Re: [Ideas] Your Input requested: Charter Proposal New Version
Albert Cabellos <albert.cabellos@gmail.com> Fri, 18 August 2017 05:59 UTC
Return-Path: <albert.cabellos@gmail.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD7CE1323D7 for <ideas@ietfa.amsl.com>; Thu, 17 Aug 2017 22:59:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LmJdgDeRLQd7 for <ideas@ietfa.amsl.com>; Thu, 17 Aug 2017 22:59:54 -0700 (PDT)
Received: from mail-yw0-x236.google.com (mail-yw0-x236.google.com [IPv6:2607:f8b0:4002:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1DD213239E for <ideas@ietf.org>; Thu, 17 Aug 2017 22:59:53 -0700 (PDT)
Received: by mail-yw0-x236.google.com with SMTP id p68so53430832ywg.0 for <ideas@ietf.org>; Thu, 17 Aug 2017 22:59:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=919agIFsV5ibUgwegGyK6m4T/gsjebovOSB94gRjPCA=; b=ATNspGIUXJCXYMftJmYcfv5qcJPlFRtR/laeN8tmZrdFGPZr65GB5GvFI9GVYCF4Re AvuJZAXh8woIvIC8+Rjy58ZI87o3MzzwiaK9WYPb/q/KkZlVfgP4QnBOhjWLfRaXJWYN lw19Tlyn4U3Zg49HpFRdB56q50FDomo1Y8jxcrpDWNhalJCqgCLXBFGk7M44Kfyrumy3 mJ+ifJYX3MplK3WXQ8U757KTqNIJk0y4DyvYknG27175iNDLKxA9tMZTKJnS7X8BpyvH t/O1MoWNtYesXttDmP9Y/RLuiJCHigdf/Sj1DbhA7b/a0mzpIZY1X+JuZk7ECJsSfNgu H15g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=919agIFsV5ibUgwegGyK6m4T/gsjebovOSB94gRjPCA=; b=nl7yxAh22W84h/BYrEuT40PUMKCLLK5HR+aasHewJr9aOWvjaANQ7VqT5l+mBkKmf0 oQC+w40Ev9S6RoWnS2ZOfQlPMmZJV/QMPSW0BpXkhAR7WQyICbArTj0A6CEIbvj2Gre1 UvZASJfATPqoZ6lAP0+R5+toZ7HkwJrw5vOTuhX8fus0/9AQWxPaASvaaDaFHd9mIPi3 OiRtjAg6AR7iApRiR7gW/cPso5/bQK8yS2rKaMzUq/H6x139nNzqwiOtvHl7I1zfJ68Q gMhESsu7JUFhXLOUVHZps9WofmzmjGgpkA4mh5xb5i6XR8dijQ3qQ9js4zkCwP85CJ5P jtlA==
X-Gm-Message-State: AHYfb5jgb+I23UEq9uDzHWHGfJOWZuKWllKvPORIYadQmdhIROyRYEpW WUjBywOLrvKwzua5z2FKD8HEr2ShfQ==
X-Received: by 10.37.35.150 with SMTP id j144mr6731171ybj.263.1503035993078; Thu, 17 Aug 2017 22:59:53 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.172.141 with HTTP; Thu, 17 Aug 2017 22:59:52 -0700 (PDT)
In-Reply-To: <CAG-CQxpxDXxLXdu0a2GdBRfTFLM_C+jqCz58HoNim52C7Yzr8g@mail.gmail.com>
References: <CAG-CQxpxDXxLXdu0a2GdBRfTFLM_C+jqCz58HoNim52C7Yzr8g@mail.gmail.com>
From: Albert Cabellos <albert.cabellos@gmail.com>
Date: Fri, 18 Aug 2017 14:59:52 +0900
Message-ID: <CAGE_QezNYiWSMpXJSGrMG6a+KBXxyja4CvCm83=TwCbM40tyPg@mail.gmail.com>
To: Padma Pillay-Esnault <padma.ietf@gmail.com>
Cc: ideas@ietf.org
Content-Type: multipart/alternative; boundary="001a113d471e73da1f055700d614"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/Uk3VjugYEoJh_azInLXIwCowuWU>
Subject: Re: [Ideas] Your Input requested: Charter Proposal New Version
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Aug 2017 05:59:57 -0000
Hi all I agree -in general- with the charter in its current form, below you can find some comments inline: On Mon, Aug 7, 2017 at 2:20 PM, Padma Pillay-Esnault <padma.ietf@gmail.com> wrote: > Dear IDEAS, > > Thanks to everyone who sent their comments and feedback both on the list > and off the list. > > This new version should address comments from: > - Michael Menth. Michael, please let us know if this revision address > some of your comments on clarity. > - Alex Clemm. Alex , please chime on the revision regarding your addition. > - Tom Herbert. Tom, Some of your suggestions are incorporated in this > version. > -Tom and Alex, this version include specific working that the framework is > modular. The set of areas to be covered has been reordered to put the basic > identifier protocol common infrastructure first and then the new identity > concept and functionalities. > - Georgios Karagiannis, Uma Chundhuri. Georgios, Uma, there is still an > ongoing discussion about the framework. This version is flexible enough to > accommodate the work to be done on defining the framework. > - Uma Chundhuri. Uma, the pub/sub reference should cover the inter-grids > aspect if needed. > > Please find the new version below: > > IDEAS: “IDentity EnAbled networkS” > > > > Proposed Charter > > > > Network solutions based on the concept of