IETF Logo Mail Archive

Re: [Anima] Cloud BRSKI discussion -- Option 1 use cases

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 26 November 2019 22:29 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B505120AFA for <anima@ietfa.amsl.com>; Tue, 26 Nov 2019 14:29:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XdCDtAFMg2S8 for <anima@ietfa.amsl.com>; Tue, 26 Nov 2019 14:29:10 -0800 (PST)
Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D919120AFE for <anima@ietf.org>; Tue, 26 Nov 2019 14:29:10 -0800 (PST)
Received: by mail-pl1-x62c.google.com with SMTP id t8so8725101plr.8 for <anima@ietf.org>; Tue, 26 Nov 2019 14:29:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=9GcraGEu5P5HSBbDCAtjoi0dGZstjMi6FhShX99v74E=; b=GSqLbMJY8Jugs9jSb9XfdI75NWwUcGA1F0KWRPQ+qHHxg4uIpaE0GcNakOZ+j4xS/O 7FH0+01fQY05mIbqoh/TudaglHDPQGyOb5nmHs4zKRXMhxMjNsDlmWZKYro/dk/IN/XO tuamhsdWhD48rKazab9RQzxT3BO0N7TGfaaZ9TgRa3+iEhCDVr52liPWwICDhcTm9/ln 0Ud1cgvuDF2BG8tKsrDm2J0gwyYwRfIcmvLHSo/6TuRRx/f9WUy6aEuPEntdX0VNLkS/ TwM5agiacF1FGZ4cViOzli57yB/5Of6mPwwINW/krzRHUFG4vLxiLlCNBcN5Xp/9jmaV IKLw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=9GcraGEu5P5HSBbDCAtjoi0dGZstjMi6FhShX99v74E=; b=rDxLZRT3wlafceYtP5IiIkBKAshbg0Ikvhd5tE1g8KQtoiISFV1Ucrc3+Lavc+Vos3 /KBYiCjjp7r2S7gwT3zURfhP8xVt9gcZR30rCHPP/x/P5/3ybfKIEQEbhHEFrHaWdalo 1CWQgowEQnGDVjfu9rwfutqvwTyUF4xBlb+VCDBwtvLnS0oDSR/yP7olL5+k9y7G1HOk V3YEIptbaZSjqRvOF3Xwlo84tK8a7ergWR52NN5APm+lV8x3fJNw1qvaBEGi9xJIIZ8A HflDg2khWmYr9Oeo9Sn+uMdl6/OoM9oB9nJBHSAwRE2xJ4cY13FF1b4J+RmpKS3IhNJz ZI9g==
X-Gm-Message-State: APjAAAWtvVmrg2D9z1reTi7/0FD4uR71RnJ7yDiJ2irDZ+J3OgtIBDtX ahudvINsWm4X8vNy4/kicscJMvHz
X-Google-Smtp-Source: APXvYqwMPuuCJbUUaArmw3oQTPUilSwaqpv/T5o7wDXKyy/GVphY22k+tPThml7ds0kcpmaGPz5Z+Q==
X-Received: by 2002:a17:902:70cc:: with SMTP id l12mr713305plt.198.1574807349342; Tue, 26 Nov 2019 14:29:09 -0800 (PST)
Received: from [192.168.178.30] (8.166.69.111.dynamic.snap.net.nz. [111.69.166.8]) by smtp.gmail.com with ESMTPSA id y81sm13946514pfb.178.2019.11.26.14.29.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 26 Nov 2019 14:29:08 -0800 (PST)
To: "Owen Friel (ofriel)" <ofriel@cisco.com>, Michael Richardson <mcr@sandelman.ca>
Cc: "anima@ietf.org" <anima@ietf.org>
References: <5D36713D8A4E7348A7E10DF7437A4B9299B9FAD2@NKGEML515-MBX.china.huawei.com> <MN2PR11MB3901DD8CF27429ECAF1AA874DB780@MN2PR11MB3901.namprd11.prod.outlook.com> <28576.1574580524@dooku.sandelman.ca> <9c60c895-9e14-c064-9f4a-306c5d7a1105@gmail.com> <1120.1574673282@dooku.sandelman.ca> <29988aee-9b8e-afab-1498-80dcf8b9f6fd@gmail.com> <MN2PR11MB3901B871673CD491B3089542DB450@MN2PR11MB3901.namprd11.prod.outlook.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <0caf0245-2364-cd6e-7a33-969b39cf4a9a@gmail.com>
Date: Wed, 27 Nov 2019 11:29:06 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <MN2PR11MB3901B871673CD491B3089542DB450@MN2PR11MB3901.namprd11.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/ccQvqKCVuTLTf-YeaKBKjDrmgbw>
Subject: Re: [Anima] Cloud BRSKI discussion -- Option 1 use cases
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Nov 2019 22:29:12 -0000

On 27-Nov-19 10:57, Owen Friel (ofriel) wrote:
> 
> 
>> -----Original Message-----
>> From: Anima <anima-bounces@ietf.org> On Behalf Of Brian E Carpenter
>> Sent: 25 November 2019 19:25
>> To: Michael Richardson <mcr@sandelman.ca>
>> Cc: anima@ietf.org
>> Subject: Re: [Anima] Cloud BRSKI discussion -- Option 1 use cases
>>
>> On 25-Nov-19 22:14, Michael Richardson wrote:
>>>
>>> Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>>>     > One thing that doesn't seem to be clear either in BRSKI or in
>>>     > draft-friel-anima-brski-cloud is where the Cloud Registrar's "well
>>>     > known" URI comes from and how the pledge knows it. Is it vendor
>>>     > specific or what?
>>>
>>> It is vendor specific, and it's baked in.
>>
>> Thanks. That was my working assumption, but I suggest stating it up front in
>> draft-friel-anima-brski-cloud.
> 
> [ofriel] https://tools.ietf.org/html/draft-ietf-anima-bootstrapping-keyinfra-30#appendix-B states:
> 
> "   If no local proxy or registrar service is located using the GRASP
>    mechanisms or the above mentioned DNS-based Service Discovery
>    methods, the pledge MAY contact a well known manufacturer provided
>    bootstrapping server by performing a DNS lookup using a well known
>    URI such as "brski-registrar.manufacturer.example.com".  The details
>    of the URI are manufacturer specific.  Manufacturers that leverage
>    this method on the pledge are responsible for providing the registrar
>    service.  Also see Section 2.7."

Fair enough, but that doesn't capture "baked in" and you probably want
manufacturers to be aware of that requirement, especially since this is
distinct from baking in the MUD URL.

   Brian

> 
>>
>>> The idea is that we can transform the well-known, but very much
>>> proprietary "call-home" process that many devices use today into
>>> something that enables a transfer of ownership mechanism.
>>
>> Understood.
>>
>>     Brian
>>
>> _______________________________________________
>> Anima mailing list
>> Anima@ietf.org
>> https://www.ietf.org/mailman/listinfo/anima
>

v2.23.0 | Report a Bug | By Email