[Anima] Brian/anima: trust notion of ASA communications

Toerless Eckert <tte@cs.fau.de> Thu, 06 February 2020 20:59 UTC

Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id D75ED12012A for <anima@ietfa.amsl.com>; Thu, 6 Feb 2020 12:59:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.949
X-Spam-Status: No, score=-3.949 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id yafLqKhfCL0o for <anima@ietfa.amsl.com>; Thu, 6 Feb 2020 12:59:55 -0800 (PST)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD64812022A for <anima@ietf.org>; Thu, 6 Feb 2020 12:59:55 -0800 (PST)
Received: from faui48f.informatik.uni-erlangen.de (faui48f.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:52]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id BE824548015; Thu, 6 Feb 2020 21:59:49 +0100 (CET)
Received: by faui48f.informatik.uni-erlangen.de (Postfix, from userid 10463) id B7F34440059; Thu, 6 Feb 2020 21:59:49 +0100 (CET)
Date: Thu, 6 Feb 2020 21:59:49 +0100
From: Toerless Eckert <tte@cs.fau.de>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: anima@ietf.org
Message-ID: <20200206205949.GD14549@faui48f.informatik.uni-erlangen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/adW7iJfFVtZ_xDCtR-Vrr3WxL94>
Subject: [Anima] Brian/anima: trust notion of ASA communications
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Feb 2020 20:59:58 -0000

Hi Brian, 

sorry to pick you out, but i think you've got the best overview of
the ongoing set of ASA related docs.

I just got reminded through ongoing ACP spec review about something that
would be good to write into the appropriate ASA spec, but not sure which

One of the fundamental problems we have to solve longer term is how we
can establish better than "Any ANI peer is equally trusted" notion.

Short term, i'll propose when i have time to have according roles in
the ANI certificates, but thats really a non-autonomic solution because
some outside intelligence (operator) has to assign such a role.

In reality today, its family,friends,colleagues&media that establish
the trust notion for us: trust foo.com to provide service bar, but
certainly not acme.com. The fact that you can then cryptographically
(web-Cert) assert that you're really talking to foo.com is really just
a secondary dependency.

I think DINRG is working in this direction, but have failed to track.
Maybe there is a way to collaborate on this, aka: see if/when they might
have output we could think to adopt/leverae.

But its fundamental if we want to move into more autonomic solutions
beyond just supporting the current SDN model.

Right now we expect objective announcements from any node to be equally
trustworthy and decide on selecting one only on announced parameters
(also subject to equal trust) and network parameter comparison.
And of course, this goes beyond trust into performance vetting by
others and so on.

Trying to figure out the most easy use-case would also be quite
helpfull. aka: what the most short term useful ASA that we'd like to
have spread around the network, where we could apply different degrees
of these mechanisms...