Re: [Ideas] Diasambugating Identifier and Identity
Robert Moskowitz <rgm-ietf@htt-consult.com> Thu, 13 April 2017 23:58 UTC
Return-Path: <rgm-ietf@htt-consult.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 763F91276AF for <ideas@ietfa.amsl.com>; Thu, 13 Apr 2017 16:58:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.303
X-Spam-Level:
X-Spam-Status: No, score=-2.303 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VSiB7P0z_ZfN for <ideas@ietfa.amsl.com>; Thu, 13 Apr 2017 16:58:16 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [50.253.254.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13FC2126579 for <ideas@ietf.org>; Thu, 13 Apr 2017 16:58:16 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id BEA366239C for <ideas@ietf.org>; Thu, 13 Apr 2017 19:58:14 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id t3eWe2AtH+Je for <ideas@ietf.org>; Thu, 13 Apr 2017 19:58:11 -0400 (EDT)
Received: from lx120e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id AB0926239B for <ideas@ietf.org>; Thu, 13 Apr 2017 19:58:08 -0400 (EDT)
To: ideas@ietf.org
References: <7443f8eb-181c-be31-8e80-9250b4a54e60@htt-consult.com>
From: Robert Moskowitz <rgm-ietf@htt-consult.com>
Message-ID: <abd7608c-54b9-a381-fdf2-c5964dc37078@htt-consult.com>
Date: Thu, 13 Apr 2017 19:58:04 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <7443f8eb-181c-be31-8e80-9250b4a54e60@htt-consult.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/k7lggvKGhfCVVoGzKsXGq1A5Axc>
Subject: Re: [Ideas] Diasambugating Identifier and Identity
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Apr 2017 23:58:18 -0000
I am finally getting back to this subject. On 03/28/2017 12:07 PM, Robert Moskowitz wrote: > The Identifier/Identity definitions in > draft-padma-ideas-problem-statement-01.txt is a good start, it fails > in the appreviations used. (There is NO abbreviation for Identity!) > > ID should NOT be the appreviation of Identitfier. People will default > to thinking 'Identity' when they see it. Think about people outside > our discussion group. > > I propose 'IDf' for Identifier. 'ID' is too owned by Identity. > > I will be working on proposed wording to improve these definitions. I have worked up definitions, sent it out to a few reviewers, got some comments and questions. First my current draft, then a few questions: Replacement text for: draft-padma-ideas-problem-statement Identity (Abbr: IDT or IDt): A collection of information that is unique to an object and differentiates it from all other objects. An identity consists of information that is stated about the object by itself or a governing authority. It consists of a set of attributes and/or actions the object can take. An Identity may be assigned a lifetime (e.g., a time period), which is determined by either the object or the governing authority responsible for defining the identity of the object, or a designated third party. An object can have multiple Identities and can create and discard Identities at will. An Identity may be ‘indestructible’. That is, it is so unique and non replicatible that no other object could ever duplicate it, nor can the object discard it within its lifetime without being a ‘clone’ object. Identity is used in authentication registration and policy ownership proofs. Identifier (Abbr: IDF or IDf): A label that is unique for an object a particular scope. The label follows strict construction rules for the objects and the context that the label is applied to. For a particular context, an Identifier is used to reference an Identity for the object. In most cases, an Identifier is bound to an Identity through some trusted mechanism. An Identity can have different Identifiers, potentially following different construction rules, for different contexts and/or domains of applicability. ========== Now onto a few questions: Per: "An object can have multiple Identities" clause, I am challenged with "This is VERY dangerous. In most software systems, it is the responsibility of the management system to assign a single identity to an object when it is created. If an object has multiple identities, it could suffer from 'multiple personality syndrome'. More importantly, if the object is allowed to create and discard identities at will, how do other objects know that the object is who it attests to be?" I think it is very important for some situations for support of multiple Identities. No all. There are domains as indicated above where it causes big problems. Per: "An Identity may be ‘indestructible’." clause, I am challenged with "This doesn’t make any sense. Why would anyone care if the identity is indestructible or not?" I can think of examples of such Identities, or claim of such Identities, like DNA. And finally, Per: "Identity is used in authentication registration and policy ownership proofs." clause, I am challenged with "What does this mean?" I will have to work on this some more, or perhaps it does not belong in the definition section. Comments please
- Re: [Ideas] Diasambugating Identifier and Identity Toerless Eckert
- Re: [Ideas] Diasambugating Identifier and Identity Hesham ElBakoury
- Re: [Ideas] Diasambugating Identifier and Identity Michael Menth
- Re: [Ideas] Diasambugating Identifier and Identity Padma Pillay-Esnault
- Re: [Ideas] Diasambugating Identifier and Identity Robert Moskowitz
- Re: [Ideas] Diasambugating Identifier and Identity Michael Menth
- Re: [Ideas] Diasambugating Identifier and Identity Robert Moskowitz
- Re: [Ideas] Diasambugating Identifier and Identity Robert Moskowitz
- Re: [Ideas] Diasambugating Identifier and Identity Alexander Clemm
- Re: [Ideas] Diasambugating Identifier and Identity Michael Menth
- Re: [Ideas] Diasambugating Identifier and Identity Liubingyang (Bryan)
- Re: [Ideas] Diasambugating Identifier and Identity Michael Menth
- Re: [Ideas] Diasambugating Identifier and Identity Dino Farinacci
- Re: [Ideas] Diasambugating Identifier and Identity Alexander Clemm
- Re: [Ideas] Diasambugating Identifier and Identity Michael Menth
- Re: [Ideas] Diasambugating Identifier and Identity Alexander Clemm
- Re: [Ideas] Diasambugating Identifier and Identity Liubingyang (Bryan)
- Re: [Ideas] Diasambugating Identifier and Identity Michael Menth
- Re: [Ideas] Diasambugating Identifier and Identity Michael Menth
- Re: [Ideas] Diasambugating Identifier and Identity Alexander Clemm
- Re: [Ideas] Diasambugating Identifier and Identity Michael Menth
- Re: [Ideas] Diasambugating Identifier and Identity Liubingyang (Bryan)
- [Ideas] Diasambugating Identifier and Identity Robert Moskowitz
- Re: [Ideas] Diasambugating Identifier and Identity Padma Pillay-Esnault
- Re: [Ideas] Diasambugating Identifier and Identity Hesham ElBakoury
- Re: [Ideas] Diasambugating Identifier and Identity Alexander Clemm
- Re: [Ideas] Diasambugating Identifier and Identity Hesham ElBakoury
- Re: [Ideas] Diasambugating Identifier and Identity Axel.Nennker
- Re: [Ideas] Diasambugating Identifier and Identity Robert Moskowitz
- Re: [Ideas] Diasambugating Identifier and Identity Dino Farinacci
- Re: [Ideas] Diasambugating Identifier and Identity Robert Moskowitz
- Re: [Ideas] Diasambugating Identifier and Identity Dino Farinacci