IETF Logo Mail Archive

Re: Machine Identity

Miika Komu <miika@iki.fi> Thu, 28 February 2008 13:45 UTC

Return-Path: <discuss-bounces@ietf.org>
X-Original-To: ietfarch-discuss-archive@core3.amsl.com
Delivered-To: ietfarch-discuss-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 061333A6ECE; Thu, 28 Feb 2008 05:45:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.613
X-Spam-Level:
X-Spam-Status: No, score=-4.613 tagged_above=-999 required=5 tests=[AWL=1.986, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wNhkQM7nJBz4; Thu, 28 Feb 2008 05:45:41 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AE6963A6B34; Thu, 28 Feb 2008 05:45:41 -0800 (PST)
X-Original-To: discuss@core3.amsl.com
Delivered-To: discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 599313A6B34 for <discuss@core3.amsl.com>; Thu, 28 Feb 2008 05:45:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jthgZ2yDpb7Y for <discuss@core3.amsl.com>; Thu, 28 Feb 2008 05:45:37 -0800 (PST)
Received: from twilight.cs.hut.fi (twilight.cs.hut.fi [130.233.40.5]) by core3.amsl.com (Postfix) with ESMTP id A9FC83A6A40 for <discuss@apps.ietf.org>; Thu, 28 Feb 2008 05:45:36 -0800 (PST)
Received: by twilight.cs.hut.fi (Postfix, from userid 60001) id CACF42DE8; Thu, 28 Feb 2008 15:45:28 +0200 (EET)
X-Spam-Niksula: No
Received: from kekkonen (kekkonen.cs.hut.fi [130.233.41.50]) by twilight.cs.hut.fi (Postfix) with ESMTP id C16322DA9; Thu, 28 Feb 2008 15:45:27 +0200 (EET)
Date: Thu, 28 Feb 2008 15:45:27 +0200
From: Miika Komu <miika@iki.fi>
X-X-Sender: mkomu@kekkonen.cs.hut.fi
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Subject: Re: Machine Identity
In-Reply-To: <20080228124038.GA8852@elstar.local>
Message-ID: <Pine.SOL.4.64.0802281542270.1574@kekkonen.cs.hut.fi>
References: <20080226130527.GA1404@generic-nic.net> <20080228112318.GA23196@nic.fr> <20080228114656.GD8439@elstar.local> <Pine.SOL.4.64.0802281405360.10117@kekkonen.cs.hut.fi> <20080228124038.GA8852@elstar.local>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Cc: discuss@apps.ietf.org
X-BeenThere: discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: general discussion of application-layer protocols <discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@ietf.org>
List-Help: <mailto:discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=subscribe>
Sender: discuss-bounces@ietf.org
Errors-To: discuss-bounces@ietf.org

On Thu, 28 Feb 2008, Juergen Schoenwaelder wrote:

> On Thu, Feb 28, 2008 at 02:12:56PM +0200, Miika Komu wrote:
>> On Thu, 28 Feb 2008, Juergen Schoenwaelder wrote:
>>
>>> On Thu, Feb 28, 2008 at 12:23:18PM +0100, Stephane Bortzmeyer wrote:
>>>
>>>> An example of an Use Case is given by IKE (RFC 4306). Section 3.5
>>>> lists several possible identities for a machine, and there is not a
>>>> clear unique way to define this identity (identities like ID_IPV4_ADDR
>>>> are typically a poor way to define a machine on the network).
>>>
>>> After several years in network management (where the first thing you
>>> like to have are stable unique identities), I have come to the
>>> conclusion that it is hopeless to search for such a generally useful
>>> identity.  What works is all very much dependent on the purpose and
>>> the specific situation, as others have pointed out before.
>>>
>>> And even if someone manages to come up with a good solution, people
>>> sooner or later will try to circumvent it since in several situations
>>> it is a feature and not a bug to be able to do dirty things with
>>> identities.
>>
>> Hi Juergen,
>>
>> sorry, but I disagree with your opinion. Please give some pointers to
>> publications that back up your conclusion.
>
> I don't know what you disagree with.
>
> - If it is my statement that it is hard to find a stable unique
>  identifier that is generically useful, then simply proof me wrong
>  by example.
>
> - If it is my statement that people will find reasons to muddle around
>  with the uniqueness and stability property of whatever identifer you
>  invent? I guess this is hard to proof so lets call it a hypothesis.

Hi,

sorry, I misread the email first time. I agree that there is no single 
identity that suites all environments on all layers of the stack.

-- 
Miika Komu                                       http://www.iki.fi/miika/

v2.23.0 | Report a Bug | By Email