Re: [Ideas] [lisp] WG Review: IDentity Enabled Networks (ideas)
Eric Rescorla <ekr@rtfm.com> Wed, 11 October 2017 20:16 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC62813307B for <ideas@ietfa.amsl.com>; Wed, 11 Oct 2017 13:16:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oq6wx0DlFG4f for <ideas@ietfa.amsl.com>; Wed, 11 Oct 2017 13:16:56 -0700 (PDT)
Received: from mail-qt0-x229.google.com (mail-qt0-x229.google.com [IPv6:2607:f8b0:400d:c0d::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01294132EDA for <ideas@ietf.org>; Wed, 11 Oct 2017 13:16:56 -0700 (PDT)
Received: by mail-qt0-x229.google.com with SMTP id z28so6505162qtz.13 for <ideas@ietf.org>; Wed, 11 Oct 2017 13:16:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=lMVdzJvvwslKsPtjHj94/rVZeR95JUz/EuuBmkdy9ZE=; b=Ol7V6K1B9Y994WEBXFxakHGdk8kvSDknP/T36R+Rb9J2ZmD5TKaAz00JTsHwcHx+uL +tHssXIKmgmk8tL6+kUhBznUW5jfXlrNQ+ZTM9P4DQIysPGouI7et8PZ+7f8bKRCPtzp bOrluAksyZ1VhtUK9BpaBef9fiCZclQPdeIZkR4zwTiHmn9UCRvRK+ils4XL5iEvjWgB unlxjWjCE3hXjTCQaHvV7X4ceJoj7mwn1TmWCAWwOdxNus+qdGJ8NUk820l+xpGwZUac dKFdST7zAguovj+EJSR1qrIJT+LUUeheB76y+PQ0FkiZyawGOBlggu4ntboJ8RMGH0Yu E1/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=lMVdzJvvwslKsPtjHj94/rVZeR95JUz/EuuBmkdy9ZE=; b=Jd4lQyj2JrBPBxf2QB2JhVMxdMNqzkDol4J1ShLqqAk0ZfUnFXUE0lJP7BCGhwq6JY /b+8mQq3GxBW+O1ZBeXPaz8XUpJPVPe2reNALCxLVs3yu9CZFE63kOjVRCObQwsnmBf0 Zo01+PG/vbUcQWPhMunRmfys3xVwJbHMs0nic1Nzsb9mvoJgtytxfjU8+pDOvpNewnkK dsMAZ8J2niGB99Va3i6gqJvLFhBa4frsbTngdzQUz036e+pMoaJs4jR5hmFfXmnJqC2b pSRqxZWO6ZgEwuyeOJdfPKybmiLh1ZP5fgqIaNacP//jeqoaPLBOZSc/OAKcZ+eepFXn nXAA==
X-Gm-Message-State: AMCzsaWDrcvxigIDxzucyxEccSFvNCD+RRlgi4Va5HyQaeN+1OiPVYz3 PG4/YrNzGqa24J067AsDJNj5HpgAMztulur8ZXYEDA==
X-Google-Smtp-Source: AOwi7QBtyctBc6qRELys5UtjZ73Ph9pGTzJrBHQbYEoHne4EStIR79phCbOSl/Lxdot8fuFINSHthJJCH3/nhYjtGFk=
X-Received: by 10.37.83.66 with SMTP id h63mr452358ybb.397.1507753015112; Wed, 11 Oct 2017 13:16:55 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.75.194 with HTTP; Wed, 11 Oct 2017 13:16:14 -0700 (PDT)
In-Reply-To: <BA1E17F9-4BA1-424C-86D6-A2F677A0A794@gmail.com>
References: <150670160872.14128.2758037992338326085.idtracker@ietfa.amsl.com> <778d5504-ba4f-d418-7b20-356353bb0fb2@cs.tcd.ie> <CAMm+Lwg61PGrcmu=-e8ciD6Q+XmEaWWDys4g2M657VOjWmaGcg@mail.gmail.com> <CALx6S370-TuoUicWep5vV2NjLPS4d-HP1qVxW_nGrxhBLw6Eug@mail.gmail.com> <8kd5pq.oxb4pv.rtlo8t-qmf@mercury.scss.tcd.ie> <644DA50AFA8C314EA9BDDAC83BD38A2E0EAA7204@sjceml521-mbx.china.huawei.com> <dd2c3bd5-dd37-109b-2e81-0327db4daa09@cs.tcd.ie> <0BA14206-DC82-49EF-A625-B2425FA396F6@gmail.com> <1f254140-1340-6c7d-9c73-e7137562c685@gmail.com> <fa644cc2-161f-8884-3445-2b50d2c2ad23@htt-consult.com> <cf2ca920-f2d2-b65e-05eb-ebe3c30b76d1@huitema.net> <CAG-CQxrdS9L+2+bN=1NcPGuztn4U4OwSWUiNaVcS9Bsm2mtpfA@mail.gmail.com> <b18459d1-7ce1-b83d-787d-9066267d584b@huitema.net> <17BE9E1D-120B-4508-B765-3799134FD708@gmail.com> <CABcZeBPngxTYDHA0T_eeexUyd=yKObADgKz75SNjbWNVoWLfdQ@mail.gmail.com> <C570D442-1D74-42FD-8DB6-1B548A96162E@gmail.com> <CABcZeBPn5PTPhERjU=pW4Mp8KtkOxy71ntymunHgvEEvOMFTzg@mail.gmail.com> <BA1E17F9-4BA1-424C-86D6-A2F677A0A794@gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 11 Oct 2017 13:16:14 -0700
Message-ID: <CABcZeBOn2QjoO26upWkCG2zYL+7m-1d=U0ZyiGwqUym+HRctZQ@mail.gmail.com>
To: Dino Farinacci <farinacci@gmail.com>
Cc: Christian Huitema <huitema@huitema.net>, "ietf@ietf.org" <ietf@ietf.org>, "ideas@ietf.org" <ideas@ietf.org>, "lisp@ietf.org list" <lisp@ietf.org>
Content-Type: multipart/alternative; boundary="001a113e688ee00e6d055b4b1aae"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/SXpRbUzb5-Wn3IGBDAh2QK6kHAs>
Subject: Re: [Ideas] [lisp] WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Oct 2017 20:16:58 -0000
