[Ideas] Fwd: Fwd: Re: WG Review: IDentity Enabled Networks (ideas)

Christian Huitema <huitema@huitema.net> Mon, 02 October 2017 15:55 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 7123313234B for <ideas@ietfa.amsl.com>; Mon, 2 Oct 2017 08:55:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id SNffnxxJP-Kh for <ideas@ietfa.amsl.com>; Mon, 2 Oct 2017 08:55:52 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 788FF13304A for <ideas@ietf.org>; Mon, 2 Oct 2017 08:55:51 -0700 (PDT)
Received: from xsmtp06.mail2web.com ([]) by mx36.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1dz34N-0005Nx-UQ for ideas@ietf.org; Mon, 02 Oct 2017 17:55:49 +0200
Received: from [] (helo=xmail05.myhosting.com) by xsmtp06.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1dz34G-00087g-Ph for ideas@ietf.org; Mon, 02 Oct 2017 11:55:45 -0400
Received: (qmail 4188 invoked from network); 2 Oct 2017 15:55:37 -0000
Received: from unknown (HELO []) (Authenticated-user:_huitema@huitema.net@[]) (envelope-sender <huitema@huitema.net>) by xmail05.myhosting.com (qmail-ldap-1.03) with ESMTPA for <ideas@ietf.org>; 2 Oct 2017 15:55:37 -0000
References: <e476f817-580b-9083-48bb-72de1745f1c1@huitema.net>
To: The IESG <iesg@ietf.org>, ideas@ietf.org
From: Christian Huitema <huitema@huitema.net>
X-Forwarded-Message-Id: <e476f817-580b-9083-48bb-72de1745f1c1@huitema.net>
Message-ID: <67067a23-bb7f-08e4-3766-8802d8f3121f@huitema.net>
Date: Mon, 2 Oct 2017 08:55:36 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <e476f817-580b-9083-48bb-72de1745f1c1@huitema.net>
Content-Type: multipart/alternative; boundary="------------C0223FBA6D252892D234B2EF"
Content-Language: en-US
X-SpamExperts-Domain: xsmtpout.mail2web.com
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=
X-SpamExperts-Outgoing-Class: unsure
X-SpamExperts-Outgoing-Evidence: Combined (0.25)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5uRpdYmWlxtC1fWHyapxk6IXv9krsgRhBn0ayn6qsUc7p7He3a39gjg/ 9oOEoAajC61PdOWeIW8R8TgUu5HhPnKfiMbvyB9bt0CmI37AboPsTGulXfuaNr1V9B1E4+3dI3nk BRYAruZ5hO/GfxnCDKeAoqWDmtF8nD2nEDT705fpjj0HlFDoqoWF20+xKQ35+nd/nGlMBQ0xDQkm A/S/XlviXj3T4KI9X3Edk1VAD/raxm0eXjh1Edf5/6lW85Glx+BFwYDEPnet1tXHsknHYhhwbzpt P1hS4Kj7E/EWE1j8sESBnZ29929fqpFFzBN0ceyPnEGyyfS0ggcDdodDMKpYg9ruAKOoPnwmy4wG 8XtJqWVYNxS4myu1gxnHJBnmumz49PzUWhdE3zEeQF2k5bdHrh2h0Pu50H7NzHw6NK3VYL8jvyeW A9EsRvV6CqjePBKOhcObZXWnkEw+6F9CGyYjmJKJXZ+nOfVIFw1j15M+NioHoPZGa4M+gVoRbXuj eYr/hP0Jmw5F96Fkk2ajdfYHmFDqewO9xyOqCYO8P1aHuJ+q0VAdWduuFNAGSPDW/D0UF36LWvas gj4e2T8BuA1dHghQC//pO9KiygTP+bGFGJcKcttgBZ1L66iO4uqDysibYT4C2qF2lnc18bVJn66J awn+Wnh2kh0k8ZYL6YOzHQk0IjYSNEQ5rGiBTcWNKzwJWw42swm4bO6gacpMpzLdQBUMkAI/PGrN 0+wWmMSTgV2UgQ4fjGXvUpBoNqBFuFjI1dRH6f16eQCtvwPkeoznDkScy96NTyJk9BjUcSB1l1Fr MVSE/J/ewUnTj7YP55q9INbyRwqQyVkoHpS/jX2RVYKU9W9tbmVXJBqdHHDm8ZIH36IzEI956ubs TR4WHrFV5oTvAcwA4rM3FkfW8/2B3o0d/ygg1mkxyifBss2L
X-Report-Abuse-To: spam@quarantine5.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/4Hv25Z6gNDAstyM0u9NQoA_eNuw>
Subject: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Oct 2017 15:55:53 -0000

I just realized that I forget to copy this message to the IESG and IDEAS
mailing lists. Sorry.

-------- Forwarded Message --------
Subject: 	Fwd: Re: WG Review: IDentity Enabled Networks (ideas)
Date: 	Sun, 1 Oct 2017 17:06:46 -0700
From: 	Christian Huitema <huitema@huitema.net>
To: 	IETF Discussion Mailing List <ietf@ietf.org>

On 9/29/2017 9:13 AM, The IESG wrote:

> A new IETF WG has been proposed in the Routing Area. The IESG has not made
> any determination yet. The following draft charter was submitted, and is
> provided for informational purposes only. Please send your comments to the
> IESG mailing list (iesg@ietf.org) by 2017-10-09.
> Network solutions based on the concept of Identifier-Locator separation are
> increasingly considered to support mobility, overlay networking for
> virtualization and multi-homing across heterogeneous access networks.

The problem there is that the same properties that facilitate routing
also facilitate tracking.

Consider a mobile node that switches from a Wi-Fi network to a cellular
network. In the current state of the art, there is no relation between
the Wi-Fi address and the cellular address. Intermediaries cannot
observe the traffic and deduce that two different flows of IP packets
originate from the same node. In contrast, with an ID/Loc architecture,
the two flows are associated with the same identifier, which can then be
used to track the movements of the device.

Similarly, consider a node that connects several times to the same
network, and each time uses IPv6 temporary addresses. The web servers
that it contact cannot use the IP addresses to correlate different
connections that happened at different times. This would change if the
identifier in an ID/LOC architecture remained constant.

Multipath TCP and planned multipath extensions of QUIC are example of
transport protocol that allow transport connections to use multiple
network paths simultaneously. In both cases, there s significant work
going on to ensure that intermediaries cannot easily associate the
traffic on the multiple paths with a single connection. If the
multi-homing function was delegated to an ID/LOC system, intermediaries
could potentially observe the identifiers and associate these connections.

In short, careless applications of the ID/LOC architecture could easily
result in serious privacy issues. The proposed charter does include a
brief statement about privacy:

> - Analysis of the concepts of identity-identifier split and dynamic
> identifier changes, including their implications on anonymity and privacy.
> Explicitly, the framework must define privacy requirements and how potential
> extensions/solutions should meet them.

This is a good start, but the whole concept of "unique identifiers" is
scary, and I would like to see this expanded. For example, I would like
to see an explicit reference to a baseline, e.g. assuring no privacy
downgrade compared to IPv6 temporary addresses, or assuring that hosts
that elect to not be tracked when roaming across networks will not be. I
also know that there have been discussions of hiding identifiers from
intermediaries, and i would like to see that as an explicit goal of the
proposed WG.

Christian Huitema