Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Enabled Networks (ideas)

Tom Herbert <tom@herbertland.com> Mon, 02 October 2017 17:04 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72B30133039 for <ideas@ietfa.amsl.com>; Mon, 2 Oct 2017 10:04:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t1Riu3Z7pfXx for <ideas@ietfa.amsl.com>; Mon, 2 Oct 2017 10:04:22 -0700 (PDT)
Received: from mail-qt0-x22e.google.com (mail-qt0-x22e.google.com [IPv6:2607:f8b0:400d:c0d::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 251B3132F65 for <ideas@ietf.org>; Mon, 2 Oct 2017 10:04:22 -0700 (PDT)
Received: by mail-qt0-x22e.google.com with SMTP id 47so8076972qts.10 for <ideas@ietf.org>; Mon, 02 Oct 2017 10:04:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=F6+8k8IYOjRLvnXvac8aUOTba2EW1JhhEDf33i9YFEU=; b=B4++LWX9SNgoFLmiXlWP51PsnTQP+8eZ9f7+aicf1sSdZh9UCpDmESl/aFhfBJ5lam QVSH4mXcYpAl2SNCpiPa6l+4DYoKNkZgInlH6vBsQdSNTu07HMDlweipz+Y2YI4hXdX7 MCIJ6xl4WSCWigM5siK/i4/qL6+0SIHheIIIyIUgcaJNwLJP2Ix7hLB14kQQyxleq5FM Pv5YiNTgViEdGFVQr8MDzYez400ZzSV+l78QWJoqNFhmQPSDklLGeeIgUM1sjqdmgpOQ LPcazw+ReZC22XDJDNua8XPLbOJy8OJE80RkDjTvQ1c+F/HfWFxFAMGDDi0UjGB7bia7 JnAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=F6+8k8IYOjRLvnXvac8aUOTba2EW1JhhEDf33i9YFEU=; b=O62Y+O9Vxp0Asdi30WbKdYxck3uCD27SUB+/lHtU2zc7JeIPkZsMugwfv+wSzSfy3z Ah+IPmuoGhQZby0+MHntN9prglwspUs1fkpkgxEmv6wu/Z0mHnd0uP7kcl4U/3uPErFV LQyYzKt+rZ5by38GrtjBEieITqHso9hAeMfI6kr9Ser3nbD41kF4IzU/j9f06uOgM6+2 0MGy1RfWT85rGVJ+hPICTPP8PiZKla8YuvEfwzE+wGIVbtqPSddXHO0O75DS1/gKFUbN pcXpPKzy4jv118HEp17q73ycj4jaFdVReHC1MpWMUcv5pnBRo8NUGmnpRgc4ast7gWEZ FdCw==
X-Gm-Message-State: AMCzsaWzXVOvEXQl15yT9F7US+4mAOlpXTjgWyv0h9goo7dfbQUa7DGN y5gyMBhPiS0S0uciBmHiUOqrr9/KZA2CWkTFxFhm8w==
X-Google-Smtp-Source: AOwi7QC7LPBMrFbD3mr3tqiIZ/WxmDxk7ZzAeqpvmm12IhWYGCaZEGgnyi7RmPMSXORtHjZA1hBSM47TMU4Lqbicci4=
X-Received: by 10.200.36.164 with SMTP id s33mr6388100qts.108.1506963860750; Mon, 02 Oct 2017 10:04:20 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.237.48.144 with HTTP; Mon, 2 Oct 2017 10:04:20 -0700 (PDT)
In-Reply-To: <c849f4452b574931a6010784711a2b26@XCH15-06-08.nw.nos.boeing.com>
References: <e476f817-580b-9083-48bb-72de1745f1c1@huitema.net> <67067a23-bb7f-08e4-3766-8802d8f3121f@huitema.net> <45e8993a73ef4bb9b3914f32c4609823@XCH15-06-08.nw.nos.boeing.com> <CALx6S35GKkW1GzSDA2qPx9SJWUfGE23SC4gct3H7eg=EUixgCA@mail.gmail.com> <3a9cf74ba67d4222b1c543d8bfccfe20@XCH15-06-08.nw.nos.boeing.com> <a456a012-8baf-0c24-de1c-90f0a17b4f67@huitema.net> <c849f4452b574931a6010784711a2b26@XCH15-06-08.nw.nos.boeing.com>
From: Tom Herbert <tom@herbertland.com>
Date: Mon, 2 Oct 2017 10:04:20 -0700
Message-ID: <CALx6S36h_w7hesVLEhyKKHx-iW8sE_-RzGoQepAR_k8x92XgLA@mail.gmail.com>
To: "Templin, Fred L" <Fred.L.Templin@boeing.com>
Cc: Christian Huitema <huitema@huitema.net>, The IESG <iesg@ietf.org>, "ideas@ietf.org" <ideas@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/qgUK5z18FJZVjsApWsQ9t-xBK3A>
Subject: Re: [Ideas] Fwd: Fwd: Re: WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Oct 2017 17:04:23 -0000

On Mon, Oct 2, 2017 at 9:55 AM, Templin, Fred L
<Fred.L.Templin@boeing.com> wrote:
> Hi Christian,
>
>
>
>>Fred, that's the kind of statements that really give me pause. "Let's do
>> something dangerous
>
>> on my network because it is well isolated and secure." I am pretty sure
>> that the gentle folks at
>
>> Equifax were thinking along similar lines.
>
>
>
> Understood, but for the Aeronautical Telecommunications Network (ATN) it
> really
>
> is secured at the lower layers and has to be that way. There are no
> connections to the
>
> open Internet, and there can be no opportunity for rogue ATCs to come in and
> start
>
> giving orders to airplanes. This is true whether/not there is a Loc/ID split
> architecture
>
Fred,

That may be true for your use case, but we can never define IETF
protocols on the basis that something at a lower layer will secure
them.

Tom