Re: [Ideas] New revision posted on draft-ccm-ideas-identity-use-cases

Tom Herbert <tom@herbertland.com> Mon, 16 October 2017 02:47 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F04AA133341 for <ideas@ietfa.amsl.com>; Sun, 15 Oct 2017 19:47:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pN0MFFl0HfnH for <ideas@ietfa.amsl.com>; Sun, 15 Oct 2017 19:47:03 -0700 (PDT)
Received: from mail-qk0-x231.google.com (mail-qk0-x231.google.com [IPv6:2607:f8b0:400d:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72C8C1320DC for <ideas@ietf.org>; Sun, 15 Oct 2017 19:47:03 -0700 (PDT)
Received: by mail-qk0-x231.google.com with SMTP id q83so8080421qke.6 for <ideas@ietf.org>; Sun, 15 Oct 2017 19:47:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=YElqTewhTyUzHThVKDfNQyVSQW6F5bQDlPmigavNwDs=; b=SwHKWyS630laeCCXpYxKljdO8DdVQBQzOZxL/+2t9siccUbXSlITdmxOrsduIFGRrB +ixHRq4F8dT7jR/rKXvUyRit+vXp7nZxDe0+cjq11Fri647OnWxbmqGy7B+3RK8mqcL2 rKMXBs+0iqwG+V+XxJiAuq7LO18G8giprZoLGrTX+VofQUN2v/bMf7SwkQoOSkyNV35Q 1wvO/Vw3MuZJzUwHvvLJqXXNGEc+HY8nDNI+RarJL81Vr1THPrsg79XZ4me4d7u/7gn3 F9199I2s1AICozZWdI7priuFVs5YMQ31wcNdlZWFf3G/DObltXnOvKdwZra60/Wd2Y3K TB4g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=YElqTewhTyUzHThVKDfNQyVSQW6F5bQDlPmigavNwDs=; b=MviT3zAMhf1OYPcRQ1xn9aiEb9UFxXCC0S9JZ44nS6YHn26o/I/aWHv1FTid1xtMkQ UMp9fIdD3DBd9c8agUteQ16lADN9M2WXmGV7YcueLYC72zSQb03pqfGbvArcRsSMpftG koqdooAgAcueIH4TXrvCP0VqA4avRUaVBUZ48hh8Nkdmj/fyoGSru0j91QQJt1F6LKzE F1e9m/KfHxrWfD0WQSK7zJbWTGp8fBNxTKuvLU3A0A3sxrrzpwMhdEpPyMey7ZwHnJdb R7tOf3szvU49zF6iQzUw5KUCCoTARbuAU83oseqCy2q/RJRqDmXLPrnPgYQrfV3bvkzU 0lCg==
X-Gm-Message-State: AMCzsaUSQVTIgjaR0p/UaZpzF4tpfGa4gneRHbHyZzl8wqY0Wb8rSRcj dxWvs4Bj6ef8iacnxYRIwtcjhcmV3i4eP6eMWA1vKw==
X-Google-Smtp-Source: ABhQp+QaIsm49fU5axG+AmykTov2Hoy8Wi6odOzFv/UQJrKQiOo1t1tp8O4CMUx85ddXJdRjOuh8swjw4RnJsuHoXX8=
X-Received: by 10.55.89.65 with SMTP id n62mr10834439qkb.51.1508122022421; Sun, 15 Oct 2017 19:47:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.237.54.4 with HTTP; Sun, 15 Oct 2017 19:47:01 -0700 (PDT)
In-Reply-To: <644DA50AFA8C314EA9BDDAC83BD38A2E0EAA89A5@sjceml521-mbx.china.huawei.com>
References: <644DA50AFA8C314EA9BDDAC83BD38A2E0EAA89A5@sjceml521-mbx.china.huawei.com>
From: Tom Herbert <tom@herbertland.com>
Date: Sun, 15 Oct 2017 19:47:01 -0700
Message-ID: <CALx6S37C2pKKbVUYj2VN1G6A=DqFd_WPMT9ykowaErBsQrr_hQ@mail.gmail.com>
To: Alexander Clemm <alexander.clemm@huawei.com>
Cc: "ideas@ietf.org" <ideas@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/-D-g2QlgT4wtzwslYK0R-AXxJwQ>
Subject: Re: [Ideas] New revision posted on draft-ccm-ideas-identity-use-cases
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Oct 2017 02:47:05 -0000

On Tue, Oct 10, 2017 at 5:30 PM, Alexander Clemm
<alexander.clemm@huawei.com>; wrote:
>
> FWIW, we have just posted an updated revision of the draft on Identity Use Cases in IDEAS:
>
> https://tools.ietf.org/html/draft-ccm-ideas-identity-use-cases-02
>
> We took into account and tried to address recent discussions on the mailing list to improve on the previous version and hopefully alleviate at least some of the concerns that were raised.


Hello,

I have a comment on the definition of "identity" in IDEAS.

This draft defines identity as:

"IDy: Identity - an identifier for a communications entity that MAY be
assigned by the GRIDS-provider and that is used by the provider to
identify and authenticate the communications entity, but that is not
revealed in the packet headers."

By my count this is at least the fifth definition of identity that has
been proposed either in drafts or on the list, and this one is no more
enlightening than any of the previous definitions. First of all, this
says identity is an "identifier". Does this mean that identity is a
type of identifier per the definition of identifier above? Secondly,
this says identity is used to identify a communication entity, however
above it says an identifier "denotes information to unambiguously
identify a communications entity"-- so both of them "identify a
communications entity"... I don't see the difference.

The rest of the draft, including the picture of the relationship
between identifiers, identify, and locators, seems to imply a
potentially more useful and crisp definition of identity. As stated in
the introduction: "An IDy serves as a collection of identifiers that
are associated with the same endpoint". This could be rephrased to
define identity as "a group of identifiers that share some common
properties". Given this "group" definition of identity, then it
becomes natural to consider group policy and group operations over
sets of identifiers.

Tom