IETF Logo Mail Archive

Re: [Ideas] Your Input requested: Charter Proposal New Version

Padma Pillay-Esnault <padma.ietf@gmail.com> Thu, 10 August 2017 17:18 UTC

Return-Path: <padma.ietf@gmail.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5558713234E for <ideas@ietfa.amsl.com>; Thu, 10 Aug 2017 10:18:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id acx2SW6EhEW6 for <ideas@ietfa.amsl.com>; Thu, 10 Aug 2017 10:18:06 -0700 (PDT)
Received: from mail-qt0-x233.google.com (mail-qt0-x233.google.com [IPv6:2607:f8b0:400d:c0d::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 648F51321C8 for <ideas@ietf.org>; Thu, 10 Aug 2017 10:18:06 -0700 (PDT)
Received: by mail-qt0-x233.google.com with SMTP id a18so8302033qta.0 for <ideas@ietf.org>; Thu, 10 Aug 2017 10:18:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Q0imWXAug11TwIZTBBxO39x3CLdZ5EqbCT2vipv5Spw=; b=Y1IXYmw9SgGjMLlOewu6spKaS6NL0e89eIv6P+3p2/kPbOt+tIN8AKGxsok+TeFs2T GaIfFS2v9trWJrK92fS+sGk6pXm7ooKp6XoGV4kUZqqRkMjB9MHVLIwsW+U3jSl20IO3 9s9qyjWPu9Mj3sZE5dv9M5k63s1sWyYrKgvndSytsaOLg8bvvbj4+FLf9UjsRVrKGyyv daU8vYvqtCKappAgp4r4Mhc4WR17c1aYiIIfaYQ5ZDAdIjsxZZSx+pscdm0nCbn6J7Yw QvvuBuSZ4HrxNRsXu3AYXDi5up/D70bO/GlHPHTzMsxEjM8QU6GD2criEPicV/O8uCTM 66iw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Q0imWXAug11TwIZTBBxO39x3CLdZ5EqbCT2vipv5Spw=; b=jqnbbjdCnZv1+OjQarPALlg/OYA3ZCrBCUBdxR9H57ypJ+119WegeFxP0rxUWDHcGq PoZmNLa80N70FoegOnMbAS6DvEztdpVC3vFZHu+FwX4lV6xFlhguDwFM1ZezeaJ2HAcR Ps/ECOXw62TvYkejdKTrh6H3ZEXwZEsCWHPcVfQGL20IlEqD0r2Wfn+JQfRePqC7Gilx fHEaLctzaYQvh8mpZxb6QUgZXUsAct/YLTxYcYujI68Vqonp5aUzKWX+0K9gJB5yAwzm SxI2sU9E7+Il7xTaoCR87a+ccnk6CoDjdrFsobtW8+EGnoB1lIueLQZZN1e88ZKxdmQY +cRw==
X-Gm-Message-State: AHYfb5hQyc9yBTPfb6HWgfwjP8AR3sYgzssI+wRPZi3X4ayCmahUr0xR f6QxGjg2eo+KGKMXPlZtgtAUdkCErQ==
X-Received: by 10.200.40.197 with SMTP id j5mr16597023qtj.100.1502385484075; Thu, 10 Aug 2017 10:18:04 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.237.43.199 with HTTP; Thu, 10 Aug 2017 10:18:03 -0700 (PDT)
In-Reply-To: <CAOB5waKBVxT7d5vFpnttDRWjDe8VJLoL144ezaMdenPR+sMJaw@mail.gmail.com>
References: <CAG-CQxpxDXxLXdu0a2GdBRfTFLM_C+jqCz58HoNim52C7Yzr8g@mail.gmail.com> <CALx6S34hbV5D84RZQ1+V3zFz+VNeJsDn0rsr-PN6Wg4b1gdSpA@mail.gmail.com> <83622B5F-A2D0-40A4-BD75-BC6222754059@telefonica.com> <25B4902B1192E84696414485F572685401A3A234@SJCEML703-CHM.china.huawei.com> <16A0829F-78E9-4E8C-B719-B25431603939@telefonica.com> <25B4902B1192E84696414485F572685401A3A265@SJCEML703-CHM.china.huawei.com> <CAOB5waKBVxT7d5vFpnttDRWjDe8VJLoL144ezaMdenPR+sMJaw@mail.gmail.com>
From: Padma Pillay-Esnault <padma.ietf@gmail.com>
Date: Thu, 10 Aug 2017 10:18:03 -0700
Message-ID: <CAG-CQxrAZhdwhQM9wfF_tST_8dgzKxUfijjsuJHTW1E_74DqcQ@mail.gmail.com>
To: Lan Gao <langao@cdi.cn>
Cc: "ideas@ietf.org" <ideas@ietf.org>
Content-Type: multipart/alternative; boundary="001a114069a418164a0556696182"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/ojnkBb7pa2VB2qCDj2BiWabSWnE>
Subject: Re: [Ideas] Your Input requested: Charter Proposal New Version
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Aug 2017 17:18:09 -0000

Dear Lan Gao

Thanks for your review. Will take this input.

