IETF Logo Mail Archive

Re: [Anima] Cloud BRSKI discussion -- Option 1 use cases

"Owen Friel (ofriel)" <ofriel@cisco.com> Tue, 26 November 2019 21:57 UTC

Return-Path: <ofriel@cisco.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4AE5120AF1 for <anima@ietfa.amsl.com>; Tue, 26 Nov 2019 13:57:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=UsMZQWR0; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=IvOfoYFd
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eQZQyP48DcCP for <anima@ietfa.amsl.com>; Tue, 26 Nov 2019 13:57:17 -0800 (PST)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E217120AEC for <anima@ietf.org>; Tue, 26 Nov 2019 13:57:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1861; q=dns/txt; s=iport; t=1574805437; x=1576015037; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=GzLWCgeknWSVNiRG/s84aNGjmsu+a4HDYB2G7Ayr1qc=; b=UsMZQWR0op/yaaq9A7vyHrWDMjbekIHKnsBqKRcNtbqjYWTAXJJzpwjQ CCVL5zIG/45znFWK6i2jZTa7x+BN2Dk1YqICoPr8tfaEspLEjbROOygyc 1RsvlIWZepRSp8bMERg5Lbf/jS++TTXCHstRP6Me9omBCImMO+fd9lsBg c=;
IronPort-PHdr: 9a23:QK2wRxEKIvxwm4/fM1bRKJ1GYnJ96bzpIg4Y7IYmgLtSc6Oluo7vJ1Hb+e4w3Q3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNVcejNkO2QkpAcqLE0r+efnkdS03GOxJVURu+DewNk0GUMs=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ApAADRnt1d/4wNJK1lGgEBAQEBAQEBAQMBAQEBEQEBAQICAQEBAYFtAgEBAQELAYFKUAVsWCAECyoKh2cDinCCX4lbjimCUgNUCQEBAQwBARgNCAIBAYRAAoF2JDcGDgIDDQEBBAEBAQIBBQRthTcMhVIBAQEBAgEBARAoBgEBLAsBCwQCAQgRBAEBAR4QIQYLHQgCBAEJBAUIGoMBgkYDDiABAgynKwKBOIhggieCfgEBBYUXDQuCFwmBNgGMFRqBQD+BWIIeLj6CG0kBAQIBgUoYg0CCLI0aKBkDoBhCCoIshx2KIIQ0mh2EP4oJiDyCFI9CAgQCBAUCDgEBBYFoI4FYcBU7gmwJRxEUhkiDc4UUhT90AYEnjToBgQ4BAQ
X-IronPort-AV: E=Sophos;i="5.69,247,1571702400"; d="scan'208";a="378880063"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 26 Nov 2019 21:57:15 +0000
Received: from XCH-RCD-008.cisco.com (xch-rcd-008.cisco.com [173.37.102.18]) by alln-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id xAQLvEB5012291 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 26 Nov 2019 21:57:14 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-008.cisco.com (173.37.102.18) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 26 Nov 2019 15:57:14 -0600
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 26 Nov 2019 16:57:13 -0500
Received: from NAM05-DM3-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 26 Nov 2019 15:57:12 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eUizduNiPy3AHte4onybNYojNygKLJ6lXFScYP+zm3K4FmbHz1KYjFQZlMnLHfHYtH5WTJLxYXBJ+aJSON0kB5PWgiJEfyaHd6fss/foJ9eKHPCPsudUpKud19EnTuupPWFdHAXcbwaOhk0hiJy5+syW5LdIjZXH7jo9xJPHLQeksErNwSHLAZFxeQz3ag4sHsxJTYBurkl0YEcOT9CkZoJfW5O1W1s52+z1CfNAQvFPjcSMo1c5qX51yssppdBoBHj3iU/Vza/CApt95OGGksJyohP2M2qo8vYlh1t36/pPbgwFbqA6rdkqa/lxNG965cJyzsZRizkXsKSWjc7RAQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EgismndNCQ97qzysWTJRsH/djSM27zH4NWOuaiNGMHU=; b=C91hGULTim7t4T5NsvdCfX2k9dVNAcSM9EuYMe8mn1DfDH8H9igaQZFueeAegvmMLioNm0l35dB6/dGfjMC3HuKVnNboZQsUpeaCKGhrKemmKs/WI6VFohCpSNU+Jhv8Nqa4baqzc0u5dqNSkdXKL4coxTVK/qjF6Rwjye2L7AtzpE+GRZmyeqCD1ZAC6zis/bWCUdVjJQWIFte2HbC3WF9a0YHCvM47850fTupCbYMoqLtPoScrg/a9w5IIGkptD+3fCA7l5Qc9PCfcEN3p4LLTJQoLWbySVVzcehOyTXiblmVEGvFuszQikojuhafXkLhpCZpIqGF2ZUERO6XWRw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EgismndNCQ97qzysWTJRsH/djSM27zH4NWOuaiNGMHU=; b=IvOfoYFdUVnqekpz/vktAPEMi8yPsZiEkrA+/r29D/67ROH0W5hHOxM58GmVA8Wie8lVk12V7rjldG8enfLnqcWpbnZuHYIZSrxwUHZqSPfP6bAFdo9SLQR08TAB72Q1tSWzcd5zam8VHMKz0wgCYbKxJe7M2BvvN3qpcYk83C0=