On Wed, Oct 11, 2017 at 1:13 PM, Dino Farinacci <farinacci@gmail.com> wrote: > > When the payload is encrypted, it does not. > > > > Are the handshakes that establish the cryptographic keys used to encrypt > the payload themselves encrypted? If it's IKE, the answer is probably yes, > but if not, I don't know. > > For SD-WAN implementations they use IKE. For RFC8061 (lisp-crypto) the > Map-Request/Map-Reply exchange carry the EIDs in the clear. However, DTLS > could be used but it would take more RTTs to get mappings in the > encapsulator (causing more packet loss). > > > So let me ask you these follow-up questions: > > > > (1) If a host sources a packet with its identifier in one VM and an > encapsulator in another VM (in the same physical system) encapsulates the > packet but encrypts the payload before encapsulation, has the identifier > remain private? > > > > (2) If in (1), the packet is decapsulated by an intermmediate point, and > then reencapsulated but the packet is encrypted with a new session key > (from a new ECDH exchange) to the destination, has the identifier remained > private? > > > > Generally, I don't tend to think of things as being "private" or > "non-private". Rather we talk about who has a given capability or piece of > information. I think it's clear that in these cases the identifier was > available to the machine doing the deencapsulation/reencapsulation. > Obviously, that's worse for privacy than having it not have that > information. How much worse depends on a lot of factors. > > It needs the information for table lookups. So how private/trackable are > IP addresses in packets today? > Uh really terrible? That's why things like Tor exist. I'm not sure it's useful to continue with the technical side of the present discussion. We're not trying to design a system here. The requirements for the system the WG is to design is is properly the kind of question that needs to be hashed out for the charter for the WG. -Ekr > > > In this particular, work, however, it seems like the privacy concerns > are about: > > > > 1. Whether the ID mapping systems reveal who is talking to who. > > The charter talks about no designs or solutions. In LISP, the mappings are > not revealed to the world, you need to sign Map-Registers (to make your > network location available to others) and you need to sign Map-Requests > (for retrieving network location). > > And if you cannot get network location, you can't send packets (i.e. DoS) > the destination or any nodes close to the destination (much better than > what we have on the Internet today where anyone can send packets anywhere). > > > 2. Whether this creates persistent identifiers that would otherwise be > destroyed when people changed their location > > We can solve this quite easily. I’ll use Bitcoin wallet addresses as an > example. You can keep changing them for every transaction so there is no > association analysis. We have a working group draft in the LISP WG that > does just that. > > > Maybe Christian and Stephen would like to say more about their concerns > > -Ekr > > Would welcome. > > Dino > >
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Tom Herbert
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Tom Herbert
- Re: [Ideas] WG Review: IDentity Enabled Networks … Dino Farinacci
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Templin, Fred L
- [Ideas] Fwd: Fwd: Re: WG Review: IDentity Enabled… Christian Huitema
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Templin, Fred L
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Tom Herbert
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Templin, Fred L
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Christian Huitema
- Re: [Ideas] WG Review: IDentity Enabled Networks … Christian Huitema
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Templin, Fred L
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Robert Moskowitz
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Uma Chunduri
- Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Ena… Robert Moskowitz
- Re: [Ideas] WG Review: IDentity Enabled Networks … Stephen Farrell
- [Ideas] WG Review: IDentity Enabled Networks (ide… The IESG
- Re: [Ideas] WG Review: IDentity Enabled Networks … Phillip Hallam-Baker
- Re: [Ideas] WG Review: IDentity Enabled Networks … Tom Herbert
- Re: [Ideas] WG Review: IDentity Enabled Networks … stephen.farrell
- Re: [Ideas] WG Review: IDentity Enabled Networks … John C Klensin
- Re: [Ideas] WG Review: IDentity Enabled Networks … Tom Herbert
- Re: [Ideas] WG Review: IDentity Enabled Networks … Alexander Clemm
- Re: [Ideas] WG Review: IDentity Enabled Networks … Eggert, Lars
- Re: [Ideas] WG Review: IDentity Enabled Networks … Stephen Farrell
- Re: [Ideas] WG Review: IDentity Enabled Networks … Dino Farinacci
- Re: [Ideas] WG Review: IDentity Enabled Networks … Stephen Farrell
