Re: [Ideas] IDEAS @IETF98 Minutes

Michael Menth <menth@uni-tuebingen.de> Thu, 13 April 2017 09:35 UTC

Return-Path: <menth@uni-tuebingen.de>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38A7312EB88 for <ideas@ietfa.amsl.com>; Thu, 13 Apr 2017 02:35:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jaf1N2442oVV for <ideas@ietfa.amsl.com>; Thu, 13 Apr 2017 02:35:28 -0700 (PDT)
Received: from mx04.uni-tuebingen.de (mx04.uni-tuebingen.de [134.2.5.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D2737129BC4 for <ideas@ietf.org>; Thu, 13 Apr 2017 02:35:26 -0700 (PDT)
Received: from [134.2.11.131] (chaos.informatik.uni-tuebingen.de [134.2.11.131]) by mx04.uni-tuebingen.de (Postfix) with ESMTPSA id 21CFFBD41 for <ideas@ietf.org>; Thu, 13 Apr 2017 11:35:25 +0200 (CEST)
To: ideas@ietf.org
References: <CAG-CQxogviqXizpwsdZpvjLQ9yw+Vx04HBEaq6+AuMr8TyjxdQ@mail.gmail.com>
From: Michael Menth <menth@uni-tuebingen.de>
Message-ID: <d57b3696-ee8d-3ce8-dd1d-d90ad1daf75b@uni-tuebingen.de>
Date: Thu, 13 Apr 2017 11:35:03 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <CAG-CQxogviqXizpwsdZpvjLQ9yw+Vx04HBEaq6+AuMr8TyjxdQ@mail.gmail.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/WVWM7wGhiWWtnHiuD3PunezNZaE>
Subject: Re: [Ideas] IDEAS @IETF98 Minutes
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Apr 2017 09:35:31 -0000

Thanks a lot for the minutes - very informative.

Regards, Michael

Am 13.04.2017 um 09:01 schrieb Padma Pillay-Esnault:
>  
> 
> __
> 
> Please find below the minutes of the meeting.__
> 
> Many thanks to our two scribes: Toerless Eckert and Uma Chunduri.____
> 
> 
> If you have any comments/corrections please let us know.
> 
> Thanks
> 
> Padma____
> 
> 
> IDEAS Side Meeting Minutes 
> 
>  
> 
> 1. Slides
> 
> Please find below a pointer to the slides
> 
> https://drive.google.com/drive/folders/0BwYx7u1T_20RODdLaWpIdk9feHc?usp=sharing
> 
>  
> 
>  
> 
> 2. Agenda 
> 
> 2.1. Introduction and Problem Statement for IDEAS  - Padma Pillay-Esnault
> 
>  
> 
> https://www.ietf.org/internet-drafts/draft-padma-ideas-problem-statement-01.txt   
> <https://www.ietf.org/internet-drafts/draft-padma-ideas-problem-statement-01.txt> 
> 
>  
> 
> IDEAS Introduction
> 
>  
> 
> IDEAS aims to be the forum where common issues across all ID Enabled
> Networks can be discussed.
> 
>  Goals:
> 
> -       to create awareness
> 
> -       to present the work proposed in IDEAS
> 
> -       A generic architecture that is scalable, extensible, robust,
> secure, and flexible for future ID enabled networks
> 
> -        to sollicit comments and feedback from the community on the drafts
> 
> -       to call for new contributions
> 
>   
> 
> Problem Statement
> 
> Motivation: Why Now?
> 
> ID solutions can address diverse areas
> 
>             IOT, M2M communication, Discovery, privacy, Latency,
> Virtualization
> 
> Beneficial to have standardized common infra across ID protocols
> 
>  
> 
> Key Issues Identified
> 
> Lack of common Infrastructure cause harder to deploy a common solution E2E
> 
>   -       No Common Management due to disjoint nature
> 
>   -       No Common/consistent policy framework
> 
>   -       Risk of fragmented communication
> 
>  Identifier Lifecycle
> 
>   -       No guidance or allocation scheme for public IDs
> 
>   -       Agreed upon ID format and scope in cross-domain communication
> 
>   -       Recycling IDs
> 
>   -       Better address merging of networks
> 
>  Security of Mapping Systems
> 
>   -       Secured access to the MS
> 
>   -       data integrity, Confidentiality, Anonymity, Access control
> 
>   -       DDOS attack prone
> 
>  
> 
> Proposal
> 
> -       To investigate the opportunity of a new specification effort to
> address some specific problems from an ID Enabled Networks perspective.
