Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Enabled Networks (ideas)

"Templin, Fred L" <Fred.L.Templin@boeing.com> Mon, 02 October 2017 16:55 UTC

Return-Path: <Fred.L.Templin@boeing.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAE7D132D41; Mon, 2 Oct 2017 09:55:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i2FNviIMXLEz; Mon, 2 Oct 2017 09:55:17 -0700 (PDT)
Received: from phx-mbsout-02.mbs.boeing.net (phx-mbsout-02.mbs.boeing.net [130.76.184.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35C0212421A; Mon, 2 Oct 2017 09:55:13 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by phx-mbsout-02.mbs.boeing.net (8.14.4/8.14.4/DOWNSTREAM_MBSOUT) with SMTP id v92GtBBs020164; Mon, 2 Oct 2017 09:55:12 -0700
Received: from XCH15-06-12.nw.nos.boeing.com (xch15-06-12.nw.nos.boeing.com [137.136.239.221]) by phx-mbsout-02.mbs.boeing.net (8.14.4/8.14.4/UPSTREAM_MBSOUT) with ESMTP id v92GtA0q020130 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=OK); Mon, 2 Oct 2017 09:55:10 -0700
Received: from XCH15-06-08.nw.nos.boeing.com (2002:8988:eede::8988:eede) by XCH15-06-12.nw.nos.boeing.com (2002:8988:efdd::8988:efdd) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Mon, 2 Oct 2017 09:55:09 -0700
Received: from XCH15-06-08.nw.nos.boeing.com ([137.136.238.222]) by XCH15-06-08.nw.nos.boeing.com ([137.136.238.222]) with mapi id 15.00.1320.000; Mon, 2 Oct 2017 09:55:10 -0700
From: "Templin, Fred L" <Fred.L.Templin@boeing.com>
To: Christian Huitema <huitema@huitema.net>, Tom Herbert <tom@herbertland.com>
CC: The IESG <iesg@ietf.org>, "ideas@ietf.org" <ideas@ietf.org>
Thread-Topic: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Enabled Networks (ideas)
Thread-Index: AQHTO5b1XXR8U7Y2UkCpxQHITCbUoqLQumHAgAB6ewD//4r3YIAAeuGA//+LOjA=
Date: Mon, 02 Oct 2017 16:55:09 +0000
Message-ID: <c849f4452b574931a6010784711a2b26@XCH15-06-08.nw.nos.boeing.com>
References: <e476f817-580b-9083-48bb-72de1745f1c1@huitema.net> <67067a23-bb7f-08e4-3766-8802d8f3121f@huitema.net> <45e8993a73ef4bb9b3914f32c4609823@XCH15-06-08.nw.nos.boeing.com> <CALx6S35GKkW1GzSDA2qPx9SJWUfGE23SC4gct3H7eg=EUixgCA@mail.gmail.com> <3a9cf74ba67d4222b1c543d8bfccfe20@XCH15-06-08.nw.nos.boeing.com> <a456a012-8baf-0c24-de1c-90f0a17b4f67@huitema.net>
In-Reply-To: <a456a012-8baf-0c24-de1c-90f0a17b4f67@huitema.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [137.136.248.6]
Content-Type: multipart/alternative; boundary="_000_c849f4452b574931a6010784711a2b26XCH150608nwnosboeingcom_"
MIME-Version: 1.0
X-TM-AS-MML: disable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/8FpO9kwctAhXI7EeLVKgP8nqM-s>
Subject: Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Oct 2017 16:55:20 -0000

Hi Christian,

>Fred, that's the kind of statements that really give me pause. "Let's do something dangerous
> on my network because it is well isolated and secure." I am pretty sure that the gentle folks at
> Equifax were thinking along similar lines.

Understood, but for the Aeronautical Telecommunications Network (ATN) it really
is secured at the lower layers and has to be that way. There are no connections to the
open Internet, and there can be no opportunity for rogue ATCs to come in and start
giving orders to airplanes. This is true whether/not there is a Loc/ID split architecture
in place.

Thanks - Fred

From: Christian Huitema [mailto:huitema@huitema.net]
Sent: Monday, October 02, 2017 9:48 AM
To: Templin, Fred L <Fred.L.Templin@boeing.com>; Tom Herbert <tom@herbertland.com>
Cc: The IESG <iesg@ietf.org>; ideas@ietf.org
Subject: Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Enabled Networks (ideas)


On 10/2/2017 9:30 AM, Templin, Fred L wrote:
>If the good guys are able to track mobile devices based on plain text address, doesn't that
> mean the bad guys will be able to do that also? Seems a little bit scary prospect to me in
> the context of aviation...

There are no bad guys in this network. The underlay network is secured against
unauthorized access.

Fred, that's the kind of statements that really give me pause. "Let's do something dangerous on my network because it is well isolated and secure." I am pretty sure that the gentle folks at Equifax were thinking along similar lines.



--

Christian Huitema