[Hipsec-rg] discussion of draft-lee-hip-object-01

[thomas.r.henderson at boeing.com (Henderson, Thomas R)]

Gyu, some responses inline below. 

> -----Original Message-----
> From: Gyu Myoung Lee [mailto:gmlee at icu.ac.kr] 
> Sent: Monday, December 15, 2008 4:12 AM
> To: Henderson, Thomas R
> Cc: skjo at etri.re.kr; jkchoi at icu.ac.kr; 
> hipsec-rg at listserv.cybertrust.com
> Subject: RE: [Hipsec-rg] discussion of draft-lee-hip-object-01
> 
> 
> Dear All
> 
> See detailed answers on questions.
> 
> - who (which software processes) is communicating with whom?  
> A software
> process on an RFID reader talking with a centralized controller or
> inventory manager, for instance?
> 
> HIP Initiator can be a RFID reader which is connected to a 
> RFID tag (object)
> using air interface and HIP Responder can be the information 
> server which
> stores all information of RFID tags. And then, if this 
> information server
> has a role of HIP rendezvous server, a client can directly 
> connect to an
> object behind RFID reader.

I did not understand your last sentence.  You said the HIP initiator is
the RFID reader, but then you mention clients that connect to objects
behind the RFID reader.  
- who is the initiator and the responder?
- what role is the rendezvous server performing?  For other clients who
want to contact the RFID reader but don't know what its current address
is?

Also, what do you mean to connect to an object behind RFID reader?  What
object (the tag)?  And what protocol is used end-to-end?

> 
> - does the RFID reader have a host identity that maps to many object
> identities, or is it one-to-one?
> 
> The RFID reader has one-to-many mapping relationship. So, a 
> host identity of
> RFID reader maps onto many object identities.
> 
> - how is the binding between object identity and host 
> identity secured,
> if at all?
> 
> For this point, I do not have any idea at this moment.
> 
> - what would be the syntax of representing the Object ID (RFID) in the
> HIP protocol data structures?
> 
> There is an EPC (Electronic Product Code) for RFID tag. An 
> EPC is simply a
> number assigned to an RFID tag representative of an actual electronic
> product code. Their value is that they have been carefully 
> characterized and
> categorized to embed certain meanings within their structure 
> which include
> header, EPC manager number, object class number, and serial number.
> 
> - are you concerned about the use case of HIP running over a network
> that is not IP-based?  If so, what is HIP establishing if not IPsec
> security associations?
> 
> For IPsec security associations, HIP will definitely be 
> terminated at the
> RFID reader because HIP should be tightly coupled with network layer.
> Similar with objects inside server, although each object is 
> located remotely
> through air interface with RFID reader, we would like to consider RFID
> reader and tag as the same node virtually. 
> In this case, we can consider two solutions. 
> The one is to put new name space (i.e., object identity) on 
> top of HIP with
> RFID reader. This is the same with case #1 in our document. 
> The other is that object identity replaces host identity on 
> top of network
> layer of RFID reader as we originally suggested (case #2). 
> However, if we
> keep the existing Host_ID as we discussed, this one should be 
> reviewed one
> more time.
> 

In the case where you have a mapping of one host identity to many object
ids, I think that what you are asking for is the ability to separate the
communications at the granularity of an object, not at the granularity
of host id.

That is, in your draft, you are looking for the ability to put an object
identity tag in as a replacement for a host identity tag, so that the
security association would then be from object to object.  If you were
to do as I previously suggested and encode the object identity in the
domain identifier, then you would lose such granularity. 

I think you would like HIP to be adapted so that users could use other
identifiers such as RFID tags and telephone numbers to communicate with
one another.  On a given host, you may have a one-to-one or one-to-many
mapping between host and object ID.  

This would seem to require a mapping service of some sort between host
identifier and object identifier, and also a way to establish channels
between hosts.  A host with two telephone numbers may have one host
identity but you would want the granularity and separation of the data
flows to be at the telephone number level, not the host id level.

You then would probably want some additional granularity in HIP that is
not presently there (the ability that IKEv2 has to establish and
maintain multiple security associations between hosts) plus the ability
to latch these SAs to some higher-level identifiers that you call object
Ids
(see http://tools.ietf.org/html/draft-ietf-btns-connection-latching-06,
although the btns draft is in the context of latching to upper level
transport protocols).

I still think it would help if you were able to describe a specific use
case in great detail, such as "user Ux with telephone number Nx on host
Hx wants to call user Uy at number Ny on host Hy"
- what is the application API, or upper layer protocol, that the
application uses to call Ny?  does it assume UDP, RTP, TCP, etc. on top
of HIP, or make no such assumption?  What identifiers, and how are they
formatted, are passed at the API?

- how does the stack on X, which knows Hx and Ny, know how to find the
corresponding Hy, or is this passed into the stack as part of the API?

- if Hx and Hy already have an active security association set up, can
that be reused, or would you want to see security associations at the
granularity of Nx<->Ny?

Tom