Re: [Anima-bootstrap] Scope question
Michael Richardson <mcr+ietf@sandelman.ca> Mon, 06 July 2015 00:54 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A9951B29D3 for <anima-bootstrap@ietfa.amsl.com>; Sun, 5 Jul 2015 17:54:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hDXgNwlTIWWt for <anima-bootstrap@ietfa.amsl.com>; Sun, 5 Jul 2015 17:54:35 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C92E1B29D1 for <anima-bootstrap@ietf.org>; Sun, 5 Jul 2015 17:54:35 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 6C11820012 for <anima-bootstrap@ietf.org>; Sun, 5 Jul 2015 21:10:24 -0400 (EDT)
Received: by sandelman.ca (Postfix, from userid 179) id 6B38D63AEC; Sun, 5 Jul 2015 20:54:34 -0400 (EDT)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 49BA863AE8 for <anima-bootstrap@ietf.org>; Sun, 5 Jul 2015 20:54:34 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: anima-bootstrap@ietf.org
In-Reply-To: <5599BF13.60405@gmail.com>
References: <5599BF13.60405@gmail.com>
X-Mailer: MH-E 8.6; nmh 1.3-dev; GNU Emacs 24.4.2
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Sun, 05 Jul 2015 20:54:34 -0400
Message-ID: <4529.1436144074@sandelman.ca>
Sender: mcr@sandelman.ca
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima-bootstrap/gr2ngh8w-KnNqyfNGVv40L2YSRs>
Subject: Re: [Anima-bootstrap] Scope question
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jul 2015 00:54:36 -0000
Brian E Carpenter <brian.e.carpenter@gmail.com> wrote: > The design team charter at > http://trac.tools.ietf.org/wg/anima/trac/wiki/Bootstrap%20Design%20Team%20Charter > leaves two scope questions open for me. > 1. Is the scope *all* nodes in a network, or only the nodes taking part > in autonomic operations (i.e. nodes that are part of the ACP and/or run > Anima signaling)? Only those taking part autonomic operation... > 2. Is the scope limited to physical nodes? Or in other words, do > entities like virtual machines or ASAs inherit credentials from the > physical node containing them? While I would expect ASAs running on a node to have some kind of access to the hosts credentials, but we should consider possibility that we need to issue additional (transitive) credentials to individual ASAs. As for virtual machines running on a host, in general, they would have to join the ACP through their own seperate bootstrap process. As they don't have vendors, it could be that they would be provisioned through the same transitive process as the ASAs, once we figure out how to do that. -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- Re: [Anima-bootstrap] Scope question Michael Richardson
- [Anima-bootstrap] Scope question Brian E Carpenter
- Re: [Anima-bootstrap] Scope question Toerless Eckert
- Re: [Anima-bootstrap] Scope question Michael Behringer (mbehring)