[Anima-bootstrap] bootstrap purpose

peter van der Stok <stokcons@xs4all.nl> Tue, 24 May 2016 07:22 UTC

Return-Path: <stokcons@xs4all.nl>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E5FD12DC7C for <anima-bootstrap@ietfa.amsl.com>; Tue, 24 May 2016 00:22:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.079
X-Spam-Level:
X-Spam-Status: No, score=0.079 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Exp8ObUIU8x2 for <anima-bootstrap@ietfa.amsl.com>; Tue, 24 May 2016 00:22:49 -0700 (PDT)
Received: from lb1-smtp-cloud3.xs4all.net (lb1-smtp-cloud3.xs4all.net [194.109.24.22]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A13E212B010 for <anima-bootstrap@ietf.org>; Tue, 24 May 2016 00:22:49 -0700 (PDT)
Received: from webmail.xs4all.nl ([194.109.20.205]) by smtp-cloud3.xs4all.net with ESMTP id y7Nn1s0064RV18J017NnNM; Tue, 24 May 2016 09:22:47 +0200
Received: from AMontpellier-654-1-115-41.w90-0.abo.wanadoo.fr ([90.0.130.41]) by webmail.xs4all.nl with HTTP (HTTP/1.1 POST); Tue, 24 May 2016 09:22:47 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Content-Transfer-Encoding: 7bit
Date: Tue, 24 May 2016 09:22:47 +0200
From: peter van der Stok <stokcons@xs4all.nl>
To: Anima-bootstrap <anima-bootstrap@ietf.org>
Organization: vanderstok consultancy
Mail-Reply-To: consultancy@vanderstok.org
Message-ID: <1913d4ecf0647ffdb77ff7f4d751218c@xs4all.nl>
X-Sender: stokcons@xs4all.nl (C47YaFgFhrU+tCtM8SQWAQmnt/sGsER8)
User-Agent: XS4ALL Webmail
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima-bootstrap/zZYkjycV4UPLdkqmCM3R0b3xY-U>
Subject: [Anima-bootstrap] bootstrap purpose
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: consultancy@vanderstok.org
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 May 2016 07:22:53 -0000

Hi all,

I looked again at the keyinfra draft and did not recognize an explicit 
description of the purpose of securing the network with the bootstrap.

As far as I understood there are 2 objectives;
1) a packet sent by an unauthorized node is not routed through the 
network
2) An unauthorized node cannot interpret a packet sent by an authorized 
node

Neither does the text tell us how this is achieved once the bootstrap 
has successfully concluded.
Do we aim at a specific protocol or do we want to leave this open?

-- 
Peter van der Stok
vanderstok consultancy