Re: Machine Identity

der Mouse <mouse@Rodents.Montreal.QC.CA> Tue, 26 February 2008 15:48 UTC

Return-Path: <discuss-bounces@ietf.org>
X-Original-To: ietfarch-discuss-archive@core3.amsl.com
Delivered-To: ietfarch-discuss-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1B34B28C388; Tue, 26 Feb 2008 07:48:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.185
X-Spam-Level:
X-Spam-Status: No, score=-0.185 tagged_above=-999 required=5 tests=[BAYES_40=-0.185]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lOtxS-C0ryLn; Tue, 26 Feb 2008 07:48:03 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E043C28C32E; Tue, 26 Feb 2008 07:48:03 -0800 (PST)
X-Original-To: discuss@core3.amsl.com
Delivered-To: discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 643F828C246 for <discuss@core3.amsl.com>; Tue, 26 Feb 2008 07:48:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SbB1FNwWJUF7 for <discuss@core3.amsl.com>; Tue, 26 Feb 2008 07:48:02 -0800 (PST)
Received: from Sparkle.Rodents.Montreal.QC.CA (Sparkle.Rodents.Montreal.QC.CA [216.46.5.7]) by core3.amsl.com (Postfix) with ESMTP id 5602328C32E for <discuss@apps.ietf.org>; Tue, 26 Feb 2008 07:48:02 -0800 (PST)
Received: (from mouse@localhost) by Sparkle.Rodents.Montreal.QC.CA (8.8.8/8.8.8) id KAA20917; Tue, 26 Feb 2008 10:47:52 -0500 (EST)
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Message-Id: <200802261547.KAA20917@Sparkle.Rodents.Montreal.QC.CA>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway.
X-Message-Flag: Microsoft: the company who gave us the botnet zombies.
Date: Tue, 26 Feb 2008 10:41:41 -0500
To: discuss@apps.ietf.org
Subject: Re: Machine Identity
In-Reply-To: <20080226130527.GA1404@generic-nic.net>
References: <20080226130527.GA1404@generic-nic.net>
X-BeenThere: discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: general discussion of application-layer protocols <discuss.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@ietf.org>
List-Help: <mailto:discuss-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=subscribe>
Sender: discuss-bounces@ietf.org
Errors-To: discuss-bounces@ietf.org

> [...]: there is no standard of identity for machines on the Internet.

> Such an identity should be unique and provable.

This is extremely hard to do, since the machine is represented only by
the software running on it, and that can present any identity it
chooses, unique or not.

This could be "solved" by something like public-key crypto in hardware,
but (a) there's no way to prevent a software implementation short of
something like a PKI signer who signs only stored-in-hardware keys
(which has a whole raft of problems of its own) and (b) a hardware
version has a pile of problems of _its_ own, starting with installed
base and end-user resistance.  (I know *I* certainly wouldn't use such
a thing.)

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B