHTacY11dHQc8EgTPxod7QGSAOUYtQQ=
X-Google-Smtp-Source: ABdhPJx5iKBP3omWax1fZ30sx4sxOR46cc+VeYSAVBxyQjPhTu6G4qKVQwY9F44c6rSsPGyxKEW8aw==
X-Received: by 2002:ab0:26c1:: with SMTP id b1mr17159779uap.76.1594401782286; Fri, 10 Jul 2020 10:23:02 -0700 (PDT)
Received: from localhost (0.92.231.35.bc.googleusercontent.com. [35.231.92.0]) by smtp.gmail.com with ESMTPSA id 75sm568367uai.10.2020.07.10.10.23.02 for <5gangip@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 10 Jul 2020 10:23:02 -0700 (PDT)
Mime-Version: 1.0
From: Yiannis Yiakoumis <yiannis@selfienetworks.com>
Message-ID: <kcghgfds.2ef5698b-4044-4ff2-9798-0839fc7723cf@we.are.superhuman.com>
X-Mailer: Superhuman Desktop (2020-07-09T22:06:01Z)
References: <CALx6S37Qu_Gj166u5mS4=EDrGr-xSpjYhsFOopGrWcNRSHY7jA@mail.gmail.com> <kcgfqrcm.279044f8-05de-4fa2-961b-667288c328c4@we.are.superhuman.com> <kcggtx4g.89bb9049-b123-4718-8ce0-9097cfa918cd@we.are.superhuman.com> <CAD6AjGQPepqZF6OYURL4V2EVUh3m_nKy8nfcoL7fzsbjZ9vAKg@mail.gmail.com>
In-Reply-To: <CAD6AjGQPepqZF6OYURL4V2EVUh3m_nKy8nfcoL7fzsbjZ9vAKg@mail.gmail.com>
Date: Fri, 10 Jul 2020 17:23:01 +0000
To: Ca By <cb.list6@gmail.com>
Cc: 5GANGIP <5gangip@ietf.org>, Tom Herbert <tom@herbertland.com>
X-Superhuman-ID: kcghn3y6.d2ba5dd2-3f1d-4791-a9d3-1a575848399c
X-Superhuman-Draft-ID: draft004b0212174da0cb
Content-Type: multipart/alternative; boundary="7e3ad7a6fab3cbafc3c91bc3352a74a6204b49eaaf921e93440f34a79a64"
Archived-At: <https://mailarchive.ietf.org/arch/msg/5gangip/L_BRrvWlf9aXOTuKEJotbhhJ65M>
Subject: Re: [5gangip] Network tokens draft
X-BeenThere: 5gangip@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of implications of the upcoming 5th Generation \(fixed and\) Mobile communication systems on IP protocols." <5gangip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/5gangip>, <mailto:5gangip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/5gangip/>
List-Post: <mailto:5gangip@ietf.org>
List-Help: <mailto:5gangip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/5gangip>, <mailto:5gangip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jul 2020 17:23:08 -0000

The problem that we are solving is that QoS/bearers, zero-rating etc require complex application signatures to map and classify traffic to the desired service (TFT and packet filters in 3GPP-speak). These are very expensive and manual to maintain, they are inaccurate, vulnerable to fraud, bad for privacy, and don't work with upcoming protocols like ESNI. We had 85% failure rate on integrations based on application signatures because of the reasons mentioned above.

The approach we take with network tokens is that traffic differentiation services should be complemented with access management practices, not traffic classification. And network tokens are merely a mechanism to facilitate access management here.

Y.

