IETF Logo Mail Archive

Re: [Ideas] New revision posted on draft-ccm-ideas-identity-use-cases

Alexander Clemm <alexander.clemm@huawei.com> Mon, 16 October 2017 22:38 UTC

Return-Path: <alexander.clemm@huawei.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A083F133205 for <ideas@ietfa.amsl.com>; Mon, 16 Oct 2017 15:38:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iTW_D8f2mX1P for <ideas@ietfa.amsl.com>; Mon, 16 Oct 2017 15:38:15 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C1E3213458D for <ideas@ietf.org>; Mon, 16 Oct 2017 15:38:14 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml705-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DXW04401; Mon, 16 Oct 2017 22:38:13 +0000 (GMT)
Received: from SJCEML702-CHM.china.huawei.com (10.208.112.38) by lhreml705-cah.china.huawei.com (10.201.108.46) with Microsoft SMTP Server (TLS) id 14.3.361.1; Mon, 16 Oct 2017 23:38:12 +0100
Received: from SJCEML521-MBX.china.huawei.com ([169.254.1.102]) by SJCEML702-CHM.china.huawei.com ([169.254.4.145]) with mapi id 14.03.0361.001; Mon, 16 Oct 2017 15:38:04 -0700
From: Alexander Clemm <alexander.clemm@huawei.com>
To: Tom Herbert <tom@herbertland.com>
CC: "ideas@ietf.org" <ideas@ietf.org>
Thread-Topic: [Ideas] New revision posted on draft-ccm-ideas-identity-use-cases
Thread-Index: AdNCJ759WLnyNEFUS8OQ3qb/AaAdvwEO/iGAABpkCnA=
Date: Mon, 16 Oct 2017 22:38:03 +0000
Message-ID: <644DA50AFA8C314EA9BDDAC83BD38A2E0EAB67C5@sjceml521-mbx.china.huawei.com>
References: <644DA50AFA8C314EA9BDDAC83BD38A2E0EAA89A5@sjceml521-mbx.china.huawei.com> <CALx6S37C2pKKbVUYj2VN1G6A=DqFd_WPMT9ykowaErBsQrr_hQ@mail.gmail.com>
In-Reply-To: <CALx6S37C2pKKbVUYj2VN1G6A=DqFd_WPMT9ykowaErBsQrr_hQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.213.48.45]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020201.59E534D5.00C8, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.1.102, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: afa5e0de417254cf2e08e7fc38f7ab7a
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/nKuQOlI75uaSW7gF3oKiRMnMC40>
Subject: Re: [Ideas] New revision posted on draft-ccm-ideas-identity-use-cases
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Oct 2017 22:38:16 -0000

Hello Tom,

Thank you for your comments.  Some brief replies, inline, <ALEX>

--- Alex

> -----Original Message-----
> From: Tom Herbert [mailto:tom@herbertland.com]


...

> By my count this is at least the fifth definition of identity that has been
> proposed either in drafts or on the list, and this one is no more enlightening
> than any of the previous definitions. First of all, this says identity is an
> "identifier". Does this mean that identity is a type of identifier per the
> definition of identifier above? Secondly, this says identity is used to identify a
> communication entity, however above it says an identifier "denotes
> information to unambiguously identify a communications entity"-- so both of
> them "identify a communications entity"... I don't see the difference.

<ALEX> Well, the definitions are evolving as we hope to get them more concise.  

For that definition: yes, the IDy is an identifier.  However, it is a "special" identifier in that it is never revealed in packet header, nor revealed to another communications entity - unlike an IDf.  

Another aspect that is mentioned in the draft, but not in the definitions (and we need to revisit this) concerns the distinction between a "second-order" (IDf) and a "first-order" identifier (IDy) - the second-order potentially be rooted / anchored in the first-order identifier, respectively the first-order identifier really denoting a collection / grouping of "second-order" identifiers.  As mentioned below, perhaps  we should add an articulation such as "" An IDy serves as a collection of identifiers that are associated with the same endpoint"

</ALEX>

> 
> The rest of the draft, including the picture of the relationship between
> identifiers, identify, and locators, seems to imply a potentially more useful
> and crisp definition of identity. As stated in the introduction: "An IDy serves
> as a collection of identifiers that are associated with the same endpoint". This
> could be rephrased to define identity as "a group of identifiers that share
> some common properties". Given this "group" definition of identity, then it
> becomes natural to consider group policy and group operations over sets of
> identifiers.
> 

<ALEX> I am glad that you find that things are getting crisper - I take it to mean that we are on the right path!  Yes, this is what we need to reflect / incorporate.  However, I think we need to be more specific than just saying IDy refers to a grouping in the general sense - it refers to a grouping of identifiers that refer to the same communications entity  (that is the property they have in common, I guess) 
</ALEX>

v2.23.0 | Report a Bug | By Email