Re: [Anima] Homogeneous vs. heterogeneous trust domains (Re: What elements of IETF ANIMA can be used for I2NSF?)
Brian E Carpenter <brian.e.carpenter@gmail.com> Thu, 30 October 2014 19:23 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45B4B1A1A5F for <anima@ietfa.amsl.com>; Thu, 30 Oct 2014 12:23:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4
X-Spam-Level:
X-Spam-Status: No, score=-4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, GB_I_LETTER=-2, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z54mzC-zATXU for <anima@ietfa.amsl.com>; Thu, 30 Oct 2014 12:23:41 -0700 (PDT)
Received: from mail-pd0-x22f.google.com (mail-pd0-x22f.google.com [IPv6:2607:f8b0:400e:c02::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6A411A1B7D for <anima@ietf.org>; Thu, 30 Oct 2014 12:23:40 -0700 (PDT)
Received: by mail-pd0-f175.google.com with SMTP id y13so5705207pdi.6 for <anima@ietf.org>; Thu, 30 Oct 2014 12:23:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=y0X/Iha+jRyw4vqRV4OX1ShnnqYHbjCFh0IJ6XXdcGk=; b=MG0YIVeYTaLk6YGm0TUgYQJzKkQvl58DtJnnkos9CSXLkDTuFadYoAkre4fOwO0777 DfsWvisFSR/g/qfmYeDb6D25xvCM1GMnzIViMchI+JYCwEikQqtkeH19nMueMlzrx7St jzQmeqLLYevKpV9h6nnbPl15jnMQ2fofrsQPrDO+nHjdIHsPnM7nRtoJq2XXWUOX/tat Krm1RXtbMc1uOu9IgUzu9ny5Bfmj+5qa8QiafyMlPijol3jE5rqSBp8M24I/Iep3KxwO Zq8UOxpsNwq70NtX7Ons0L73mHmJBBdELPf7FmFfkgVkgzCpvweCwTN0rFXU0kjBkqna +e4A==
X-Received: by 10.68.164.65 with SMTP id yo1mr19487639pbb.126.1414697020622; Thu, 30 Oct 2014 12:23:40 -0700 (PDT)
Received: from [192.168.178.23] (18.200.69.111.dynamic.snap.net.nz. [111.69.200.18]) by mx.google.com with ESMTPSA id qh4sm7847377pbb.35.2014.10.30.12.23.37 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 30 Oct 2014 12:23:39 -0700 (PDT)
Message-ID: <54529041.7060309@gmail.com>
Date: Fri, 31 Oct 2014 08:23:45 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Michael Richardson <mcr+ietf@sandelman.ca>
References: <15427082.1414550821026.JavaMail.root@mswamui-bichon.atl.sa.earthlink.net> <34F2BB84-CDD9-47C1-A4DE-08373F0785EC@iki.fi> <14853.1414676826@sandelman.ca>
In-Reply-To: <14853.1414676826@sandelman.ca>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/anima/YEr7VT9rih3pLhyJnPQPRSwn6L0
Cc: Randy Presuhn <randy_presuhn@mindspring.com>, "anima@ietf.org" <anima@ietf.org>
Subject: Re: [Anima] Homogeneous vs. heterogeneous trust domains (Re: What elements of IETF ANIMA can be used for I2NSF?)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Oct 2014 19:23:43 -0000
On 31/10/2014 02:47, Michael Richardson wrote: > Markus Stenberg <markus.stenberg@iki.fi> wrote: > > > On 29.10.2014, at 4.47, Randy Presuhn <randy_presuhn@mindspring.com> wrote: > >>> I claim that there is doesn't matter where the initial imprinting occurs; > > randy> Perhaps I'm being overly literal, but aren't there situations > randy> where physical location might actually matter, as in setting > randy> DVD region codes? > > markus> I agree with mcr. > > I think that Markus went into some DVD specific thing without answering the > aim of the question. > > I don't think that the physical location ought to matter at all; what I think > matters is that the some organizations need autonomic mechanisms, but do not > wish to do this "in the field", while other organizations have the opposite > requirement. Right (after scanning your examples). So let me ask a more specific question: look at draft-pritikin-bootstrapping-keyinfrastructures and draft-ietf-netconf-zerotouch and opine whether either or both of them is doing what we need. Or to put it another way, what do we need to define in a generic way for all deployments, and what has to be defined for specific scenarios? Brian > > Let me give two examples. The first is made up (i.e. I have no specific > knowledge of it), while the second is one that I experience regularly. > > 1) a military and/or aid organization (think Medecin sans Frontier) receives > a stack of equipment to their warehouse in New Jersey. Let's they are > setting up for a "MASH"-like installation. They uncrate all the equipment, > and plan to put 3x "typewriters", 1x microphone, 10x > top-of-the-poll-loud-speaker, 2x mess-hall cash registers, 10x ventilators, > 2x cardiac machines.. (just imaging what a 2015-edition of "MASH 4077" might have). > into each shipping container. > In each case, they will power up the machines, in the warehouse, and some > validation system will run once the machines are seen, and it will imprint > the machines with the MSF identity. The machines go *BACK* into their > shipping boxes, and are distributed (mostly randomly) into shipping > containers, one container per installation. > {okay, today, we might rack mount it into the container and leave them > in the container, but let's ignore that bit of modern lego work} > > The equipment might sit in the container for months to *decades* before > it is actually deployed. If there are any online processes that need to > occur for the imprinting to occr, they occur in New Jersey where there is > reliable power and Internet, not in Sierra Leone. > > If the equipment is stolen or redirected, etc. it likely won't trust any > of the "hostile" networking equipment, and it won't be autonomic with it. > This is good and intended. > > 2) a vendor (V) of security appliances buys 1U systems (Z) from vendor X. Vendor X > operates worldwide, and can provide fullfilment worldwide from local > inventory to customer (C). > > Due to time, cost and excise issues, it is impractical to ship units > from vendor X to V's office for installation and configuration. In some > cases mutually exclusive frequency assignments for things like wireless > might even make it illegal to operate Z in V's country, and illegal for > equipment in V's country to operate in C's country! > (in the ways of 2mb/s 802.11 [no-letter] this was true) > > So the equipment is shipped by X to C, and C physically installs it in a > new office. Equipment Z has core routing functions. It would be ideal if > equipment Z could recognize the network connections that it has, say who > it is on them. The autonomic process would then imprint the system. > If system Z is being sold as a service, it might be that it gets imprinted > to V. It might get imprinted to C. Or it might be initially imprinted to > V, installed, and then ownership transfered to C. > The final location here might matter; it matters that it's been installed > at the San Jose office rather than in the New York office. > > [Today, I, as vendor V, must instruct customer C, on connecting up the > IPMI/ILO/iDrac, and opening a port 443, and if it's actually core routing > equipment, we are probably screwed anyway] > > -- > Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works > -= IPv6 IoT consulting =- > > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Anima mailing list > Anima@ietf.org > https://www.ietf.org/mailman/listinfo/anima
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Randy Presuhn
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Markus Stenberg
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Michael Richardson
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Brian E Carpenter
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Michael Richardson