Re: Service Identity (Re: Machine Identity)

Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Thu, 28 February 2008 16:05 UTC

Return-Path: <discuss-bounces@ietf.org>
X-Original-To: ietfarch-discuss-archive@core3.amsl.com
Delivered-To: ietfarch-discuss-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D596E28C729; Thu, 28 Feb 2008 08:05:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.553
X-Spam-Level:
X-Spam-Status: No, score=-1.553 tagged_above=-999 required=5 tests=[AWL=0.696, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ToTaxWAbuRsw; Thu, 28 Feb 2008 08:05:15 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 845233A6E73; Thu, 28 Feb 2008 08:05:15 -0800 (PST)
X-Original-To: discuss@core3.amsl.com
Delivered-To: discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9BA1228C6F2 for <discuss@core3.amsl.com>; Thu, 28 Feb 2008 08:05:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fz9KRa4ROQ9e for <discuss@core3.amsl.com>; Thu, 28 Feb 2008 08:05:13 -0800 (PST)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) by core3.amsl.com (Postfix) with ESMTP id B61DD3A6EB5 for <discuss@apps.ietf.org>; Thu, 28 Feb 2008 08:05:12 -0800 (PST)
Received: from localhost (demetrius.jacobs-university.de [212.201.44.32]) by hermes.jacobs-university.de (Postfix) with ESMTP id BDB998A7D0; Thu, 28 Feb 2008 17:05:04 +0100 (CET)
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id 11545-07-43; Thu, 28 Feb 2008 17:04:59 +0100 (CET)
Received: from elstar.iuhb02.iu-bremen.de (elstar.iuhb02.iu-bremen.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id D480E8A71E; Thu, 28 Feb 2008 17:04:23 +0100 (CET)
Received: by elstar.iuhb02.iu-bremen.de (Postfix, from userid 501) id C07604D5D97; Thu, 28 Feb 2008 17:04:22 +0100 (CET)
Date: Thu, 28 Feb 2008 17:04:22 +0100
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Jeroen Massar <jeroen@unfix.org>
Subject: Re: Service Identity (Re: Machine Identity)
Message-ID: <20080228160422.GK8852@elstar.local>
References: <20080226130527.GA1404@generic-nic.net> <20080228112318.GA23196@nic.fr> <20080228114656.GD8439@elstar.local> <Pine.SOL.4.64.0802281405360.10117@kekkonen.cs.hut.fi> <47C6BA02.9090000@spaghetti.zurich.ibm.com> <0aea01c87a12$95cc8df0$0600a8c0@china.huawei.com> <47C6CB64.9060704@spaghetti.zurich.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <47C6CB64.9060704@spaghetti.zurich.ibm.com>
User-Agent: Mutt/1.5.17 (2007-11-01)
X-Virus-Scanned: amavisd-new 2.3.3 (20050822) at jacobs-university.de
Cc: discuss@apps.ietf.org
X-BeenThere: discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: j.schoenwaelder@jacobs-university.de
List-Id: general discussion of application-layer protocols <discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@ietf.org>
List-Help: <mailto:discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@ietf.org?subject=subscribe>
Sender: discuss-bounces@ietf.org
Errors-To: discuss-bounces@ietf.org

On Thu, Feb 28, 2008 at 03:55:32PM +0100, Jeroen Massar wrote:

> Most very likely vhost X has a different IP from host Y, thus using IP's 
> here is one way to go. The problem comes when the IP changes, your service 
> is still the same, but you based your ID on something which is not a stable 
> identifier.
>
> This is of course also all a similar problem with Multihoming and Mobility 
> etc. One day you are IP X the other moment you are IP Z.
>
> The real way to solve this is the Identity layer, and HIP provides just 
> that.

Some 10+ years ago, SNMP decoupled the identity of an SNMP service
from the transport used to access the service by introducing the
notion of an engineID. It was architecturally the right thing to
do. At that time, people hoped that management applications would at
start using engineIDs since they are architecturally the right thing
to deal with proxies, NATs and all sort of issues. Ten years later, we
must simply observe that this did not happen. Perhaps HIP as a more
general solution to this problem has more luck.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>