Re: Machine Identity

Dave Crocker <dhc@dcrocker.net> Tue, 26 February 2008 20:01 UTC

Return-Path: <discuss-bounces@ietf.org>
X-Original-To: ietfarch-discuss-archive@core3.amsl.com
Delivered-To: ietfarch-discuss-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2F6AF28C7E9; Tue, 26 Feb 2008 12:01:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.896
X-Spam-Level:
X-Spam-Status: No, score=-2.896 tagged_above=-999 required=5 tests=[AWL=-0.297, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C+4swjgHIbc4; Tue, 26 Feb 2008 12:01:11 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1B3DA28C89C; Tue, 26 Feb 2008 12:00:16 -0800 (PST)
X-Original-To: discuss@core3.amsl.com
Delivered-To: discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1451928C842 for <discuss@core3.amsl.com>; Tue, 26 Feb 2008 12:00:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qqVl5n3+GQ9W for <discuss@core3.amsl.com>; Tue, 26 Feb 2008 12:00:09 -0800 (PST)
Received: from sbh17.songbird.com (unknown [IPv6:2001:470:1:76:20e:2eff:fec8:eb01]) by core3.amsl.com (Postfix) with ESMTP id A5AE928C3B0 for <discuss@apps.ietf.org>; Tue, 26 Feb 2008 12:00:04 -0800 (PST)
Received: from [192.168.0.2] (adsl-68-122-124-32.dsl.pltn13.pacbell.net [68.122.124.32]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id m1QJxpMD013061 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 26 Feb 2008 11:59:56 -0800
Message-ID: <47C46FBA.2090009@dcrocker.net>
Date: Tue, 26 Feb 2008 11:59:54 -0800
From: Dave Crocker <dhc@dcrocker.net>
User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)
MIME-Version: 1.0
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Subject: Re: Machine Identity
References: <20080226130527.GA1404@generic-nic.net> <200802261547.KAA20917@Sparkle.Rodents.Montreal.QC.CA> <20080226160412.GA22833@nic.fr>
In-Reply-To: <20080226160412.GA22833@nic.fr>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV 0.92/6003/Tue Feb 26 03:34:31 2008 on sbh17.songbird.com
X-Virus-Status: Clean
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Tue, 26 Feb 2008 11:59:57 -0800 (PST)
Cc: der Mouse <mouse@Rodents.Montreal.QC.CA>, discuss@apps.ietf.org
X-BeenThere: discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: general discussion of application-layer protocols <discuss.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@ietf.org>
List-Help: <mailto:discuss-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=subscribe>
Sender: discuss-bounces@ietf.org
Errors-To: discuss-bounces@ietf.org


Stephane Bortzmeyer wrote:
> Such an identity should be almost unique (as is a number choosen at
> random in a very large space) and the machine should be able to prove
> that it indeed "owns" this identity (as is an ID which is the public
> part of a cryptographic key).
> 
> For me, SSH keys or HIP Host Identifiers fulfill these requirments.


Apologies.  My query about your requirements was sent before receiving your 
later note.

You are talking about an identifier that is used only during a session, since 
the statistical aspect of uniqueness wouldn't be acceptable for a persistent 
identifier.

Let me modify my query.  Rather than asking about your requirements, I'll ask 
about the uses you have in mind.

For example, identity-based initial rendezvous requires a persistent, unique 
identifier that is globally obtainable.  Re-establishing a session well might not.

Simplistically, an identifier that is used between sessions seems to need to be 
globally registered, unique, and obtainable.  An identifier used within a 
session can be transient, private and statistical.

So can you describe particular scenarios you have in mind, where the identifier 
is used?

d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net