Re: Machine Identity
Keith Moore <moore@network-heretics.com> Tue, 26 February 2008 16:24 UTC
Return-Path: <discuss-bounces@ietf.org>
X-Original-To: ietfarch-discuss-archive@core3.amsl.com
Delivered-To: ietfarch-discuss-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 40CC93A6D4F; Tue, 26 Feb 2008 08:24:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.407
X-Spam-Level:
X-Spam-Status: No, score=-1.407 tagged_above=-999 required=5 tests=[AWL=1.193, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8j5Y13anBguR; Tue, 26 Feb 2008 08:24:22 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0C6163A6D1A; Tue, 26 Feb 2008 08:24:22 -0800 (PST)
X-Original-To: discuss@core3.amsl.com
Delivered-To: discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6E29F3A6CC0 for <discuss@core3.amsl.com>; Tue, 26 Feb 2008 08:24:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ISWTOk1+SKy5 for <discuss@core3.amsl.com>; Tue, 26 Feb 2008 08:24:15 -0800 (PST)
Received: from m1.imap-partners.net (m1.imap-partners.net [64.13.152.131]) by core3.amsl.com (Postfix) with ESMTP id 1E76A3A68F3 for <discuss@apps.ietf.org>; Tue, 26 Feb 2008 08:24:15 -0800 (PST)
Received: from lust.indecency.org (user-119b1dm.biz.mindspring.com [66.149.133.182]) by m1.imap-partners.net (MOS 3.8.4-GA) with ESMTP id AMV84940 (AUTH admin@network-heretics.com) for discuss@apps.ietf.org; Tue, 26 Feb 2008 08:24:06 -0800 (PST)
Message-ID: <47C43D24.6070006@network-heretics.com>
Date: Tue, 26 Feb 2008 11:24:04 -0500
From: Keith Moore <moore@network-heretics.com>
User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031)
MIME-Version: 1.0
To: Jeroen Massar <jeroen@unfix.org>
Subject: Re: Machine Identity
References: <20080226130527.GA1404@generic-nic.net> <47C4101B.6050206@spaghetti.zurich.ibm.com>
In-Reply-To: <47C4101B.6050206@spaghetti.zurich.ibm.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: discuss@apps.ietf.org
X-BeenThere: discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: general discussion of application-layer protocols <discuss.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@ietf.org>
List-Help: <mailto:discuss-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=subscribe>
Sender: discuss-bounces@ietf.org
Errors-To: discuss-bounces@ietf.org
Jeroen Massar wrote: > Stephane Bortzmeyer wrote: > [..] >> There are solutions for some protocols (SSH keys of RFC 4251 or Host >> Identifiers of HIP in RFC 4423 are two good examples) but no general >> "identity layer" in the Internet architecture. > > IMHO HIP (RFC4423) is that exact identity layer and additionally solves > a number of other issues that it was made for. > > The big problem though is that actually getting programs to use this is > cumbersome, simply because a lot of programmers don't know about it. I like HIP. But if there is any OS that ships with HIP support, I haven't heard about it. And as soon as we get a "machine identity" I suspect we'll realize that what people want to identify isn't exactly a "machine" anymore. > Same goes for the use of SRV records, IMHO, instead of point to AAAA/A > records for a service, one should *always* use SRV records. NO. SRV records can only be used with applications that are specified to use SRV records - otherwise you'll break compatibility with legacy applications. And there are very few of these. > SRV records solve loadbalancing, failover and a lot of other issues > mostly already in DNS. Yeah, and they create a tussle between DNS operators and users. > Webbrowsers for instance don't do SRV yet. One of their arguments is > 'lookup time', the same reason that some 'webdevelopers' used IP > addresses in their websites as that would skip the resolving step... > > This is more about educating programmers than anything else... Seems like IETFers need education at least as much as programmers do... Keith
- Re: Machine Identity Dave Crocker
- Machine Identity Stephane Bortzmeyer
- Re: Machine Identity Jeroen Massar
- Re: Machine Identity Stephane Bortzmeyer
- Re: Machine Identity der Mouse
- Re: Machine Identity Stephane Bortzmeyer
- Re: Machine Identity Keith Moore
- Re: Machine Identity der Mouse
- Re: Machine Identity Dave Crocker
- Re: Machine Identity Keith Moore
- Re: Machine Identity Keith Moore
- Re: Machine Identity Dave Crocker
- Re: Machine Identity Dave Crocker
- Re: Machine Identity Keith Moore
- Re: Machine Identity Miika Komu
- Re: Machine Identity Stephane Bortzmeyer
- Re: Machine Identity Juergen Schoenwaelder
- Re: Machine Identity Miika Komu
- Re: Machine Identity Juergen Schoenwaelder
- Re: Machine Identity Balazs Lengyel
- Re: Machine Identity Miika Komu
- Service Identity (Re: Machine Identity) Jeroen Massar
- RE: Service Identity (Re: Machine Identity) David Harrington
- Re: Service Identity (Re: Machine Identity) Jeroen Massar
- Re: Machine Identity Stephane Bortzmeyer
- Re: Machine Identity Dave Crocker
- Re: Service Identity (Re: Machine Identity) Juergen Schoenwaelder
- Re: Machine Identity Stephane Bortzmeyer
- Re: Machine Identity Stephane Bortzmeyer
- Re: Machine Identity Jeroen Massar
- Re: Service Identity (Re: Machine Identity) Jeroen Massar
- Re: Machine Identity Stephane Bortzmeyer
- Re: Machine Identity Jeroen Massar
- Re: Machine Identity Miika Komu
- Re: Machine Identity Dave Crocker
- Re: Machine Identity Dave Crocker
- Re: Machine Identity Frank Ellermann
- Re: Machine Identity Jeroen Massar
- Re: Machine Identity der Mouse
- Re: Service Identity (Re: Machine Identity) Dave Crocker