Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)

Padma Pillay-Esnault <padma.ietf@gmail.com> Sun, 08 October 2017 19:10 UTC

Return-Path: <padma.ietf@gmail.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99C93134918; Sun, 8 Oct 2017 12:10:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2O4suuGRlBb2; Sun, 8 Oct 2017 12:10:19 -0700 (PDT)
Received: from mail-wm0-x231.google.com (mail-wm0-x231.google.com [IPv6:2a00:1450:400c:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BEE72132924; Sun, 8 Oct 2017 12:10:18 -0700 (PDT)
Received: by mail-wm0-x231.google.com with SMTP id q132so18318389wmd.2; Sun, 08 Oct 2017 12:10:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=8LfTE6zkYGGkrI9DZetPLCNOE4QNC3X2xG0dlH+PbB4=; b=nBqYloWJPWeAxAOfvcmWyFQmUaaW0TUGBYUMucLcFchzqO0zf7zO5030R0OuMG3wVV cMS0W8HMD/A2cYZ1cIpVENhvtsU8kxrh4rfbeD+okfTWEeKxByNiuoLkxRYRTtHlDo0+ KdAF1tP0d1t02rH4V5OmlzaBMeJJ2GrmkUqvr4sgtpCrq0iunLYf7jSuEbk33nffdW7c kWHrw/ZiOXbzdCwmmmrsMOEt1VeOg/JbeDDmReAnb5eKgjKOix/IR0WJMlUNsPxqeRvS BkN0UoDVi5/Zs1vBsm0vrAiaQffkLhhGsJv1sBeSW2DHeoTYP9qHN29G7zC8Iv2Atulx u/KA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=8LfTE6zkYGGkrI9DZetPLCNOE4QNC3X2xG0dlH+PbB4=; b=aqZWO3CNrjs66xNh7PUPNe6G2nkORh0AVN2wZ7Cvjg1/tYXYTg3Wi5fqjC4PzAJExU xyaC/4L1uogMuEGmTXar3vWEfnb2EovsIEV7BEomp7Y2kpZufK/DvF2hsP2Si+dgcyDB aOqlfnR3BIOVgAmJPZGWEwl2RguCy6GPqiMfpqNvDtKY30d1y0HU8THsJ22EaSyI6LG/ aUOMQMHk29iDApg0W4SOTVmA+V+yeP1glbblDs35WM++m5iJ79oRAMeOT8Pgf2MveDkm YZ5uS8pVUEliJ1AcHlD4o2fM2EEP1tf9ZE5EtPTsquAKp0nzua2TyLbo5wb80EVlk9J8 goCA==
X-Gm-Message-State: AMCzsaXw+lrfXQ7WRXbq9P4ytZT1FtBBEgoeyc0uhPr0A8JrcMMvpS/d vNoivWcuIcEqJP/sxRcgBZhQQZcMoKam9HkxCYHDjQ==
X-Google-Smtp-Source: AOwi7QD5T/BPtHiKLOAcjDVIMmBDrYb/HbVKVQ7azJU48Tiu9sHdxkn4WS/vtQlrfu/r8BvsP6+Uo54yK1WWkY+t0BY=
X-Received: by 10.28.152.5 with SMTP id a5mr6960941wme.131.1507489817180; Sun, 08 Oct 2017 12:10:17 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.173.86 with HTTP; Sun, 8 Oct 2017 12:10:16 -0700 (PDT)
In-Reply-To: <CALx6S372+69EkycAJ_y6b_rJnMw3ncFEZzhVFyWsA+3GbxHaZA@mail.gmail.com>
References: <150670160872.14128.2758037992338326085.idtracker@ietfa.amsl.com> <6.2.5.6.2.20171007163002.11c897a0@elandnews.com> <CAG-CQxpnHKtov+pj6YFL0wxnO3YX7mbLUA9uHUkVQbHqE3A1rQ@mail.gmail.com> <6.2.5.6.2.20171008102541.11499408@elandnews.com> <CAG-CQxpEb8Lcjy0M5445K4Ob+nQW15WeEooggcxpb=hToB4HZw@mail.gmail.com> <CALx6S372+69EkycAJ_y6b_rJnMw3ncFEZzhVFyWsA+3GbxHaZA@mail.gmail.com>
From: Padma Pillay-Esnault <padma.ietf@gmail.com>
Date: Sun, 8 Oct 2017 12:10:16 -0700
Message-ID: <CAG-CQxpUKT9gt7ZggVPzWpxQjYfO2nzVzpmp-Dfsav7CKnmTQQ@mail.gmail.com>
To: Tom Herbert <tom@herbertland.com>
Cc: S Moonesamy <sm+ietf@elandsys.com>, ideas@ietf.org, IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="001a114b298c0e3d7a055b0dd391"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/eTQ-YK4_ftgSFT_qKckD-KXo7DI>
Subject: Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Oct 2017 19:10:21 -0000

Tom

I think the concern is more around having a system that provides a
> potentially public interface that maps identifiers, even ephemeral
> ones, to an identity. When this is the identity of a end user device,
> such as a phone, this becomes a system that does maps identifier to
> user identities. This naturally leads to concerns about how to secure
> such a system and how to prevent abuse of the information that goes
> beyond the needs of connectivity. Both the proposed charter and the
> related drafts are sketchy as to how the system can be secured and who
> will be authorized to access the system.
>


Let's clarify again

1. IDy is NOT human identities but the "user(temporal) of an (temporal)
identifier" who is authorized to update or look up identities.

2. It is not mandatory to authenticate but desirable.

3. In some cases, like in a private or closed when you need to track your
devices/planes, do accounting or whatever, you should be able to do this on
a need to know basis.

Using the cell phone example to tie an end device to a human. Today,
doesn't SIM cards tie at some level you as a subscriber to your device and
do the accounting? The SIM database is not publicly accessible are they?

Thanks
Padma


> Tom
>