Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)

Uma Chunduri <uma.chunduri@huawei.com> Thu, 05 October 2017 17:05 UTC

Return-Path: <uma.chunduri@huawei.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B7C51329B5; Thu, 5 Oct 2017 10:05:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s7n22yyGJ0-y; Thu, 5 Oct 2017 10:05:22 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F8CB132F3F; Thu, 5 Oct 2017 10:05:21 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml701-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DPY88741; Thu, 05 Oct 2017 17:05:19 +0000 (GMT)
Received: from SJCEML702-CHM.china.huawei.com (10.208.112.38) by lhreml701-cah.china.huawei.com (10.201.108.42) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 5 Oct 2017 18:05:19 +0100
Received: from SJCEML701-CHM.china.huawei.com ([169.254.3.215]) by SJCEML702-CHM.china.huawei.com ([169.254.4.207]) with mapi id 14.03.0301.000; Thu, 5 Oct 2017 10:05:07 -0700
From: Uma Chunduri <uma.chunduri@huawei.com>
To: "Joel M. Halpern" <jmh@joelhalpern.com>, Benjamin Kaduk <kaduk@mit.edu>, Jari Arkko <jari.arkko@piuha.net>
CC: "ideas@ietf.org" <ideas@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Thread-Topic: [Ideas] WG Review: IDentity Enabled Networks (ideas)
Thread-Index: AQHTPUTpHf/1VBiG/k6j1YoUSQ9obKLUrfeA//+xkRCAAI/FAIAAAIUAgAAA9AD//6NuoIAAjskAgABU/1A=
Date: Thu, 05 Oct 2017 17:05:06 +0000
Message-ID: <25B4902B1192E84696414485F572685401A8750D@SJCEML701-CHM.china.huawei.com>
References: <150670160872.14128.2758037992338326085.idtracker@ietfa.amsl.com> <778d5504-ba4f-d418-7b20-356353bb0fb2@cs.tcd.ie> <D7D4AEE9-3BD0-4C8F-BCC6-7185AF7D37BA@netapp.com> <9C663B18-21CC-4A16-8B26-7994B12B1DC5@piuha.net> <25B4902B1192E84696414485F572685401A872DE@SJCEML701-CHM.china.huawei.com> <33f100a0-5114-269c-adb4-5db6edb1fd4d@joelhalpern.com> <20171005013730.GC96685@kduck.kaduk.org> <55bf5ae5-848a-ba81-f76b-14aaefdad2bf@joelhalpern.com> <25B4902B1192E84696414485F572685401A873A3@SJCEML701-CHM.china.huawei.com> <d92f5bd7-8081-37bf-cefe-d19ba4a203e2@joelhalpern.com>
In-Reply-To: <d92f5bd7-8081-37bf-cefe-d19ba4a203e2@joelhalpern.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.213.49.99]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090203.59D66650.016D, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.3.215, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: ffc79e8c6a44093f62df7a0f42f4cdce
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/oU-2N0wL3hOYl9Y2Gqe8VZXc6z0>
Subject: Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Oct 2017 17:05:24 -0000

Hi Joel,

In-line [Uma]:


Best Regards,
--
Uma C.

-----Original Message-----
From: Joel M. Halpern [mailto:jmh@joelhalpern.com] 
Sent: Wednesday, October 04, 2017 9:41 PM
To: Uma Chunduri <uma.chunduri@huawei.com>; Benjamin Kaduk <kaduk@mit.edu>; Jari Arkko <jari.arkko@piuha.net>
Cc: ideas@ietf.org; ietf@ietf.org
Subject: Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)

You seem to be making some unstated assumptions.

If by "Provider" in "Provider based AUTH" you mean the last hop communications service provider, then I would fundamentally disagree with you. 
[Uma]: I meant IdP and it's an orthogonal discussion if both roles played by same entity..
 
 The communication service provider has no role in creating or authenticating identifiers.  Their job is to provide locators.
[Uma]: Absolutely.

Now, those service providers may have an authentication relationship, based on some identifiers, in order to provide communications services. 
But the identifiers for that are completely uncoupled from and unrealted to the identifiers need for an ID / Locator system.

Yes, if there is a provider of identifiers (not all systems even require that), 

[Uma]:  Yes, may be not all systems require that, especially if this is a local deployment.

then the user of the identifier needs to have an appropriate relationship with the provider of the identifier.  
And that needs to be related to the authentication needed to update the mapping system.
[Uma]: Yes.


But neither of those require anything other than the identifier and suitable keying.  
[Uma]: If it's a local system simple keying is enough (in the expense of key management etc) as all devices may be managed by the same org.