> 
> -       To find a common solution and infrastructure that can be shared
> by current protocols and facilitate the introduction of new ID-based
> services while avoiding rehashing the same problems again each time a
> new service pops up
> 
> -       Generic Resilient ID Services (GRIDS) infrastructure with
> standardized access and multiple services.  The services include
> 
>       -       secured registration
> 
>       -       discovery
> 
>       -       updates with data integrity,
> 
>       -       mapping and resolution capabilities,
> 
>       -       define relationships between IDs or group of IDs
> 
>       -       access control policy and security
> 
> - Other Related Work/ Groups
> 
>        - LISP (ALT, DDT)
> 
>        - HIP uses DNS
> 
>        - NVO3 WG
> 
>  
> 
> Questions:
> 
> Eric Nordmark: What’s unclear is what is out of scope re. Identifier.
> Are you considering "what is an identifier", clearly this is not about
> URI, how about IP in IP with IPsec ? Is one of them an identifier the
> other one a locator. Even LISP was not clear cut between
> locator/identifier as one could be routed locally.
> 
>  
> 
> Padma Pillay-Esnault: Regarding scope, the way we thinking about this,
> there can be multiple scopes with multiple allocation systems. The range
> of solutions is so vast that it may not be appropriate to only have one
> solution. Plenty options of where to put it and how to put. GRIDS can be
> used as local, proximity, global instance just as possible to have
> Private ID.
> 
>  
> 
> Bob Moskovitz: Concept of Identity and Identifier is important and  I
> have been involved and saw some form of this for the last 20 years may
> be more. It really does to be discussed in the list. Definitely it needs
> to be fleshed out a lot more about
> 
> what identifiers are, should be part of the work, tough problem with
> lots of opinions.
> 
>  
> 
>  
> 
> 2.2. Requirements for Generic Resilient Identity Services (GRIDS)
> in IDEAS  - Alex Clemm
> 
>  
> 
> https://www.ietf.org/internet-drafts/draft-padma-ideas-req-grids-00.txt
> 
>  
> 
> - This is the core infrastructure document which captures all requirements
> 
>      - Talked on Core components of GRIDS
> 
>      - GRIDS-MS, GRIDS-IS are covered
> 
>      - Grouping and Meta data are not described yet
> 
>      - Identity and Identifier definitions elaborated
> 
>      - Talked in details about mapping services
> 
>      - Identity related services are detailed
> 
>           - Structured and unstructured identifiers
> 
>           - Grouping related services
> 
>      - Requirement (Distribution, Redundancy, Performance and Scale..)
> 
>      - Key performance requirements
> 
>      - Security requirements
> 
>      - GRIDS should be able to be deployed in private space as well as
> in public domain
> 
>  
> 
> - The naming evolved from mapping system, which was too functionally
> constrained.
> 
>  
> 
> Questions: 
> 
> Ravi Ravindran: Trying to understand scope: trying to expand LISP ?
> 
> What is the scope ? 
> 
>  
> 
> Alex Clemm: No, not planning to just "expand lisp", that should be done
> in LISP WG. Some of those questions are better answered in the use
> cases, clear which ones are not resolved by LISP.
> 
>  
> 
> Benjamin Damm: How is this different from Multicast DNS ?
> 
>  
> 
> Bob Moskovitz: I can totally implement everything in GRIDS in DNS but
> that would not be a great idea but there would be a lot of
> 
> problems, DDoS, etc.. Think that metadata is not optional but must be
> called mandatory. Determined by use case.
> 
>  
> 
> Alex Clemm: Note taken
> 
>  
> 
> Dino Farinacci:  rfc8060 defines multiple RLOC types, eg: LISP can
> support those. Does this look like multicast DNS ? No, this is network
> layer mapping information mapping addresses to addresses.
> 
>  
> 
> Eric Nordmark: Multicast DNS is a local service, this is meant to be global.
