IETF Logo Mail Archive

Re: sockets APIs extensions for Host Identity Protocol

Miika Komu <miika@iki.fi> Thu, 10 May 2007 18:40 UTC

Return-path: <discuss-bounces@apps.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HmDYf-0002WG-KW; Thu, 10 May 2007 14:40:09 -0400
Received: from discuss by megatron.ietf.org with local (Exim 4.43) id 1HmDYe-0002WB-V5 for discuss-confirm+ok@megatron.ietf.org; Thu, 10 May 2007 14:40:08 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HmDYe-0002W3-LX for discuss@apps.ietf.org; Thu, 10 May 2007 14:40:08 -0400
Received: from twilight.cs.hut.fi ([130.233.40.5]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HmDYd-0004xX-60 for discuss@apps.ietf.org; Thu, 10 May 2007 14:40:08 -0400
Received: by twilight.cs.hut.fi (Postfix, from userid 60001) id 36F912D0C; Thu, 10 May 2007 21:40:06 +0300 (EEST)
X-Spam-Checker-Version: SpamAssassin 3.2.0-niksula20070322 (2007-05-01) on twilight.cs.hut.fi
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=disabled version=3.2.0-niksula20070322
X-Spam-Niksula: No
Received: from kekkonen.cs.hut.fi (kekkonen.cs.hut.fi [130.233.41.50]) by twilight.cs.hut.fi (Postfix) with ESMTP id 980F32D0A; Thu, 10 May 2007 21:40:05 +0300 (EEST)
Date: Thu, 10 May 2007 21:40:05 +0300 (EEST)
From: Miika Komu <miika@iki.fi>
X-X-Sender: mkomu@kekkonen.cs.hut.fi
To: Keith Moore <moore@cs.utk.edu>
Subject: Re: sockets APIs extensions for Host Identity Protocol
In-Reply-To: <4641D94C.9070304@cs.utk.edu>
Message-ID: <Pine.SOL.4.64.0705102013550.10049@kekkonen.cs.hut.fi>
References: <Pine.SOL.4.64.0705041801060.14418@kekkonen.cs.hut.fi> <20070507082737.GB21759@nic.fr> <46413DD7.8020702@cs.utk.edu> <20070509121703.GA21070@nic.fr> <4641CA52.70504@cs.utk.edu> <Pine.LNX.4.64.0705091449360.26169@hermes-1.csi.cam.ac.uk> <4641D94C.9070304@cs.utk.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 082a9cbf4d599f360ac7f815372a6a15
Cc: discuss@apps.ietf.org
X-BeenThere: discuss@apps.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: general discussion of application-layer protocols <discuss.apps.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@apps.ietf.org>
List-Help: <mailto:discuss-request@apps.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=subscribe>
Errors-To: discuss-bounces@apps.ietf.org

On Wed, 9 May 2007, Keith Moore wrote:

Hi,

>>> Fourth, for a variety of reasons, DNS names are not and have never been
>>> adequate as general purpose endpoint identifiers, and this situation is
>>> getting worse rather than better.  One reason is that DNS names are not
>>> equivalent to host names, and emphatically not equivalent to
>>> distinguished host names, and haven't been so at least since the web
>>> came into existence.  A given DNS name might be bound to a single host,
>>> multiple hosts having more-or-less equivalent function, a service, a
>>> community of users, or whatever; the binding might be stable or
>>> ephemeral; and the name might or might not be suitable as a
>>> distinguished name (one chosen preferentially over others for use in
>>> indicating that host, group of hosts, service, whatever).  There's no
>>> way to tell.
>>
>> All of this is true for IP addresses as well.
>>
>
> good point.  though if you collect multiple hosts under the same IP
> address, without considering how this will affect the apps that run on
> those hosts, you pretty much deserve to lose.
>
> neither DNS names nor IP addresses work very well as endpoint identifiers.

thanks for the good points! However, it is not still clear to me what to 
do in the case of HIP aware applications. I hope we can agree that 
something needs to be done at the sockets API layer? At the minimum, we 
want to make the application to use HIP (either by using HITs directly or 
indirectly through locally-scoped identifiers), and provide a way for the 
application to determine that it is using HIP.

My exact question is that what to put into the socket address structures 
when we have HIP-aware applications. Based on the discussion, I think we 
can leave socket address structures based on DNS names out of the scope 
and concentrate on two alternatives: globally scoped HITs and locally 
scoped idenfiers (endpoint descriptors).

The use of globally-scoped HITs has the following trade-offs:
+ No extra translation step from local id to global id
+ Smaller transition step to convert a legacy app to a HIP aware app?
- Opportunistic HIP mode, where the server's HIT is not known before hand,
   will require a locally-scoped identifier anyway. This is similar to
   IN6ADDR_ANY, but it is used for the remote host, i.e.,
   connect(UNKOWN_HIT) where only the locator is known.
- No future proofing against the HIT size

Locally-scoped identifiers have the reverse properties:
- Extra translation step from local id to global id
- Bigger transition step to convert a legacy app to a HIP aware app?
+ All identifiers are of the same type (also in opportunistic HIP mode)
+ Future proofing against changes in the HIT size

If you had to choose between these two, what would you choose and why? 
Do the proposed trade-offs make sense and would have something to add?

P.S. Please notice that the HITs are basically "free" of the NAT burden 
because they are globally scoped, end-to-end identifiers.

-- 
Miika Komu                                       http://www.iki.fi/miika/

v2.8.7 | Report a Bug | By Email