IETF Logo Mail Archive

Re: [Ideas] BOF @IETF 99 Preparation - problem statement

Uma Chunduri <uma.chunduri@huawei.com> Mon, 12 June 2017 21:12 UTC

Return-Path: <uma.chunduri@huawei.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66AFB12025C for <ideas@ietfa.amsl.com>; Mon, 12 Jun 2017 14:12:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.222
X-Spam-Level:
X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V5pi85vDtJ_5 for <ideas@ietfa.amsl.com>; Mon, 12 Jun 2017 14:12:28 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A79581296CF for <ideas@ietf.org>; Mon, 12 Jun 2017 14:12:27 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DIJ58754; Mon, 12 Jun 2017 21:06:03 +0000 (GMT)
Received: from SJCEML702-CHM.china.huawei.com (10.208.112.38) by lhreml704-cah.china.huawei.com (10.201.108.45) with Microsoft SMTP Server (TLS) id 14.3.301.0; Mon, 12 Jun 2017 22:06:02 +0100
Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.102]) by SJCEML702-CHM.china.huawei.com ([169.254.4.136]) with mapi id 14.03.0301.000; Mon, 12 Jun 2017 14:05:57 -0700
From: Uma Chunduri <uma.chunduri@huawei.com>
To: Tom Herbert <tom@herbertland.com>
CC: Padma Pillay-Esnault <padma.ietf@gmail.com>, "ideas@ietf.org" <ideas@ietf.org>, Michael Menth <menth@uni-tuebingen.de>
Thread-Topic: [Ideas] BOF @IETF 99 Preparation - problem statement
Thread-Index: AQHS4cQUtWuhlPu7rEKIIO+qUnKjRKIfNT4AgACkN4CAAICQgIAAsncAgACKwtCAAJKtgP//jZ4A
Date: Mon, 12 Jun 2017 21:05:57 +0000
Message-ID: <25B4902B1192E84696414485F5726854018CEC59@SJCEML703-CHM.china.huawei.com>
References: <CAG-CQxpeCVwmmYFVXTP_4rq9sB6ZMyDTo5H3DTbnCu4RPnR+sg@mail.gmail.com> <69375c9a-d184-03db-9b44-6be8de8a9b6f@uni-tuebingen.de> <CALx6S36i_eWv8teFtB4oMBd+vDpB1Hg7jJ7kqgPjS5eGVkJN0Q@mail.gmail.com> <a1e80707-b3e9-f7d5-d300-0a2c9d8130e9@uni-tuebingen.de> <CALx6S35K3TosOXMX5dNiz3BKJzXCC+gbpEz17GxNG5J=9yj6tw@mail.gmail.com> <CAG-CQxpTVQ-e6FqsLcu5+pCUarizmK-Yp-PEuuasORq6XF1r7A@mail.gmail.com> <25B4902B1192E84696414485F5726854018CEBAA@SJCEML703-CHM.china.huawei.com> <CALx6S37eXXCXCBgTJVvNaJW-BmSNAkaez_S2+zFzB3qtuuyydg@mail.gmail.com>
In-Reply-To: <CALx6S37eXXCXCBgTJVvNaJW-BmSNAkaez_S2+zFzB3qtuuyydg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.213.49.152]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020203.593F023D.0074, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.102, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 06ed1da8402859dd023d3530cbaf7c4a
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/Icz3LtwUT43HqZ9YSwlaS45myag>
Subject: Re: [Ideas] BOF @IETF 99 Preparation - problem statement
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Jun 2017 21:12:30 -0000

Tom,

In-line [Uma2]:


-----Original Message-----
From: Tom Herbert [mailto:tom@herbertland.com] 
Sent: Monday, June 12, 2017 1:40 PM
To: Uma Chunduri <uma.chunduri@huawei.com>
Cc: Padma Pillay-Esnault <padma.ietf@gmail.com>om>; ideas@ietf.org; Michael Menth <menth@uni-tuebingen.de>
Subject: Re: [Ideas] BOF @IETF 99 Preparation - problem statement

On Mon, Jun 12, 2017 at 12:19 PM, Uma Chunduri <uma.chunduri@huawei.com> wrote:
> Hi Tom,
>
>
>
> Just want to add 2 specific points on top of what Padma said below –
>
>
>
>>I think what you're describing is more address obfuscation than ID/loc  
>>split, or in this case it's the identifier being obfuscated. This is 
>>being  implemented in IPwave for instance to mitigate the tracking 
>>problem. The  need for obfuscation is independent of the ID/loc.
>
>>Address obfuscation only works to the extent that there aren't other 
>>means  to track nodes. For instance, even if we were to use different 
>>addresses for  each packet of a TCP connection, the connection is 
>>trivial to track but just  correlating port numbers,
>
>>sequence and ack numbers sent in the clear. The only way to ensure 
>>privacy  is encrypt everything possible.
>
>
>
> Encryption for obfuscation of identifiers is a too much of a stretch.
> Encryption has its own place and I see it is orthogonal to Identifier 
> obfuscation. While in an unencrypted and  obfuscated identifiers, one 
> can see some aspects of TCP connection, what cannot be done by the 
> eavesdropper is identifying 2 independent  communications related to a particular entity.
> I see this is truly  network layer anonymous communication, if we have 
> the ability to change communication identifiers at will (while 
> maintaining the same identifier for entire session for mobility reasons).
>
> To achieve this a manageable entity called ‘Identity’ for an entity at 
> a central place is needed,  where mapping and other identity related 
> services can be provided  as hinted in GRIDS-REQs document.
>
Uma,

I understand the intent, 

[Uma2]:  Progress..

but I am still dubious 'Identity' is actually required and should be in the core architecture for IDEAS. 

[Uma2]:  Fair question. We would come forth with a 'small' document to address this  question (as discussed in earlier call too) and give the needed attention it deserves.

This is not a concept in any of the identifier locator protocols. 
Also, a host can obfuscate addresses today just by choosing a different address from the block they are assigned for each communication. 
In id/loc the same affect could accomplished by the host getting however many identifiers it needs to use.


[Uma2]:  Well, one can certainly do that. This would give subset of benefits (even from this aspect too) with  more manageability complexity to uniquely identify a communication entity (without any bearing or ability for any policy). 
                   But we don't need 'Identity' just for anonymization of communications and some of the  benefits are illustrated by Michael well here earlier https://www.ietf.org/mail-archive/web/ideas/current/msg00204.html 
                   Also if any new protocol/concept has only relevance at IETF and effort is worth  if it has any relevance for operators obviously (that was my intent in my earlier comment about new revenues..).

--
Uma C.

v2.8.7 | Report a Bug | By Email