> 
>  
> 
>  
> 
> 2.3. A Blockchain-based Mapping System - Jordi Paillisse 
> 
> - Blockchain is decentralized and secured
> 
>      - Add blocks of data one after other
> 
>      - Blockchain work flow
> 
>      - Transaction with a data, Senders Signature and Senders Public Key
> to a P2P network
> 
>      - Properties
> 
>         - Decentralized, No prior trust is required
> 
>            Data can be added but not modifiable
> 
>      - Basic Idea
> 
>         - Store mappings in blockchain
> 
>         - EID prefixes are distributed to all participants
> 
>      - Pros and Cons
> 
>         - Infrastructure less, Decentralized, fast lookup, secure, no
> prior trust, simple rekeying
> 
>         - Cons
> 
>             - Slow updates, costly boot strapping
> 
>      - Comparison with LISP DDT
> 
>         - No Infra, easy management
> 
>      - Issues with RPKI
> 
>          - Anonymity (prefix linked to owner name)
> 
>          - Revocation issues (block chain doesn’t use certificates)
> 
>      - Scalability
> 
>          - Growth similar to BGP Churn
> 
>          - Prefix delegation + Mappings
> 
>      - Design considerations
> 
>            - Bitcoin is too restrictive
> 
>            - New technologies - More scalable and more contracts
> 
>      - Dedicated chains..
> 
>  
> 
> Questions:
> 
> Toerless Eckert: what is the incentive model for participants to deploy
> the necessary infrastructure for this system ? In bitcoin, the security
> is achieved  through tremendous amount of calculation, the cost for that
> hardware is financed by handing out bitcoins for successful
> calculations. Do we need to hand out IPv4 addresses to pay
> for IDEAS bitchain calculations ?
> 
>  
> 
> Jordi Paillisee: Good question, there are some new blockchain methods
> with other incentive structures. See references on last slide of the
> slide deck.
> 
> Regarding incentive it is about security.
> 
>  
> 
> Dino Farinacci: 
> 
> When a new registration added (Say Jordi first and then 100000 more
> records added. Now the entry moved to the end. This solution will have
> 
> complete history of movements. Q1: can the really old stuff be chopped
> off. Q2: if RLOCs change etc. is it not really slow when you need to
> look through a lot of other newer mappings ?
> 
> Jordi Paillisee : Q1 Answer: It can be mitigated through implementation
> 
> Q2 answer: implementation detail. Database should have latest data for
> all entities, not in sequential order of evens.
> 
>  
> 
> Manu Sporny: Blockchain developer. Referring to blockchain group
> (w3c-blockain group) met in the morning, sees overlap with that work,
> how could we create alignment. Whom to talk to coordinate ? 
> 
> Padma Pillay-Esnault: Let’s discuss this offline.
> 
>  
> 
> 2.4. Use Cases for IDEAS - Tom Herbert
> 
> https://www.ietf.org/internet-drafts/draft-padma-ideas-use-cases-00.txt
> 
>  
> 
> - Mapping essentially a distributed key/value store
> 
>        - Key is fixed size per mapping DB
> 
>       - Maps "virtual address" to "physical address"
> 
>        - Mapping table is assumed to be distributed and possibly shared
> for load
> 
>        - Rate of entry is important characteristic
> 
>  
> 
>        - Use Cases:
> 
>               - Common Control plane
> 
>               - Mobility
> 
>               - Network Virtualization (for network simplification)
> 
>               - Heterogeneous Multi-Access (hetnet)
> 
>               - Security
> 
>               - Device Discovery
> 
>        - Mobility
> 
>            - Map entity to its current location for forwarding
> 
>            - Variants         
> 
>                - Encap: IP Mobility, IPIP, GTP etc..