Received: from MN2PR11MB3901.namprd11.prod.outlook.com (20.179.150.76) by MN2PR11MB3806.namprd11.prod.outlook.com (20.178.254.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2474.19; Tue, 26 Nov 2019 21:57:12 +0000
Received: from MN2PR11MB3901.namprd11.prod.outlook.com ([fe80::7127:bf0:d3be:3153]) by MN2PR11MB3901.namprd11.prod.outlook.com ([fe80::7127:bf0:d3be:3153%7]) with mapi id 15.20.2474.019; Tue, 26 Nov 2019 21:57:12 +0000
From: "Owen Friel (ofriel)" <ofriel@cisco.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, Michael Richardson <mcr@sandelman.ca>
CC: "anima@ietf.org" <anima@ietf.org>
Thread-Topic: [Anima] Cloud BRSKI discussion -- Option 1 use cases
Thread-Index: AQHVopjjjfqPGl4MTE+qlqyqK5ndIaeZ+4EAgAGg1wCAAKqmAIABvHoA
Date: Tue, 26 Nov 2019 21:57:12 +0000
Message-ID: <MN2PR11MB3901B871673CD491B3089542DB450@MN2PR11MB3901.namprd11.prod.outlook.com>
References: <5D36713D8A4E7348A7E10DF7437A4B9299B9FAD2@NKGEML515-MBX.china.huawei.com> <MN2PR11MB3901DD8CF27429ECAF1AA874DB780@MN2PR11MB3901.namprd11.prod.outlook.com> <28576.1574580524@dooku.sandelman.ca> <9c60c895-9e14-c064-9f4a-306c5d7a1105@gmail.com> <1120.1574673282@dooku.sandelman.ca> <29988aee-9b8e-afab-1498-80dcf8b9f6fd@gmail.com>
In-Reply-To: <29988aee-9b8e-afab-1498-80dcf8b9f6fd@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ofriel@cisco.com;
x-originating-ip: [173.38.220.39]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8f0d546d-3f2a-4313-73d7-08d772bb978f
x-ms-traffictypediagnostic: MN2PR11MB3806:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <MN2PR11MB38060E0D6456F072AEBD0068DB450@MN2PR11MB3806.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0233768B38
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(346002)(396003)(366004)(39860400002)(136003)(13464003)(189003)(199004)(99286004)(186003)(966005)(6436002)(9686003)(2906002)(7736002)(316002)(4326008)(71190400001)(6306002)(11346002)(14454004)(478600001)(6116002)(446003)(55016002)(8676002)(25786009)(76116006)(3846002)(8936002)(66476007)(74316002)(52536014)(305945005)(7696005)(5660300002)(33656002)(26005)(76176011)(110136005)(256004)(229853002)(53546011)(6506007)(6246003)(64756008)(66556008)(66446008)(102836004)(81156014)(81166006)(66066001)(86362001)(66946007)(71200400001); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3806; H:MN2PR11MB3901.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 1igGi/+O4w9ia/2c2ouccIXDZ7feGGKb1ef+/aXIX5X+d/awhV99rBbSfE17uXHwv3QMxo14P9lrjY6vLBtUAPdL8NK/1TJl8R4QNXlDfIVISQ89T4POlH0/WOrFO+ORofV9W7f+/xeA3BNhwaQ30nROcsi7z6Iqe7tvZuFpiGLZMTSZO+Q6FAAR52MpLQ4+fsqm40NDho1qY9WzBvpAWPfUL3M/g5wzMlvlo0va45Yy7qgdC7OEAy0JrrLKAnK6mmK9x4bgxmaWP6zM9Kg0a1Nk1kXb8MgHYFZtIFxqhhqFpGVjRO6wtyqU1gag+/ciMIlGDXg95Yri9WgL4vE1ajM63epmTMSe+P5vHNzCBpHQCtnv3aoMoag5KpdMQ5HJdO7R5v/5tzZ9p/YJ787oZPhJ3p7b8750pAjED4u46dKq5q+A3gKjrk1C91LLPlsz7WFCBbZ0c+TyWBncrqod7UV0mTU3ZRfnagYbl4t/V5k=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 8f0d546d-3f2a-4313-73d7-08d772bb978f
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Nov 2019 21:57:12.2636 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: imjp2Q91UhbfbWh68AAdzI9r10/zBYSBBAa8tnNFqI1UjmURVSTR1sVRU3CU7EC5I/fa40W14bRAuLTU8/J8Ww==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3806
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.18, xch-rcd-008.cisco.com
X-Outbound-Node: alln-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/ZjYZdPgu4E1JT-EtbmdreKoPXO0>
Subject: Re: [Anima] Cloud BRSKI discussion -- Option 1 use cases
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Nov 2019 21:57:20 -0000


