IETF Logo Mail Archive

Re: [hiaps] with respect to the BOF request.

Behcet Sarikaya <sarikaya2012@gmail.com> Thu, 12 December 2013 17:19 UTC

Return-Path: <sarikaya2012@gmail.com>
X-Original-To: hiaps@ietfa.amsl.com
Delivered-To: hiaps@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F1531AE368 for <hiaps@ietfa.amsl.com>; Thu, 12 Dec 2013 09:19:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Level:
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4q_98scOWK9x for <hiaps@ietfa.amsl.com>; Thu, 12 Dec 2013 09:19:50 -0800 (PST)
Received: from mail-la0-x22b.google.com (mail-la0-x22b.google.com [IPv6:2a00:1450:4010:c03::22b]) by ietfa.amsl.com (Postfix) with ESMTP id 37BF61AE059 for <hiaps@ietf.org>; Thu, 12 Dec 2013 09:19:50 -0800 (PST)
Received: by mail-la0-f43.google.com with SMTP id n7so563279lam.30 for <hiaps@ietf.org>; Thu, 12 Dec 2013 09:19:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=vaZP9NeVolqOOTuDubvG22UxM5+eI2pb1d0V0jOx45k=; b=MbAdA/GAY2BjxnMrcATm90BdRFF4lPYBIK94eKQRTyCQkIKkhTHNrvtkypnc/mq+Dt uGYMSifCXPIXssQkUo8rcO9f7C8kHIdqbKo60uMZsHuahM1N8q8/FPwLetvt74O/QN4l 6R6G/Ic4W/E5xDSse65X4XpaBDrYvwEP0OOt63IXECpiK2DRgvzLgbwfOI8l6Hzbarx7 Bm9RslJqadb6+SaUrCyHzUI89vD90YcnKgesUiN1X97hpIWRaumREjX7If3OIxzmRx/t FhVcaiAx7bo24DNbBipivLJIZI7HKJApeWOAgiNkASrIGIern0Ow0S1qE00SRe5+Bjor q22A==
MIME-Version: 1.0
X-Received: by 10.152.1.197 with SMTP id 5mr4478935lao.0.1386868783544; Thu, 12 Dec 2013 09:19:43 -0800 (PST)
Received: by 10.115.4.165 with HTTP; Thu, 12 Dec 2013 09:19:43 -0800 (PST)
In-Reply-To: <52A97466.2060901@bogus.com>
References: <52A97466.2060901@bogus.com>
Date: Thu, 12 Dec 2013 11:19:43 -0600
Message-ID: <CAC8QAceGL2MS3m-CU3FBxP2cf4Gu4JvtkaJ05JjJGxYmtinTMA@mail.gmail.com>
From: Behcet Sarikaya <sarikaya2012@gmail.com>
To: joel jaeggli <joelja@bogus.com>
Content-Type: multipart/alternative; boundary=089e0112bfce317dbf04ed598d22
Cc: hiaps@ietf.org
Subject: Re: [hiaps] with respect to the BOF request.
X-BeenThere: hiaps@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: sarikaya@ieee.org
List-Id: "Host Identification, Address and Prefix Sharing in Wi-Fi Access \(hiaps\)" <hiaps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hiaps>, <mailto:hiaps-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hiaps/>
List-Post: <mailto:hiaps@ietf.org>
List-Help: <mailto:hiaps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hiaps>, <mailto:hiaps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Dec 2013 17:19:52 -0000

Hi Joel,

Thanks for your comments.
My views inline.
Med can say more...


On Thu, Dec 12, 2013 at 2:31 AM, joel jaeggli <joelja@bogus.com> wrote:

> >Description: Host identification is required in IPv4 when the hosts are
> behind a NAT box or
> >when the communication is tunneled such as using IPSec. Host
> identification is also
> >required in IPv6 when the hosts are assigned addresses from a shared
> prefix. In most of
> >these scenarios, the hosts access the network using Wireless Local Area
> Networks, aka
> >Wi-Fi access. In case the hosts are behind a NAT box, there is a strong
> need for the host
> >identification when the host is accessing a fixed network and trying to
> place an emergency >call.
>
> It is likely given current events, that persistent identifiers visible
> to on-path observers are going to be viewed by the IETF community in
> general in an extraordinarily negative light. in particular in the IPv6
> context I would think it antithetical to the goals of regular rotation
> of temporary/privacy or cryptographically generated addresses to retain
> host identity bindings that are visible outside a limited scope e.g. an
> l2 domain and which persist across host address changes.
>
> I understand there are privacy concerns.
But in our case, we justify it strongly on a case-by-case basis.

In our IPv6 case, host identifier is IPv6 address and it needs to be
revealed to the edge router. We don't see any privacy issue here because
the edge router will know IPv6 address of the communicating hosts anyway.

In our IPv4 case, the situation is that the host is in the process of
making an emergency call. The call server to which the host identity will
be revealed has to find the position of the host in order to serve the
host.
Again we don't see the same effects of revealing the host identity  to any
server in this case. It is emergency call situation.

Having said the above two, I think we need to of course clarify these
issues in the drafts as much as possible.

In case of IPv4 we have many other cases, e.g. CGA and the concerns you
mentioned could be valid to some extent, I believe those are somewhat
clarified in Med's RFCs, Med can chip in here to say more.

In terms of employing them for roaming, the question of how would they
> be generated and where who they be stored becomes germain. What
> semantics are they actually carrying and the question of persistence
> further raises the  stakes with respect to revalation to remote observers.
>
>
> I think it was clarified during email discussions on the list that there
is no roaming case per se in hiaps, we do not have any case that requires a
persistent host identity during roaming. Of course we consider mobile hosts
but the identity will be different in each place.



> _______________________________________________
> hiaps mailing list
> hiaps@ietf.org
> https://www.ietf.org/mailman/listinfo/hiaps
>
>

v2.8.7 | Report a Bug | By Email