IETF Logo Mail Archive

Re: [Ideas] [lisp] WG Review: IDentity Enabled Networks (ideas)

Christian Huitema <huitema@huitema.net> Wed, 11 October 2017 19:34 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3D8C13314B for <ideas@ietfa.amsl.com>; Wed, 11 Oct 2017 12:34:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i0nrGFpFeYLD for <ideas@ietfa.amsl.com>; Wed, 11 Oct 2017 12:34:28 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4E9313208E for <ideas@ietf.org>; Wed, 11 Oct 2017 12:34:28 -0700 (PDT)
Received: from xsmtp31.mail2web.com ([168.144.250.234] helo=xsmtp11.mail2web.com) by mx26.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1e2Mlu-0004kL-LB for ideas@ietf.org; Wed, 11 Oct 2017 21:34:27 +0200
Received: from [10.5.2.15] (helo=xmail05.myhosting.com) by xsmtp11.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1e2Mlr-0001u0-EI for ideas@ietf.org; Wed, 11 Oct 2017 15:34:24 -0400
Received: (qmail 17983 invoked from network); 11 Oct 2017 19:34:22 -0000
Received: from unknown (HELO [192.168.1.103]) (Authenticated-user:_huitema@huitema.net@[172.56.42.26]) (envelope-sender <huitema@huitema.net>) by xmail05.myhosting.com (qmail-ldap-1.03) with ESMTPA for <ietf@ietf.org>; 11 Oct 2017 19:34:21 -0000
To: Padma Pillay-Esnault <padma.ietf@gmail.com>
Cc: "ideas@ietf.org" <ideas@ietf.org>, "lisp@ietf.org list" <lisp@ietf.org>, Dino Farinacci <farinacci@gmail.com>, "ietf@ietf.org" <ietf@ietf.org>
References: <150670160872.14128.2758037992338326085.idtracker@ietfa.amsl.com> <778d5504-ba4f-d418-7b20-356353bb0fb2@cs.tcd.ie> <CAMm+Lwg61PGrcmu=-e8ciD6Q+XmEaWWDys4g2M657VOjWmaGcg@mail.gmail.com> <CALx6S370-TuoUicWep5vV2NjLPS4d-HP1qVxW_nGrxhBLw6Eug@mail.gmail.com> <8kd5pq.oxb4pv.rtlo8t-qmf@mercury.scss.tcd.ie> <644DA50AFA8C314EA9BDDAC83BD38A2E0EAA7204@sjceml521-mbx.china.huawei.com> <dd2c3bd5-dd37-109b-2e81-0327db4daa09@cs.tcd.ie> <0BA14206-DC82-49EF-A625-B2425FA396F6@gmail.com> <1f254140-1340-6c7d-9c73-e7137562c685@gmail.com> <fa644cc2-161f-8884-3445-2b50d2c2ad23@htt-consult.com> <cf2ca920-f2d2-b65e-05eb-ebe3c30b76d1@huitema.net> <CAG-CQxrdS9L+2+bN=1NcPGuztn4U4OwSWUiNaVcS9Bsm2mtpfA@mail.gmail.com>
From: Christian Huitema <huitema@huitema.net>
Message-ID: <b18459d1-7ce1-b83d-787d-9066267d584b@huitema.net>
Date: Wed, 11 Oct 2017 12:34:19 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <CAG-CQxrdS9L+2+bN=1NcPGuztn4U4OwSWUiNaVcS9Bsm2mtpfA@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------E14CE32255CE1CCBF53D2ED8"
Content-Language: en-US
X-Originating-IP: 168.144.250.234
X-SpamExperts-Domain: xsmtpout.mail2web.com
X-SpamExperts-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-SpamExperts-Outgoing-Class: ham
X-SpamExperts-Outgoing-Evidence: Combined (0.09)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5iByNP7nk5j/Y1Q+TiGXDQgXv9krsgRhBn0ayn6qsUc7p7He3a39gjg/ 9oOEoAajC61PdOWeIW8R8TgUu5HhPnJhFuXRIl8RfvwDILrcSMZpTGulXfuaNr1V9B1E4+3dI3nk BRYAruZ5hO/GfxnCDKc15MKAE5KxEGDeWlpUyi4Ajj0HlFDoqoWF20+xKQ35+qr5V2ZbZ4HnGWDW DCGQER28QWdnB3wN1Us5flF/yXto+m6tTHY+01PY0Fa/G3bd5Npo8E55I3oL4X/9gaBZfvr6VL1B tSX2x7FdoqxZLLNInsq4c1pop2DuIERl592w1UzGVaY28QIxbnHhmVmUg//xFvReUB/vUq9cRUSN fRacYvJxnE2uvPYPCbpmnXes/ii2IAbWxB6xZ+NuqELn3pmRVYKU9W9tbmVXJBqdHHDm4W04ooUi IegHnDOOrq+/aMk+XoreKQ2SPH1UIIzo7c23FTWvBAoIj/HBKTnC/ezEM7WlAdJFHxvEAket/MWp 8LixlQACPJaGyff01nUzUQ7h9PobrbwB1Jj4vRnvuFdQKx3Zprq3ZEpafGy+zLjUntilh9dvYvV/ 5Pg3UZt3l4cobM5+AwD0A5qDgSPsXJ3GjgObG0KE8JsFWzIVsmKmW5nHEeB4hpRrmo/duzUUp/Jp oblrMa1IlXifk90DDtVXs797QYJMDAOYPtd3KM7+hXLYM3A6BXfvel8OEFDbU529jj6VuEkkQiOd 2CLFCAI+JLQ1IU2ZpZjfZbEadRQesoj2lB9TLiDMfXuvSrucRXqjh4tEWL5TmLyaFLQm70v2psib JQz6bCR19sO/++nnSqCDBedeB75TJ0VuxRY+unEnaeycva4NRXu2m3j3Y8zB9xGo0bndvIE+SDBs cm+vLiZuZ5OAUoGBziSYFLZuu6wTRhJez+ibxiREoUwadL3g
X-Report-Abuse-To: spam@quarantine5.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/7XryWrU-m8SnLTRfzvW2Gw4YOuY>
Subject: Re: [Ideas] [lisp] WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Oct 2017 19:34:31 -0000

On 10/11/2017 10:32 AM, Padma Pillay-Esnault wrote:

>     but you do not need a reference to a permanent identity for that
>     -- systems similar to CGA would work just fine.
>
>  
>
> The identity of the device is just adding a lever of identifier which
> effectively allows authentication to modify the identifiers used by
> that device but also what the users of these identifiers can look up.
> If we had used "user of identifier" it would have been misconstrued
> for humans. So damn if you do and damn if you don't ... 
>
> We are open for discussions anytime.
>

Some thing you should be hearing is that "long term identity of device"
has almost the same privacy properties as "long term identity of the
device's owner". You may think that identifying a random piece of
hardware is no big deal, but it turns out that the network activity and
network locations of that piece of hardware can be associated to those
of its human owner. So you need the same kind of protection for these
device identifiers as for human identifiers.

-- 
Christian Huitema

v2.23.0 | Report a Bug | By Email