[Anima-bootstrap] Can the proxy add information during bootstrap?

"Michael Behringer (mbehring)" <mbehring@cisco.com> Tue, 12 April 2016 16:05 UTC

Return-Path: <mbehring@cisco.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DE6612DA0A for <anima-bootstrap@ietfa.amsl.com>; Tue, 12 Apr 2016 09:05:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.517
X-Spam-Level:
X-Spam-Status: No, score=-15.517 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.996, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uwgVc-BkO5qj for <anima-bootstrap@ietfa.amsl.com>; Tue, 12 Apr 2016 09:05:23 -0700 (PDT)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 76E0112D641 for <anima-bootstrap@ietf.org>; Tue, 12 Apr 2016 09:05:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=649; q=dns/txt; s=iport; t=1460477121; x=1461686721; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=E5evWqrW3NYHBkpCM0kjA5MmpsAFWq7EsZG7zuyNWFQ=; b=XG3rZKhM5DdC+KdF2LDLKy65y0kbgG5AfFTljgV0fXbHID+GmRiATTKD yNasjQUWYT7Obcx/RcJd5DdQngntpzK4nwriIuP7avVQFYkMGbwpWz8sV Yy9wCRz2kScszxOW1OyrvpsWMAnOmTXrsPk7Xqh8EKtLI9T//CokBKLR2 g=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0D0AQAOHA1X/4QNJK1VCYM3gVa6YAENg?= =?us-ascii?q?XSHQjgUAQEBAQEBAWUcC4RIOlEBPkImAQQbiCCfbaFoAQEIAQEBARyGIYhhhX8?= =?us-ascii?q?FmAgBgSyMWYFYjT+PJgEeAQFCg2eJc34BAQE?=
X-IronPort-AV: E=Sophos;i="5.24,474,1454976000"; d="scan'208";a="260561251"
Received: from alln-core-10.cisco.com ([173.36.13.132]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 12 Apr 2016 16:05:20 +0000
Received: from XCH-RCD-010.cisco.com (xch-rcd-010.cisco.com [173.37.102.20]) by alln-core-10.cisco.com (8.14.5/8.14.5) with ESMTP id u3CG5KqX021431 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL) for <anima-bootstrap@ietf.org>; Tue, 12 Apr 2016 16:05:20 GMT
Received: from xch-rcd-006.cisco.com (173.37.102.16) by XCH-RCD-010.cisco.com (173.37.102.20) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Tue, 12 Apr 2016 11:05:20 -0500
Received: from xch-rcd-006.cisco.com ([173.37.102.16]) by XCH-RCD-006.cisco.com ([173.37.102.16]) with mapi id 15.00.1104.009; Tue, 12 Apr 2016 11:05:20 -0500
From: "Michael Behringer (mbehring)" <mbehring@cisco.com>
To: "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Thread-Topic: Can the proxy add information during bootstrap?
Thread-Index: AdGU1I6/KDLvl9W0Tcedv3sYwnzcjA==
Date: Tue, 12 Apr 2016 16:05:20 +0000
Message-ID: <5c12b5d6940d4970bd3c0ad4c94b4696@XCH-RCD-006.cisco.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.55.238.142]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima-bootstrap/wDnUNgeLOpuqW8B1CyZZP363aso>
Subject: [Anima-bootstrap] Can the proxy add information during bootstrap?
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Apr 2016 16:05:27 -0000

When a new device enrols, an operator will want to know WHERE this device is connecting. This includes the proxy identity, plus the interface on the proxy. (Potentially more)

The proxy identity can be figured out by looking at the source address of the incoming packets; but the interface information needs to be added explicitly, somehow. 

I see a parallel with DHCP: I think also with our BSKI approach, the need will arise to have something like "DHCP options" that relate to the proxy. 

Can our enrolment process as described today support such proxy options? If not, I think we need to re-think... 

Michael