IETF Logo Mail Archive

Re: [Ideas] BOF @IETF 99 Preparation - problem statement

Michael Menth <menth@uni-tuebingen.de> Sat, 10 June 2017 08:31 UTC

Return-Path: <menth@uni-tuebingen.de>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BDCD127201 for <ideas@ietfa.amsl.com>; Sat, 10 Jun 2017 01:31:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kVBtLgx7jcUZ for <ideas@ietfa.amsl.com>; Sat, 10 Jun 2017 01:31:55 -0700 (PDT)
Received: from mx04.uni-tuebingen.de (mx04.uni-tuebingen.de [134.2.5.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1D2B127077 for <ideas@ietf.org>; Sat, 10 Jun 2017 01:31:53 -0700 (PDT)
Received: from [192.168.1.101] (hsi-kbw-5-56-217-255.hsi17.kabel-badenwuerttemberg.de [5.56.217.255]) by mx04.uni-tuebingen.de (Postfix) with ESMTPSA id 9A39227A1A; Sat, 10 Jun 2017 10:31:51 +0200 (CEST)
To: Padma Pillay-Esnault <padma.ietf@gmail.com>, ideas@ietf.org
References: <CAG-CQxpeCVwmmYFVXTP_4rq9sB6ZMyDTo5H3DTbnCu4RPnR+sg@mail.gmail.com>
From: Michael Menth <menth@uni-tuebingen.de>
Message-ID: <69375c9a-d184-03db-9b44-6be8de8a9b6f@uni-tuebingen.de>
Date: Sat, 10 Jun 2017 10:31:55 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <CAG-CQxpeCVwmmYFVXTP_4rq9sB6ZMyDTo5H3DTbnCu4RPnR+sg@mail.gmail.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/RPAVBWtNPJhX7_RE4ocQwZD8Cvs>
Subject: Re: [Ideas] BOF @IETF 99 Preparation - problem statement
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Jun 2017 08:31:57 -0000

Dear Padma, all,

I've tried to condense the essence of what I perceived from multiple
IDEAS brainstormings, documents, and email discussions. This may be a
base for a problem statement. Please add missing aspects!

IDentity-EnAbled networkS (IDEAS) describes how identities (Idys),
identifiers (Idfs), and locators may be used for future communication
using existing protocols. Missing features are identified and added.

An Idy is a permanent ID (PID) to uniquely identify an entity. To
protect its privacy, an entity may choose additional temporary IDs
(TIDs) for communications, so-called Idfs. A mapping system maps these
Idfs to their Idy so that communication partners may look up an Idf's
Idy. To preserve its privacy, the entity controls the mapping system and
may restrict access to it for certain Idfs or Idys.

Both Idys and preferentially Idfs may be used for communication. They
identify the communication partner but not her location on the Internet.
To denote the location of an entity, one or more locators are needed
that describe how the Idy/Idf can be reached. A mapping system allows to
look up the locators so that traffic can be sent to the Idy/Idf. This is
the well-known Loc/ID split providing benefits such as improved mobility
(e.g. for VMs in a datacenter), Internet-scale SDN, improved traffic
engineering and other flexibility aspects.

The advantage of that system is that entities may use Idfs for
communication to better protect their Idy. Only authorized communication
partners can find out the corresponding Idys behind. Entities can avoid
being tracked on the Internet by using multiple Idfs or by regularly
changing Idfs. The control of the Idy/Idf mappings can restrict access
to selected requesting Idys/Idfs and also limit that access over time to
implement a right to be forgotten.

The concept improves the current LISP protocol by adding privacy in
communication in a similar way as IPv6 privacy extension avoid being
tracked by a stable MAC address. To that end, access restriction is
needed for mapping system requests which also need to be encrypted to
avoid eavesdropping. Therefore, a major protocol definition effort is
needed for the mapping system that provides the Idf/Idy mapping. Other
aspects of this concept can be assembled from existing pieces but should
be brought together in a recommended fashion.

Michael

-- 
Prof. Dr. habil. Michael Menth
University of Tuebingen
Faculty of Science
Department of Computer Science
Chair of Communication Networks
Sand 13, 72076 Tuebingen, Germany
phone: (+49)-7071/29-70505
fax: (+49)-7071/29-5220
mailto:menth@uni-tuebingen.de
http://kn.inf.uni-tuebingen.de

v2.8.7 | Report a Bug | By Email