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padmadevi Pillay Esnault
- Re: [Ideas] WG Review: IDentity Enabled Networks … Jari Arkko
- Re: [Ideas] WG Review: IDentity Enabled Networks … Joel M. Halpern
- Re: [Ideas] WG Review: IDentity Enabled Networks … Brian E Carpenter
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Joel M. Halpern
- Re: [Ideas] WG Review: IDentity Enabled Networks … Alexander Clemm
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] WG Review: IDentity Enabled Networks … Tom Herbert
- Re: [Ideas] WG Review: IDentity Enabled Networks … Dino Farinacci
- Re: [Ideas] WG Review: IDentity Enabled Networks … Yingzhen Qu
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Joel M. Halpern
- Re: [Ideas] WG Review: IDentity Enabled Networks … Benjamin Kaduk
- Re: [Ideas] WG Review: IDentity Enabled Networks … Joel Halpern Direct
- Re: [Ideas] WG Review: IDentity Enabled Networks … Mike StJohns
- Re: [Ideas] WG Review: IDentity Enabled Networks … Phillip Hallam-Baker
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Joel M. Halpern
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] Fwd: Re: WG Review: IDentity Enabled … Padma Pillay-Esnault
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] WG Review: IDentity Enabled Networks … Dino Farinacci
- Re: [Ideas] WG Review: IDentity Enabled Networks … Dino Farinacci
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Georgios Karagiannis
- Re: [Ideas] WG Review: IDentity Enabled Networks … Stephen Farrell
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] WG Review: IDentity Enabled Networks … Stephen Farrell
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] WG Review: IDentity Enabled Networks … S Moonesamy
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] WG Review: IDentity Enabled Networks … S Moonesamy
- Re: [Ideas] WG Review: IDentity Enabled Networks … Tom Herbert
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Tom Herbert
- Re: [Ideas] WG Review: IDentity Enabled Networks … S Moonesamy
- Re: [Ideas] WG Review: IDentity Enabled Networks … Alexander Clemm
- Re: [Ideas] WG Review: IDentity Enabled Networks … Alvaro Retana
- Re: [Ideas] WG Review: IDentity Enabled Networks … Robert Moskowitz
- Re: [Ideas] WG Review: IDentity Enabled Networks … Stephen Farrell
- Re: [Ideas] WG Review: IDentity Enabled Networks … Randy Bush
- Re: [Ideas] WG Review: IDentity Enabled Networks … Eggert, Lars
- Re: [Ideas] WG Review: IDentity Enabled Networks … Stephen Farrell
- Re: [Ideas] WG Review: IDentity Enabled Networks … Uma Chunduri
- Re: [Ideas] WG Review: IDentity Enabled Networks … Randy Bush
- Re: [Ideas] WG Review: IDentity Enabled Networks … Jeff Tantsura
- Re: [Ideas] WG Review: IDentity Enabled Networks … Randy Bush
- Re: [Ideas] WG Review: IDentity Enabled Networks … Robert Moskowitz
- Re: [Ideas] WG Review: IDentity Enabled Networks … Robert Moskowitz
- Re: [Ideas] WG Review: IDentity Enabled Networks … Christian Huitema
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Padma Pillay-Esnault
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Alexander Clemm
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Christian Huitema
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Dino Farinacci
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Eric Rescorla
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Dino Farinacci
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Eric Rescorla
- Re: [Ideas] WG Review: IDentity Enabled Networks … Padma Pillay-Esnault
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Dino Farinacci
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Eric Rescorla
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Sam Sun
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Dino Farinacci
- Re: [Ideas] WG Review: IDentity Enabled Networks … Georgios Karagiannis
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Toerless Eckert
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Tom Herbert
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Toerless Eckert
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Tom Herbert
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… John C Klensin
- Re: [Ideas] [lisp] WG Review: IDentity Enabled Ne… Toerless Eckert