Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)

Christian Huitema <huitema@huitema.net> Mon, 02 October 2017 16:46 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCA67132D41 for <ideas@ietfa.amsl.com>; Mon, 2 Oct 2017 09:46:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L9PEL8YZElK8 for <ideas@ietfa.amsl.com>; Mon, 2 Oct 2017 09:46:32 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C717A120720 for <ideas@ietf.org>; Mon, 2 Oct 2017 09:46:31 -0700 (PDT)
Received: from xsmtp12.mail2web.com ([168.144.250.177]) by mx36.antispamcloud.com with esmtps (TLSv1.2:AES128-SHA:128) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1dz3rQ-00056G-4S for ideas@ietf.org; Mon, 02 Oct 2017 18:46:29 +0200
Received: from [10.5.2.15] (helo=xmail05.myhosting.com) by xsmtp12.mail2web.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <huitema@huitema.net>) id 1dz3r6-0005fB-OO for ideas@ietf.org; Mon, 02 Oct 2017 12:46:27 -0400
Received: (qmail 4397 invoked from network); 2 Oct 2017 16:46:04 -0000
Received: from unknown (HELO [192.168.1.103]) (Authenticated-user:_huitema@huitema.net@[172.56.42.117]) (envelope-sender <huitema@huitema.net>) by xmail05.myhosting.com (qmail-ldap-1.03) with ESMTPA for <ideas@ietf.org>; 2 Oct 2017 16:46:04 -0000
To: Dino Farinacci <farinacci@gmail.com>, "Templin, Fred L" <Fred.L.Templin@boeing.com>
Cc: The IESG <iesg@ietf.org>, "ideas@ietf.org" <ideas@ietf.org>
References: <e476f817-580b-9083-48bb-72de1745f1c1@huitema.net> <67067a23-bb7f-08e4-3766-8802d8f3121f@huitema.net> <45e8993a73ef4bb9b3914f32c4609823@XCH15-06-08.nw.nos.boeing.com> <B158AE04-F14F-48DA-A91D-F0CC2BC3A711@gmail.com>
From: Christian Huitema <huitema@huitema.net>
Message-ID: <cc091145-49bb-9990-90aa-e3b12b4deeba@huitema.net>
Date: Mon, 2 Oct 2017 09:46:02 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <B158AE04-F14F-48DA-A91D-F0CC2BC3A711@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
X-Originating-IP: 168.144.250.177
X-SpamExperts-Domain: xsmtpout.mail2web.com
X-SpamExperts-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-SpamExperts-Outgoing-Class: unsure
X-SpamExperts-Outgoing-Evidence: Combined (0.29)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5tC5u20H4jDeqOqKhKMa17wXv9krsgRhBn0ayn6qsUc7p7He3a39gjg/ 9oOEoAajC61PdOWeIW8R8TgUu5HhPnLXsZ/zvZCpyHRns5FgvqdnTGulXfuaNr1V9B1E4+3dI3nk BRYAruZ5hO/GfxnCDKeAoqWDmtF8nD2nEDT705fpjj0HlFDoqoWF20+xKQ35+nd/nGlMBQ0xDQkm A/S/XlviXj3T4KI9X3Edk1VAD/raxm0eXjh1Edf5/6lW85Glx+BFwYDEPnet1tXHsknHYhhwbzpt P1hS4Kj7E/EWE1j8sESBnZ29929fqpFFzBN0ceyPnEGyyfS0ggcDdodDMKpYg9ruAKOoPnwmy4wG 8XtJqWVYNxS4myu1gxnHJBnmumz49PzUWhdE3zEeQF2k5bdHrh2h0Pu50H7NzHw6NK3VYL8jvyeW A9EsRvV6CqjePBKOhcObZXWnkEw+6F9CGyYjmJKJXZ+nOfVIFw1j15M+NioHoPZGa4M+gVoRbXuj edLPh3AwRDSwUY58cvL01UgHmFDqewO9xyOqCYO8P1aHuJ+q0VAdWduuFNAGSPDW/D0UF36LWvas gj4e2T8BuA1dHghQC//pO9KiygTP+bGF8N2IrsxSJSJSZLlKTS85vMibYT4C2qF2lnc18bVJn66J awn+Wnh2kh0k8ZYL6YOznrQCcLg4qwXcikLD+MiFBTwJWw42swm4bO6gacpMpzLdQBUMkAI/PGrN 0+wWmMSTxD0lugE85NC8TRxNzgAe9FjI1dRH6f16eQCtvwPkeoy/RHCd+AU+DSNrWD2KXtAdl1Fr MVSE/J/ewUnTj7YP55q9INbyRwqQyVkoHpS/jX2RVYKU9W9tbmVXJBqdHHDm8ZIH36IzEI956ubs TR4WHrFV5oTvAcwA4rM3FkfW8/2B3o0d/ygg1mkxyifBss2L
X-Report-Abuse-To: spam@quarantine5.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/en321UL_2bJZ5SAytdiTltJAxBI>
Subject: Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Oct 2017 16:46:33 -0000


On 10/2/2017 9:23 AM, Dino Farinacci wrote:
>> So, we see ID/Loc architectures as a useful tool for supporting this
>> safety-of-flight critical ATM service. Should it be noted that there are
>> use cases where mobile node tracking is indeed desirable?
> Note Christian, in LISP you can have ephemeral and crypto EIDs. See draft-ietf-lisp-eid-anonymity-00 and draft-farinacci-lisp-ecdsa-auth-00, respectively, for details.
>

Dino, I am well aware that we (well, you) *can* engineer ID/LOC networks
to have good privacy properties. But I am also aware that if this is not
an explicit goal in the charter, we may very well end up with
architectures that have pretty bad properties. For example, most ID/LOC
architectures rely on a database that provides the up-to-date LOC for an
ID. In my bad dreams, I could see the database extended to provide other
properties of the ID, such as subscriber ID. Similarly, there was a
proposal some time ago to have a unique IPv6 identifier for every EU
citizen; that bad idea was quashed, but we could easily see something
like that resurface as on unique ID per user. That's why I would like to
see the proposed charter to be crystal clear about privacy requirements,
rather than just say that we will think about it.

-- 
Christian Huitema