Re: [Ideas] [lisp] WG Review: IDentity Enabled Networks (ideas)

Eric Rescorla <ekr@rtfm.com> Wed, 11 October 2017 19:44 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29A041342DB for <ideas@ietfa.amsl.com>; Wed, 11 Oct 2017 12:44:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eqagzkaDOIJ1 for <ideas@ietfa.amsl.com>; Wed, 11 Oct 2017 12:44:27 -0700 (PDT)
Received: from mail-qt0-x230.google.com (mail-qt0-x230.google.com [IPv6:2607:f8b0:400d:c0d::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75BC51321DC for <ideas@ietf.org>; Wed, 11 Oct 2017 12:44:27 -0700 (PDT)
Received: by mail-qt0-x230.google.com with SMTP id a43so8742741qta.0 for <ideas@ietf.org>; Wed, 11 Oct 2017 12:44:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=C8GjxdzAv2fl8bNhyQ/q/aRdfCqad8gWHpE69YiZOWk=; b=Y0YVy5N7D3VFLEXSMYQt6Pf7RV20uZShHqTbzEed6zwjWxdXTSLEH9swhHRvm6BQGd SqF1QBYf8HGYx2mlhY3tns0/CPOqgtcr1E0uGzmudZtGyYEt4r6KyaNey0xMapv3JBG2 7PaKmUbqegjNpbLH9mIg3fMkggOrup2zkRyPpKCnmve+ydTJ8PjihZok0xcSrWpbHmjU RhrRva8BEFvB7F23JpI5w/ZJCQwi9AtoQf1YjmJ0meJ+CysilUL0SjPH4t2rlsqA7LPt xL8iN3Ia/M9GWzn9//rtDduMKlwk1dxiITdpKDu/2q2itrM21N10iUCaMZltx0StkDzE Qo1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=C8GjxdzAv2fl8bNhyQ/q/aRdfCqad8gWHpE69YiZOWk=; b=mNu1Ktx/R8TczZD0KxJcl5qC0MHsur2moT5NWZN10IxupZ63pzZFffMYkEStDz9omI Tnr7dcYA4cJStGfVyiV6YJjLjtyUuxLguqMT5dxtdttkoSiDiiuQfmPEfkhIKAfcDJCc nWC0sod0lVMVwzu3e5kyHPunSUfDoZhonkg6e9E3JEzlkP5TSasYJR5bG0nKXOrxDBka jJ97heNSLm2LCnloXMtnLtkycYFUXBz2BB1A7fBB+DlRjHNUgiX5YBsM4OI8i4YcFdd5 n6s7Dn1IuXUHGu9Yn8KmWFWTA5hoRw76HMrvHPDkL1cktzfgITomuWqrJar9kH7nv940 pxLw==
X-Gm-Message-State: AMCzsaU8TtQ9JZgpvEv0qz6+KkOhxHZq2XbZgG7ZV9HlagjgNuR2Lqrj 1P0ANP4iLPcgizKIoKW9zkL6/oeO9JGwdX78pKu1iw==
X-Google-Smtp-Source: AOwi7QCDpkQIJCGbA7HhOdHcL+QhvTMpLAIa+InGYGKfEkFy3Qj8ItPOsV6mtEq5XfVkPdUlkds9O0GpVTvyufrO0U4=
X-Received: by 10.37.45.110 with SMTP id s46mr428166ybe.400.1507751066585; Wed, 11 Oct 2017 12:44:26 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.75.194 with HTTP; Wed, 11 Oct 2017 12:43:46 -0700 (PDT)
In-Reply-To: <17BE9E1D-120B-4508-B765-3799134FD708@gmail.com>
References: <150670160872.14128.2758037992338326085.idtracker@ietfa.amsl.com> <778d5504-ba4f-d418-7b20-356353bb0fb2@cs.tcd.ie> <CAMm+Lwg61PGrcmu=-e8ciD6Q+XmEaWWDys4g2M657VOjWmaGcg@mail.gmail.com> <CALx6S370-TuoUicWep5vV2NjLPS4d-HP1qVxW_nGrxhBLw6Eug@mail.gmail.com> <8kd5pq.oxb4pv.rtlo8t-qmf@mercury.scss.tcd.ie> <644DA50AFA8C314EA9BDDAC83BD38A2E0EAA7204@sjceml521-mbx.china.huawei.com> <dd2c3bd5-dd37-109b-2e81-0327db4daa09@cs.tcd.ie> <0BA14206-DC82-49EF-A625-B2425FA396F6@gmail.com> <1f254140-1340-6c7d-9c73-e7137562c685@gmail.com> <fa644cc2-161f-8884-3445-2b50d2c2ad23@htt-consult.com> <cf2ca920-f2d2-b65e-05eb-ebe3c30b76d1@huitema.net> <CAG-CQxrdS9L+2+bN=1NcPGuztn4U4OwSWUiNaVcS9Bsm2mtpfA@mail.gmail.com> <b18459d1-7ce1-b83d-787d-9066267d584b@huitema.net> <17BE9E1D-120B-4508-B765-3799134FD708@gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 11 Oct 2017 12:43:46 -0700
Message-ID: <CABcZeBPngxTYDHA0T_eeexUyd=yKObADgKz75SNjbWNVoWLfdQ@mail.gmail.com>
To: Dino Farinacci <farinacci@gmail.com>
Cc: Christian Huitema <huitema@huitema.net>, "ietf@ietf.org" <ietf@ietf.org>, "ideas@ietf.org" <ideas@ietf.org>, "lisp@ietf.org list" <lisp@ietf.org>
Content-Type: multipart/alternative; boundary="f4030435adecbbe39d055b4aa667"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/99f5zN4GXfUAap45VZHz14A8oYg>
Subject: Re: [Ideas] [lisp] WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Oct 2017 19:44:29 -0000

On Wed, Oct 11, 2017 at 12:39 PM, Dino Farinacci <farinacci@gmail.com>;
wrote:

> Let me ask for your opinion Christian (or anyone else for that matter). If
> a device is assigned a private/public key-pair and the identifier for the
> device is a hash of the public-key, is the identifier private?
>
>
I can't answer this in isolation. Does the identifier show up on the wire?
If so, then totally.

-Ekr


Is the identifier trackable even when its network location is not generally
> known, not advertised publicly, and possibly changing frequently?
>
> Dino
>
> > On Oct 11, 2017, at 12:34 PM, Christian Huitema <huitema@huitema.net>;
> wrote:
> >
> > On 10/11/2017 10:32 AM, Padma Pillay-Esnault wrote:
> >> but you do not need a reference to a permanent identity for that --
> systems similar to CGA would work just fine.
> >>
> >>
> >> The identity of the device is just adding a lever of identifier which
> effectively allows authentication to modify the identifiers used by that
> device but also what the users of these identifiers can look up. If we had
> used "user of identifier" it would have been misconstrued for humans. So
> damn if you do and damn if you don't ...
> >>
> >> We are open for discussions anytime.
> >>
> >
> > Some thing you should be hearing is that "long term identity of device"
> has almost the same privacy properties as "long term identity of the
> device's owner". You may think that identifying a random piece of hardware
> is no big deal, but it turns out that the network activity and network
> locations of that piece of hardware can be associated to those of its human
> owner. So you need the same kind of protection for these device identifiers
> as for human identifiers.
> > --
> > Christian Huitema
> >
>
>