=====================
Yiannis Yiakoumis
Co-Founder & CEO
https://selfienetworks.com | +1-650-644-7857

On Fri, Jul 10, 2020 at 10:15 AM, Ca By < cb.list6@gmail.com > wrote:

> 
> On Fri, Jul 10, 2020 at 10:03 AM Yiannis Yiakoumis < yiannis@ selfienetworks.
> com ( yiannis@selfienetworks.com ) > wrote:
> 
> 
>> "In mobile, the the bearer is a bit of a virtual circuit.  Each UE has one
>> or more bearers which are assigned an e2e qos policy.  Your cases for
>> tokens would be stronger if you could show how tokens overcome a defined
>> challenge that is not solved today.  It is important for credibility to
>> demonstrate knowledge of the existing approach … otherwise the suggestion
>> appears out of context"
>> We are actually building a prototype that combines tokens with a dedicated
>> bearer for an LTE network, and provides E2E QoS both at uplink and
>> downlink. Implementation happens at https:/ / github. com/ network-tokens/
>> ( https://github.com/network-tokens/ ). Happy to share more details if you
>> are interested.
>> 
>> 
>> 
>> 
>> Y.
>> 
>> 
> 
> 
> 
> But why is this better than the existing bearer / pcrf model?
> 
> 
> What problem are you solving that is novel or better than the existing
> approach?
> 
> 
> Just saying your model is a great is not helpful.
> 
> 
> 
>> 
>> 
>> 
>> =====================
>> Yiannis Yiakoumis
>> Co-Founder & CEO
>> https:/ / selfienetworks. com ( https://selfienetworks.com ) |
>> +1-650-644-7857
>> 
>> 
>> 
>> On Fri, Jul 10, 2020 at 9:35 AM, Yiannis Yiakoumis < yiannis@ selfienetworks.
>> com ( yiannis@selfienetworks.com ) > wrote:
>> 
>>> subscribed late and can't reply inline to follow-up comments. Short
>>> response to Ca By's point on whether the network trusts the UE.
>>> 
>>> 
>>> 
>>> "A fundamental principle of mobile qos is that you do not trust the UE, as
>>> it can be compromised to make all traffic high priority. Only the network
>>> can reliably and securely allocate resources based on policy."
>>> The basic architecture for network tokens is agnostic on the trust
>>> relationships between UE, app provider, network and server. It provides
>>> mechanisms to encrypt/sign a token, and metadata to prevent replay and
>>> spoofing attacks so that operators can adjust it to the appropriate trust
>>> model. It borrows a lot from the ideas implemented in JWT, CWT and OAUTH2.
>>> 
>>> 
>>> 
>>> 
>>> Yiannis
>>> 
>>> 
>>> 
>>> 
>>> 
>>> =====================
>>> Yiannis Yiakoumis
>>> Co-Founder & CEO
>>> https:/ / selfienetworks. com ( https://selfienetworks.com ) |
>>> +1-650-644-7857
>>> 
>>> 
>>> 
>>> On Thu, Jul 09, 2020 at 10:00 AM, Tom Herbert < tom@ herbertland. com (
>>> tom@herbertland.com ) > wrote:
>>> 
>>>> 
>>>> 
>>>> This is a draft on "Network Tokens" which is of relevance to facilitate
>>>> fine grained QoS in 5G networks.
>>>> 
>>>> 
>>>> 
>>>> https:/ / tools. ietf. org/ html/ draft-yiakoumis-network-tokens-01 (
>>>> https://tools.ietf.org/html/draft-yiakoumis-network-tokens-01 )
>>>> 
>>>> 
>>>> 
>>>> There is also a mailing list in
>>>> https:/ / www. ietf. org/ mailman/ listinfo/ network-tokens (
>>>> https://www.ietf.org/mailman/listinfo/network-tokens )
>>>> 
>>>> 
>>>> 
>>>> We are planning to present in tsvwg and app aware networking and possibly
>>>> have a side meeting on this topic in IETF108.
>>>> 
>>>> 
>>>> 
>>>> Thanks,
>>>> Tom
>>>> 
>>>> 
>>>> 
>>> 
>>> 
>> 
>> 
>> 
>> _______________________________________________
>> 5gangip mailing list
>> 5gangip@ ietf. org ( 5gangip@ietf.org )
>> https:/ / www. ietf. org/ mailman/ listinfo/ 5gangip (
>> https://www.ietf.org/mailman/listinfo/5gangip )
> 
> 
>

v2.23.0 | Report a Bug | By Email