Identifier-Locator separation > are increasingly considered to support mobility and multi-homing across > heterogeneous access networks. Identifier-locator separation protocols > require infrastructure that allows nodes to discover the network > topological location(s) of its peer(s) for packet delivery. A common > infrastructure and protocol could be used by identifier/locator protocols > as well as network virtualization. However, additional infrastructure and > new protocol extensions are needed to address new requirements that go well > beyond the traditional discovery service and mapping of > identifier-to-location for packet delivery. > > > I suggest also mentioning overlay networking for virtualization as a use-case. > At the same time, end users require greater privacy for their networking > information and protection from outside threats, while operators demand > greater operational efficiency. Identity-enabled networks aim to enable > networking applications and services that provide a high degree of privacy > and control of end points over their networking data, coupled with greater > inherent security than provided by today’s networks. > > > > To this end, the working group shall: > > - define a framework for the development of an identifier/locator mapping > system that provides a common solution for all identifier/locator mapping > protocols and network virtualization. > specify instead of define? (same across the charter, specify instead of develop, etc) 'for *existing* identifier/locator mapping' --> 'all' might be too generic and not realizable. > > > - in addition, introduce the concept of identity-identifier split and new > mechanisms that let endpoints dynamically change identifiers. These new > functionalities may, for example, facilitate anonymity through obscurity > while preventing security issues that might result from abuse, ensuring > that information about actual endpoints and their location is revealed only > on a need-to-know basis. > why 'in addition'? The itemization already implicitly states: 'in addition'. > > > Some examples of the problem space are: > why 'some examples'? This looks very vague. From my understanding below you have a solid and complete definition of the problem state. I suggest rewriting to "The problem space is:" > - Common infrastructure and primitives: The lack of a common > infrastructure is a barrier for the application of common and consistent > basic networking policies. Likewise, mapping services and infrastructure > that apply to identity-identifier as well as identifier-locator mappings > reduces operational and deployment complexity. > > > > - Access control: Unrestricted look up on an identifier may reveal > information such as the locator to eavesdroppers. Today, there is no way to > prevent the look up of an identifier with some user defined policy or finer > grain rules. > > > > - Privacy: The use of long-lived and public identifiers may be desirable > for looking up a peer, however it causes privacy issues as well. Indeed, > when identifier-location pairs can be looked up without restriction, flows > can be pinned by anybody to specific end systems. The endpoint > communications should be able to change their identifier while retaining > their identity and associated policies. The use of temporary identifiers > and access control on lookups should help discourage undesired traffic and > conceal sensitive network information of end devices to eavesdroppers. > > > > The Identity Enabled Networks (IDEAS) working group is chartered to > develop a common framework that can be used by identifier-based protocols > and provides services to address their requirements. We refer to the common > framework providing the set of services as Generic Identity Services > (GRIDS). > > > > The working group will identify gaps and make recommendations on changes > needed for interactions between the framework and identifier-enabled > protocols. > > > > Specifically, the IDEAS WG is chartered to work on