Thanks
Padma



On Wed, Aug 9, 2017 at 6:31 PM, Lan Gao <langao@cdi.cn> wrote:

> I agree with Sam. Specific chartered tasks or a statement referencing the
> chartered tasks should be added to the Deliverables as the current document
> only implies that they will be met by the Generic Identity Services
> Framework.
>
> Regards,
>
> Lan Gao
>
> On Thu, Aug 10, 2017 at 7:26 AM, Uma Chunduri <uma.chunduri@huawei.com>
> wrote:
>
>> Hi Diego,
>>
>> In-line [Uma1]:
>>
>> -----Original Message-----
>> From: Diego R. Lopez [mailto:diego.r.lopez@telefonica.com]
>> Sent: Wednesday, August 09, 2017 3:58 PM
>> To: Uma Chunduri <uma.chunduri@huawei.com>; Tom Herbert <
>> tom@herbertland.com>; Padma Pillay-Esnault <padma.ietf@gmail.com>
>> Cc: ideas@ietf.org
>> Subject: Re: [Ideas] Your Input requested: Charter Proposal New Version
>>
>> Hi Uma,
>>
>> On 10/8/2017, 24:30 , "Uma Chunduri" <uma.chunduri@huawei.com> wrote:
>>
>>         > - in addition, introduce the concept of identity-identifier
>> split and new
>>         > mechanisms that let endpoints dynamically change identifiers.
>> These new
>>         > functionalities may, for example, facilitate anonymity through
>> obscurity
>>         > while preventing security issues that might result from abuse,
>> ensuring that
>>         > information about actual endpoints and their location is
>> revealed only on a
>>         > need-to-know basis.
>>         >
>>         Padma,
>>
>>         I don't think this goes far enough in terms of protections for
>> users
>>         against the potential abuse of something that might be able to
>>         individually and persistently identify them on the Internet.
>> First,
>>         it's not clear what network layer identity means in this context.
>> I
>>         hope it refers to an ad hoc collection of identifiers as opposed
>> to
>>         the identity of individual users or devices. In any case maybe a
>>         definition of identity might be in order here. Secondly, I think
>> it
>>         should be stated up front that identity cannot in any way be used
>> to
>>         identify individual users, it cannot be used to create a global
>>         database of Internet users, in no way can it be used by networks
>> or
>>         governments to track or block individuals, nor can it ever be
>> required
>>         for communications. That implies network layer identities cannot
>>         contain PII (personally identifiable information) and cannot be
>>         permanently assigned to users or devices (in the same spirit that
>>         Ethernet addresses were removed from IIDs because of privacy
>>         concerns).
>>
>>         Thanks,
>>         Tom
>>
>>     When it comes to these concerns I’d strongly recommend to have a look
>> at how identity attributes were exchanged and trust established within the
>> ABFAB framework (https://tools.ietf.org/wg/abfab/)
>>
>>     [Uma]: Though  this is not about SSOs or application stuff, thanks
>> for the pointer.
>>                     I always believed EAP has a role to play for IDy auth
>> procedures and lot of concerns brought out here (especially related to
>> Identity-privacy) are effectively taken care with existing mechanisms.
>>
>> ABFAB was not about SSO, but about using user identities to allow their
>> access to network services while protecting user privacy. And among those
>> services you could consider any kind of application or connectivity service…
>>
>> [Uma1]: Thanks for the correction.  Yes, what is needed for IDEAS is to
>> access AUTH to GRIDS by entity and also simple policy  at Identity
>> (referring Identity through Identifier in the packet regardless of which
>> Identifier of the entity is used).
>>                   Sure, we ought to re-use any existing and well defined
>> mechanisms for this purpose.
>> _______________________________________________
>> Ideas mailing list
>> Ideas@ietf.org
>> https://www.ietf.org/mailman/listinfo/ideas
>>
>
>
> _______________________________________________
> Ideas mailing list
> Ideas@ietf.org
> https://www.ietf.org/mailman/listinfo/ideas
>
>

v2.23.0 | Report a Bug | By Email