IETF Logo Mail Archive

Re: [Ideas] Mapping System Requirements and draft-padma-ideas-problem-statement-00.txt

Dino Farinacci <farinacci@gmail.com> Wed, 21 September 2016 22:51 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A90A12B827; Wed, 21 Sep 2016 15:51:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nAYlMhHarPYB; Wed, 21 Sep 2016 15:51:29 -0700 (PDT)
Received: from mail-pf0-x22e.google.com (mail-pf0-x22e.google.com [IPv6:2607:f8b0:400e:c00::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB25912BC9F; Wed, 21 Sep 2016 15:51:09 -0700 (PDT)
Received: by mail-pf0-x22e.google.com with SMTP id z123so23616054pfz.2; Wed, 21 Sep 2016 15:51:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=SdhnoqxT3CNMkc/RcMhr4ychF7tdTd2S5noYF4lz7sI=; b=s7UD2Q1mBZKtvJDT1ulH/C/wNaLQoWyXmxCIkJe28+7y6WtQn9i8QhUq49JftFBMC5 oOtcwtfEtOHA585Vxeic84EAncTtMNCrDjCukx0XExRQdTNWXA4MmjxWCnWAXxoKZonR 6SI9G1RBlNMgjLwhIX169FrL7jPqvenR90nG77Cf7azyrhi23exlE/kwzP3sP64pJth3 YBPc3RsYHEMzbrTFO2lwtSVTXKVl9CSLpTHUUcWJYpl+G8dr7qQmX2SARwXZkOx8t5y5 utOPBgyPecGs217fFDAx2UP7teE2zfQ6R5Vx513+vEdwLFOaV9WKofqlESIN0C74uEno yCXw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=SdhnoqxT3CNMkc/RcMhr4ychF7tdTd2S5noYF4lz7sI=; b=mSVmOabqvbJ0GABeE6iTzHPb2isvdaeAjyP0JAOTbTsVSpANiM3jLzfV4fLZHwZMbb 5ne0u4taz9yb6bf5vzpPdrG9FvRz+9cnir36PawO0HwRtByAqQaIqNlE+/qo34Pv9ZKz vdV7jh6xE/EsLUFbQkd+9bLjddnmrGauWTKIxFuR9nnuiO8Bb0KH8TbtVS8wUurDfNmM JjVf/fH4abv0DeR5VSG1VLQE60DhbSl6Xp+EMN0vsrjKuCOLUMayhdFyo18fEcIBqYpx 05HgPYC8j3h3ti0WIO5jipeOzWUQONvDDQ7Aat3B5+iDLYisPWWj8yBCeqmNmvbeI9To akFw==
X-Gm-Message-State: AE9vXwNIxL6jIiKLLmFTFS+5+GzUJsemK5bhcShUnUveEkQB3DgleveieIlkmoO0bIp3vg==
X-Received: by 10.98.58.65 with SMTP id h62mr69173756pfa.82.1474498269520; Wed, 21 Sep 2016 15:51:09 -0700 (PDT)
Received: from ?IPv6:2601:646:8d01:89f0:1d22:29e0:ddaa:5135? ([2601:646:8d01:89f0:1d22:29e0:ddaa:5135]) by smtp.gmail.com with ESMTPSA id f202sm282204pfa.12.2016.09.21.15.51.08 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 21 Sep 2016 15:51:08 -0700 (PDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Dino Farinacci <farinacci@gmail.com>
In-Reply-To: <32C28142-350A-4242-A9C6-9E32D9966601@gmail.com>
Date: Wed, 21 Sep 2016 15:51:07 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <8CC1E61E-0A8F-41D3-B30D-5B037BAEDEB1@gmail.com>
References: <32C28142-350A-4242-A9C6-9E32D9966601@gmail.com>
To: Dino Farinacci <farinacci@gmail.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/kCrZGQY7Kw0ND0rI2GFaWb58Tbw>
Cc: beta@lispers.net, ideas@ietf.org, LISP mailing list list <lisp@ietf.org>, NVO3 <nvo3@ietf.org>, LISPmob <users@lispmob.org>, 5gangip@ietf.org, lisp-beta@external.cisco.com
Subject: Re: [Ideas] Mapping System Requirements and draft-padma-ideas-problem-statement-00.txt
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Sep 2016 22:51:31 -0000

Reposting since the cisco mailing lists are no longer in service. Please respond to this email.

Thanks and sorry for inconvenience,
Dino

> On Sep 21, 2016, at 2:12 PM, Dino Farinacci <farinacci@gmail.com> wrote:
> 
> Hello folks. In draft-padma-ideas-problem-statement-00.txt, we have a section on mapping system requirements for map-n-encap and translation based loc/id split protocols. Rather than having you go into the document in detail (we wish you would and comment though), I will provide the short list below to attempt a discussion on requirements. 
> 
> I have copied the possible WGs that may want to use the mapping system technology. And I have also copied the LISP working group who can shed expertise on the subject as well as some beta lists that have some operational experiences with mapping database deployment and management.
> 
> The requirements below have a security and robustness twist to it but I think that is the best place to start and to consider security “up front”.
> 
> Thanks in advance,
> Dino
> 
> ----
> 
> 6.4.  Mapping System Security
> 
>   The secure mapping system must have the following requirements:
> 
>   1.  The components of the mapping system need to be robust against
>       direct and indirect attacks.  If any component is attacked, the
>       rest of the system should act with integrity and scale and only
>       the information associated with the compromised component is made
>       unavailable.
> 
>   2.  The addition and removal of components of the mapping system must
>       be performed in a secure matter so as to not violate the
>       integrity and operation of the system and service it provides.
> 
>   3.  The information returned by components of the mapping system
>       needs to be authenticated as to detect spoofing from
>       masqueraders.
> 
>   4.  Information registered (by publishers) to the mapping system must
>       be authenticated so the registering entity or the information is
>       not spoofed.
> 
>   5.  The mapping system must allow request access (for subscribers) to
>       be open and public.  However, it is optional to provide
>       confidentiality and authentication of the requesters and the
>       information they are requesting.
> 
>   6.  Any information provided by components of the mapping system must
>       be cryptographically signed by the provider and verified by the
>       consumer.
> 
>   7.  Message rate-limiting and other heuristics must be part of the
>       foundational support of the mapping system to protect the system
>       from invalid overloaded conditions.
> 
>   8.  The mapping system should support some form of provisioned
>       policy.  Either internal to the system or via mechanisms for
>       users of the system to describe policy rules.  Access control
>       should not use traditional granular-based access lists since they
>       do not scale and are hard to manage.  By the use of token- or
>       key- based authentication methods as well as deploying multiple
>       instances of the mapping system will allow acceptable policy
>       profiles.  Machine learning techniques could automate these
>       mechanisms.

v2.8.7 | Report a Bug | By Email