Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)

Benjamin Kaduk <kaduk@mit.edu> Thu, 05 October 2017 01:37 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CD4C134510; Wed, 4 Oct 2017 18:37:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.801
X-Spam-Level:
X-Spam-Status: No, score=-2.801 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MjbWaAYenBlP; Wed, 4 Oct 2017 18:37:38 -0700 (PDT)
Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu [18.7.68.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17DF213450E; Wed, 4 Oct 2017 18:37:36 -0700 (PDT)
X-AuditID: 12074423-80fff70000005865-1e-59d58cdf2bd7
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id AD.AC.22629.FDC85D95; Wed, 4 Oct 2017 21:37:35 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id v951bYIt021147; Wed, 4 Oct 2017 21:37:35 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v951bU7E030445 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 4 Oct 2017 21:37:33 -0400
Date: Wed, 04 Oct 2017 20:37:30 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: "Joel M. Halpern" <jmh@joelhalpern.com>
Cc: Uma Chunduri <uma.chunduri@huawei.com>, "ideas@ietf.org" <ideas@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Message-ID: <20171005013730.GC96685@kduck.kaduk.org>
References: <150670160872.14128.2758037992338326085.idtracker@ietfa.amsl.com> <778d5504-ba4f-d418-7b20-356353bb0fb2@cs.tcd.ie> <D7D4AEE9-3BD0-4C8F-BCC6-7185AF7D37BA@netapp.com> <9C663B18-21CC-4A16-8B26-7994B12B1DC5@piuha.net> <25B4902B1192E84696414485F572685401A872DE@SJCEML701-CHM.china.huawei.com> <33f100a0-5114-269c-adb4-5db6edb1fd4d@joelhalpern.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <33f100a0-5114-269c-adb4-5db6edb1fd4d@joelhalpern.com>
User-Agent: Mutt/1.8.3 (2017-05-23)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmplleLIzCtJLcpLzFFi42IRYrdT173fczXSYM9Ra4tDR/cyWzzbOJ/F 4uOpN0wWO+5cZXNg8Wg58pbVY8mSn0we56Z8ZwxgjuKySUnNySxLLdK3S+DK+HVpFlPBQraK 7z9WMTcwPmDpYuTgkBAwkWj/a9fFyMUhJLCYSWLXshNsEM4GRol1j4+wQDhXmCReTW5m7WLk 5GARUJE4f+EHC4jNBmQ3dF9mBrFFBLQl9i/5wARiMwuUS2y/P5MNZIOwgKNE+4IgkDAv0LIN MyZAzXzDJPG75S0TREJQ4uTMJywQvVoSN/69ZALpZRaQllj+jwMkzCngLLF/82uwElEBZYl5 +1axTWAUmIWkexaS7lkI3QsYmVcxyqbkVunmJmbmFKcm6xYnJ+blpRbpmunlZpbopaaUbmIE h7CL8g7Gl33ehxgFOBiVeHgjHl2JFGJNLCuuzD3EKMnBpCTKu6v7aqQQX1J+SmVGYnFGfFFp TmrxIUYJDmYlEd71OUA53pTEyqrUonyYlDQHi5I477agXZFCAumJJanZqakFqUUwWRkODiUJ XmtgrAoJFqWmp1akZeaUIKSZODhBhvMADVcBqeEtLkjMLc5Mh8ifYtTluPHw+h8mIZa8/LxU KXHe5SDXCYAUZZTmwc0BpR6J7P01rxjFgd4S5p0JUsUDTFtwk14BLWECWjKn6QrIkpJEhJRU A2NsRdu7+96bf4XaXjOZ1dJ20K/v5W/LnmVxM39Z8XxLsxFybJULETq0+pO+CkOX+ro9oiHW Va8sZhw0lN90ydPwisZiduPITTF8Z7bJPUpdfXKn9vZa3lk5uspb1p9LMlmpkBWy38vm/+tb K9kONf7qKpu8quHPhwNlV1edCT3l2uSQKVq5Rk+JpTgj0VCLuag4EQCYSOZsGAMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/Iv5aDEX2eJMblWMY208BxjsZfzM>
Subject: Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Oct 2017 01:37:39 -0000

On Wed, Oct 04, 2017 at 09:35:38PM -0400, Joel M. Halpern wrote:
> Uma,
>      It simply does not follow that you need an identity in order to be 
> able to update the mapping system.  You do need authentication.
>       If you use DNS, then mechanissm such as the authentication used 
> with dynamic DNS suffice.
>       If you use LISP, then the keying associated with the delegation of 
> the identifier works.
>       If you use MobileIP, then you need the authentication with your 
> home register.
> 
>      There is no need for any special Identity.

My reading of the claim was that authentication is needed in order to
change the actual map itself, which does seem like a true statement,
in general.  Authentication is not necessarily needed just to consume
the map.

-Ben