Re: Machine Identity

Miika Komu <miika@iki.fi> Thu, 28 February 2008 12:13 UTC

Return-Path: <discuss-bounces@ietf.org>
X-Original-To: ietfarch-discuss-archive@core3.amsl.com
Delivered-To: ietfarch-discuss-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AA0C128C42E; Thu, 28 Feb 2008 04:13:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.503
X-Spam-Level:
X-Spam-Status: No, score=-4.503 tagged_above=-999 required=5 tests=[AWL=2.096, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y6vXua6LE2tL; Thu, 28 Feb 2008 04:13:42 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A804C3A6E80; Thu, 28 Feb 2008 04:13:35 -0800 (PST)
X-Original-To: discuss@core3.amsl.com
Delivered-To: discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D3C2B3A6E49 for <discuss@core3.amsl.com>; Thu, 28 Feb 2008 04:13:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RwtQ6nvuusFX for <discuss@core3.amsl.com>; Thu, 28 Feb 2008 04:13:31 -0800 (PST)
Received: from twilight.cs.hut.fi (twilight.cs.hut.fi [130.233.40.5]) by core3.amsl.com (Postfix) with ESMTP id 97C4C3A6E4E for <discuss@apps.ietf.org>; Thu, 28 Feb 2008 04:13:10 -0800 (PST)
Received: by twilight.cs.hut.fi (Postfix, from userid 60001) id B2DD92E7D; Thu, 28 Feb 2008 14:13:01 +0200 (EET)
X-Spam-Niksula: No
Received: from kekkonen (kekkonen.cs.hut.fi [130.233.41.50]) by twilight.cs.hut.fi (Postfix) with ESMTP id 2FC9B2E77; Thu, 28 Feb 2008 14:12:56 +0200 (EET)
Date: Thu, 28 Feb 2008 14:12:56 +0200 (EET)
From: Miika Komu <miika@iki.fi>
X-X-Sender: mkomu@kekkonen.cs.hut.fi
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Subject: Re: Machine Identity
In-Reply-To: <20080228114656.GD8439@elstar.local>
Message-ID: <Pine.SOL.4.64.0802281405360.10117@kekkonen.cs.hut.fi>
References: <20080226130527.GA1404@generic-nic.net> <20080228112318.GA23196@nic.fr> <20080228114656.GD8439@elstar.local>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: discuss@apps.ietf.org
X-BeenThere: discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: general discussion of application-layer protocols <discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@ietf.org>
List-Help: <mailto:discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=subscribe>
Sender: discuss-bounces@ietf.org
Errors-To: discuss-bounces@ietf.org

On Thu, 28 Feb 2008, Juergen Schoenwaelder wrote:

> On Thu, Feb 28, 2008 at 12:23:18PM +0100, Stephane Bortzmeyer wrote:
>
>> An example of an Use Case is given by IKE (RFC 4306). Section 3.5
>> lists several possible identities for a machine, and there is not a
>> clear unique way to define this identity (identities like ID_IPV4_ADDR
>> are typically a poor way to define a machine on the network).
>
> After several years in network management (where the first thing you
> like to have are stable unique identities), I have come to the
> conclusion that it is hopeless to search for such a generally useful
> identity.  What works is all very much dependent on the purpose and
> the specific situation, as others have pointed out before.
>
> And even if someone manages to come up with a good solution, people
> sooner or later will try to circumvent it since in several situations
> it is a feature and not a bug to be able to do dirty things with
> identities.

Hi Juergen,

sorry, but I disagree with your opinion. Please give some pointers to 
publications that back up your conclusion.

-- 
Miika Komu                                       http://www.iki.fi/miika/