IETF Logo Mail Archive

Re: Machine Identity

Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Thu, 28 February 2008 11:47 UTC

Return-Path: <discuss-bounces@ietf.org>
X-Original-To: ietfarch-discuss-archive@core3.amsl.com
Delivered-To: ietfarch-discuss-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E2FFA28C475; Thu, 28 Feb 2008 03:47:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.543
X-Spam-Level:
X-Spam-Status: No, score=-1.543 tagged_above=-999 required=5 tests=[AWL=0.706, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GwstaebWg8o6; Thu, 28 Feb 2008 03:47:19 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F30C83A6A13; Thu, 28 Feb 2008 03:47:16 -0800 (PST)
X-Original-To: discuss@core3.amsl.com
Delivered-To: discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1E9CD3A6DCE for <discuss@core3.amsl.com>; Thu, 28 Feb 2008 03:47:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B1BZNBRnV4+o for <discuss@core3.amsl.com>; Thu, 28 Feb 2008 03:47:10 -0800 (PST)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) by core3.amsl.com (Postfix) with ESMTP id 8345F3A68BF for <discuss@apps.ietf.org>; Thu, 28 Feb 2008 03:47:10 -0800 (PST)
Received: from localhost (demetrius.jacobs-university.de [212.201.44.32]) by hermes.jacobs-university.de (Postfix) with ESMTP id 560888A727; Thu, 28 Feb 2008 12:47:03 +0100 (CET)
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id 15637-01; Thu, 28 Feb 2008 12:46:58 +0100 (CET)
Received: from elstar.local (elstar.iuhb02.iu-bremen.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id EB1708A4CD; Thu, 28 Feb 2008 12:46:57 +0100 (CET)
Received: by elstar.local (Postfix, from userid 501) id 4A6644D556C; Thu, 28 Feb 2008 12:46:56 +0100 (CET)
Date: Thu, 28 Feb 2008 12:46:56 +0100
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Subject: Re: Machine Identity
Message-ID: <20080228114656.GD8439@elstar.local>
References: <20080226130527.GA1404@generic-nic.net> <20080228112318.GA23196@nic.fr>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20080228112318.GA23196@nic.fr>
User-Agent: Mutt/1.5.17 (2007-11-01)
X-Virus-Scanned: amavisd-new 2.3.3 (20050822) at jacobs-university.de
Cc: discuss@apps.ietf.org
X-BeenThere: discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: j.schoenwaelder@jacobs-university.de
List-Id: general discussion of application-layer protocols <discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@ietf.org>
List-Help: <mailto:discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=subscribe>
Sender: discuss-bounces@ietf.org
Errors-To: discuss-bounces@ietf.org

On Thu, Feb 28, 2008 at 12:23:18PM +0100, Stephane Bortzmeyer wrote:
 
> An example of an Use Case is given by IKE (RFC 4306). Section 3.5
> lists several possible identities for a machine, and there is not a
> clear unique way to define this identity (identities like ID_IPV4_ADDR
> are typically a poor way to define a machine on the network).

After several years in network management (where the first thing you
like to have are stable unique identities), I have come to the
conclusion that it is hopeless to search for such a generally useful
identity.  What works is all very much dependent on the purpose and
the specific situation, as others have pointed out before.

And even if someone manages to come up with a good solution, people
sooner or later will try to circumvent it since in several situations
it is a feature and not a bug to be able to do dirty things with
identities.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>

v2.23.0 | Report a Bug | By Email