> -----Original Message-----
> From: Anima <anima-bounces@ietf.org> On Behalf Of Brian E Carpenter
> Sent: 25 November 2019 19:25
> To: Michael Richardson <mcr@sandelman.ca>
> Cc: anima@ietf.org
> Subject: Re: [Anima] Cloud BRSKI discussion -- Option 1 use cases
> 
> On 25-Nov-19 22:14, Michael Richardson wrote:
> >
> > Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
> >     > One thing that doesn't seem to be clear either in BRSKI or in
> >     > draft-friel-anima-brski-cloud is where the Cloud Registrar's "well
> >     > known" URI comes from and how the pledge knows it. Is it vendor
> >     > specific or what?
> >
> > It is vendor specific, and it's baked in.
> 
> Thanks. That was my working assumption, but I suggest stating it up front in
> draft-friel-anima-brski-cloud.

[ofriel] https://tools.ietf.org/html/draft-ietf-anima-bootstrapping-keyinfra-30#appendix-B states:

"   If no local proxy or registrar service is located using the GRASP
   mechanisms or the above mentioned DNS-based Service Discovery
   methods, the pledge MAY contact a well known manufacturer provided
   bootstrapping server by performing a DNS lookup using a well known
   URI such as "brski-registrar.manufacturer.example.com".  The details
   of the URI are manufacturer specific.  Manufacturers that leverage
   this method on the pledge are responsible for providing the registrar
   service.  Also see Section 2.7."

> 
> > The idea is that we can transform the well-known, but very much
> > proprietary "call-home" process that many devices use today into
> > something that enables a transfer of ownership mechanism.
> 
> Understood.
> 
>     Brian
> 
> _______________________________________________
> Anima mailing list
> Anima@ietf.org
> https://www.ietf.org/mailman/listinfo/anima

v2.23.0 | Report a Bug | By Email