IETF Logo Mail Archive

[Ideas] Mapping System Requirements and draft-padma-ideas-problem-statement-00.txt

Dino Farinacci <farinacci@gmail.com> Wed, 21 September 2016 21:13 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA10512B489; Wed, 21 Sep 2016 14:13:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p8ddPQfWIA1m; Wed, 21 Sep 2016 14:13:00 -0700 (PDT)
Received: from mail-pf0-x22c.google.com (mail-pf0-x22c.google.com [IPv6:2607:f8b0:400e:c00::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 604DB12B5D4; Wed, 21 Sep 2016 14:13:00 -0700 (PDT)
Received: by mail-pf0-x22c.google.com with SMTP id 21so22938680pfy.0; Wed, 21 Sep 2016 14:13:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-transfer-encoding:subject:date:message-id:cc:to :mime-version; bh=7CqhoQ7jLU5nZHkS9JzT/cSK5qyxv9XnkGiJzlAV/I8=; b=lGSJQ8LgIgVViOtCRMO0v8jMzGFF1Vsna0JnIRycB4sQxRSWAVdQMEYBP+VHL6v07F ERdj6bbWUaWUzL5WIReXch6dtJxztAav62Zp1AXFPYYRRMwNv4AopNr9LZEkAELWJWbx ajU77Lv8+8zLM7tIU9akjXHXwqQ7nYvpUKs4sAr5/zvVl5+kLzjajrccsdhBYxhjP5am xAMfBi1YsaI/ZVQJuXcx3w5Q9g7igu1G9lTukV4kThxKQNx9/U7+M4tdaFGgin3XhBH8 jpqPhztVaxWd/SUocDtnB3G79lPLnBSZSICkRFrEt2nPQQui5ObD17DTk0u0MtCUDeNw 2mvA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:content-transfer-encoding:subject:date :message-id:cc:to:mime-version; bh=7CqhoQ7jLU5nZHkS9JzT/cSK5qyxv9XnkGiJzlAV/I8=; b=ZwMqzM8HcL888kww9EwWbjNwkBNELHlBC8duMxoj+TYetT0XdvRDd1OIqsfe12qYvx KyBrljB7xJqemd6B5+oovAQQnxgjKBubaWQu0l4lMsH4JqQkRblB7mj81KrJzecF2Db0 /5cniUwBKqmBD+wy/0Iwv7EuoTg4+kPEm2IOW572+HLQZOtdolHpLwa0DHxv3dVOnFtV nyMcH6tIuVjn/RV1O00NmQUvlpVA2vl403Zi9eHYV4mIc8QvOCShdSnBi+Cz6caxFNpZ +fqlQ0iAWSNj1vE9dciAx8i/lKFtF9iCjpNdhjagCp12Y5wPdY6WMqvEJXkRTEJIXaMm Apzw==
X-Gm-Message-State: AE9vXwP9zyZ39d0nqEPE+SajpldWNwVYKwIaGfGkFgOn7ynwoenqtdlNuZFAk+yunPIq5w==
X-Received: by 10.98.71.5 with SMTP id u5mr67415318pfa.98.1474492380001; Wed, 21 Sep 2016 14:13:00 -0700 (PDT)
Received: from [172.31.98.172] (mobile-166-184-174-155.mycingular.net. [166.184.174.155]) by smtp.gmail.com with ESMTPSA id y1sm44285pfd.90.2016.09.21.14.12.58 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 21 Sep 2016 14:12:58 -0700 (PDT)
From: Dino Farinacci <farinacci@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Date: Wed, 21 Sep 2016 14:12:57 -0700
Message-Id: <32C28142-350A-4242-A9C6-9E32D9966601@gmail.com>
To: ideas@ietf.org
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/7N8MyjuESDXzDgb4g3cVBcx_DzE>
Cc: beta@lispers.net, LISP mailing list list <lisp@ietf.org>, NVO3 <nvo3@ietf.org>, lisp-alpha@external.cisco.com, LISPmob <users@lispmob.org>, 5gangip@ietf.org, lisp-ops@external.cisco.com
Subject: [Ideas] Mapping System Requirements and draft-padma-ideas-problem-statement-00.txt
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Sep 2016 21:13:02 -0000

Hello folks. In draft-padma-ideas-problem-statement-00.txt, we have a section on mapping system requirements for map-n-encap and translation based loc/id split protocols. Rather than having you go into the document in detail (we wish you would and comment though), I will provide the short list below to attempt a discussion on requirements. 

I have copied the possible WGs that may want to use the mapping system technology. And I have also copied the LISP working group who can shed expertise on the subject as well as some beta lists that have some operational experiences with mapping database deployment and management.

The requirements below have a security and robustness twist to it but I think that is the best place to start and to consider security “up front”.

Thanks in advance,
Dino

----

6.4.  Mapping System Security

   The secure mapping system must have the following requirements:

   1.  The components of the mapping system need to be robust against
       direct and indirect attacks.  If any component is attacked, the
       rest of the system should act with integrity and scale and only
       the information associated with the compromised component is made
       unavailable.

   2.  The addition and removal of components of the mapping system must
       be performed in a secure matter so as to not violate the
       integrity and operation of the system and service it provides.

   3.  The information returned by components of the mapping system
       needs to be authenticated as to detect spoofing from
       masqueraders.

   4.  Information registered (by publishers) to the mapping system must
       be authenticated so the registering entity or the information is
       not spoofed.

   5.  The mapping system must allow request access (for subscribers) to
       be open and public.  However, it is optional to provide
       confidentiality and authentication of the requesters and the
       information they are requesting.

   6.  Any information provided by components of the mapping system must
       be cryptographically signed by the provider and verified by the
       consumer.

   7.  Message rate-limiting and other heuristics must be part of the
       foundational support of the mapping system to protect the system
       from invalid overloaded conditions.

   8.  The mapping system should support some form of provisioned
       policy.  Either internal to the system or via mechanisms for
       users of the system to describe policy rules.  Access control
       should not use traditional granular-based access lists since they
       do not scale and are hard to manage.  By the use of token- or
       key- based authentication methods as well as deploying multiple
       instances of the mapping system will allow acceptable policy
       profiles.  Machine learning techniques could automate these
       mechanisms.

v2.8.7 | Report a Bug | By Email