these areas for the > modular framework: > > > > - Definition of primitives for interworking with identifier-location split > protocols > > - Identifier/locator mapping and resolution (e.g. discovery, pub/sub, > multihoming, ...) > > - Registration and lifecycle management of identities and their associated > identifiers. > > - Identity authentication and authorization (e.g. access to framework, > update of information for identifiers..) > > - Definition and enforcement of basic networking policies (e.g. ability to > look up an identifier-locator pair, permit forwarding traffic for > particular endpoints on a per-identity basis…) > > - Identity and Identifier Metadata (fixed or slow changing) > > - Management aspects and Data Models where appropriate. > > > > The IDEAS WG will collaborate with other Working Groups to ensure > interoperability with LISP, HIP, ILA and other relevant work. Furthermore, > it will try to reuse technologies already developed when appropriate. > > > > WG deliverables include the definition: > > Generic Identity Services Framework > > > > WG sustaining/informational documents may include: > > These documents may not necessarily be published, but may be maintained in > a draft form or on a collaborative Working Group wiki to support the > efforts of the Working Group and help new comers: > > - Problem statement > > - Use cases > > - Requirements > > - Applications of the architecture for use cases > > > > Milestones > > March 2018 Adopt WG draft for the Generic Identity Services framework > > August 2018 WGLC for the Generic Identity Services framework > > December 2018 Send Generic Identity Services framework draft to the IESG > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > >
- [Ideas] Your Input requested: Charter Proposal Ne… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Yingzhen Qu
- Re: [Ideas] Your Input requested: Charter Proposa… Michael Menth
- Re: [Ideas] Your Input requested: Charter Proposa… Tom Herbert
- Re: [Ideas] Your Input requested: Charter Proposa… Diego R. Lopez
- Re: [Ideas] Your Input requested: Charter Proposa… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Tom Herbert
- Re: [Ideas] Your Input requested: Charter Proposa… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Alexander Clemm
- Re: [Ideas] Your Input requested: Charter Proposa… Padmadevi Pillay Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Alexander Clemm
- Re: [Ideas] Your Input requested: Charter Proposa… Padmadevi Pillay Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Sam Sun
- Re: [Ideas] Your Input requested: Charter Proposa… Padmadevi Pillay Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Alexander Clemm
- Re: [Ideas] Your Input requested: Charter Proposa… Uma Chunduri
- Re: [Ideas] Your Input requested: Charter Proposa… Uma Chunduri
- Re: [Ideas] Your Input requested: Charter Proposa… Diego R. Lopez
- Re: [Ideas] Your Input requested: Charter Proposa… Uma Chunduri
- Re: [Ideas] Your Input requested: Charter Proposa… Lan Gao
- Re: [Ideas] Your Input requested: Charter Proposa… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Robert Moskowitz
- Re: [Ideas] Your Input requested: Charter Proposa… Dino Farinacci
- Re: [Ideas] Your Input requested: Charter Proposa… Shreyasee Mukherjee
- Re: [Ideas] Your Input requested: Charter Proposa… Di Ma
- Re: [Ideas] Your Input requested: Charter Proposa… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Dino Farinacci
- Re: [Ideas] Your Input requested: Charter Proposa… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Padma Pillay-Esnault
- Re: [Ideas] Your Input requested: Charter Proposa… Alexander Clemm
- Re: [Ideas] Your Input requested: Charter Proposa… Dipankar Raychaudhuri
- Re: [Ideas] Your Input requested: Charter Proposa… Robert Moskowitz
- Re: [Ideas] Your Input requested: Charter Proposa… Liubingyang (Bryan)
- Re: [Ideas] Your Input requested: Charter Proposa… Dipankar Raychaudhuri
- Re: [Ideas] Your Input requested: Charter Proposa… Albert Cabellos