> 
>                - ID/LOC: LISP, ILA
> 
>            - Properties
> 
>        - Mobility sub-cases
> 
>            - Within a single mobile network
> 
>            - Mobility between mobile networks
> 
>            - Multi-homed devices
> 
>            - Hetnet environments
> 
>            - Whole networks are mobile (WIFI in bus)
> 
>        - Network Virtualization
> 
>            - Variants
> 
>               - Encap: Map virtual IP address to Physical address
> 
>               - ID/LOC split
> 
>            - Properties
> 
>               - Mostly in DC
> 
>        - Address resolution static tunnels
> 
>            - Could be used as alternative means to resolve L2/L3
> 
>        - Host Routes
> 
>            - A network could implement virtualization simply by creating
> a host route
> 
>  
> 
> Questions:
> 
> Bob Moskovitz: We have been mobile since 1993. We need to start looking
> at mobility as baseline. Would almost challenge in discussion the
> starting point. Take rate of mobility (how fast it can move) as
> distinguishing attribute.
> 
>  
> 
> Tom Herbert: Agree. How quickly is my "device" going from one network to
> another. With higher rate, updates become a problem. Also get more and
> more use cases where latency becomes an issue. Hope we could avoid
> relying on a distributed system. Control path is critical system,
> keeping everything in sync with low latency and secure, reliable,
> available. Can we design this system with applicability across different
> use cases.
> 
>  
> 
> Mike McBride: There are applications like AR/VR that have strict
> requirements hopefully, that is also included in use cases.
> 
>  
> 
> Tom Herbert: Yes this has been discussed in the draft.
> 
>  
> 
> Padma Pillay-Esnault: Yes there different strict requirements depending
> on the different use cases. Earlier there was a question regarding IOT
> use cases. The requirements may vary for example depending if the type
> of IOT device. If it battery  operated (supposed to last 10 years) then
> it may have only one way communication (such as a pet tracker or sensor)
> and may even be on non-IP. In some cases proximity and context may be
> important too.
> 
>  
> 
> 2.5. Mobility First and Global Name Resolution Service - Parishad Karimi
> 
> https://www.ietf.org/id/draft-karimi-ideas-gnrs-00.txt
> 
>  
> 
> -Name based communications
> 
>       - Name based Architectures IP ==> LISP, HIP at IETF MF and NDN (in
> academia)
> 
>       - MF - Mobility First Background
> 
>          - MF started in 2010 under NSF, FIA
> 
>       - MF Protocol Layers
> 
>           - GUID (global Unique Identifiers)
> 
>           - We seek to use global name resolution system for resolution
> 
>       - Name Resolution Requirements
> 
>           - Low propagation and response Latency
> 
>           - Storage and load scalability
> 
>           - Security and reliability
> 
>           - Extensibility and flexibility
> 
>      - Structure of mapping should not be limited
> 
>      - Why can’t DNS can be supported (DNS Deficiencies)
> 
>           - TTL based caching
> 
>           - High Mobility makes caching ineffective
> 
>           - Static Placement of AUTH Servers
> 
>           - Reliance on hierarchal (relating root)
> 
>      - For MF we have looked into DMAP and GMAP and Auspice
> 
>      - Comparison of all three systems
> 
>      - Conclusion - We need a global mapping system with MF project
> 
>  
> 
>  
> 
> 2.6 Conclusion & Next steps - Padma Pillay-Esnault
> 
> Where do we want to go from here ?
> 
> Next Steps Slide:
> 
> - We need more collaboration from the community and looking forward for
> more participation on topics such as Blockchain and distributed trust,
> Late binding, Fast Caching, Security, DDOS protection ....
> 
>  
> 
> - Let’s take discussions to the alias
> 
> - Discuss the scope of work 
> 
>  
> 
> 3. Other Info
> 
> Mailing list: IDEAS
> 
> List address: ideas@ietf.org <mailto:ideas@ietf.org>
> 
> Archive: https://mailarchive.ietf.org/arch/search/?email_list=ideas
> 
> To subscribe: https://www.ietf.org/mailman/listinfo/ideas
> 
>  
> 
> 
> 
> _______________________________________________
> Ideas mailing list
> Ideas@ietf.org
> https://www.ietf.org/mailman/listinfo/ideas
> 

-- 
Prof. Dr. habil. Michael Menth
University of Tuebingen
Faculty of Science
Department of Computer Science
Chair of Communication Networks
Sand 13, 72076 Tuebingen, Germany
phone: (+49)-7071/29-70505
fax: (+49)-7071/29-5220
mailto:menth@uni-tuebingen.de
http://kn.inf.uni-tuebingen.de