IETF Logo Mail Archive

Re: [Ideas] Mapping System Requirements and draft-padma-ideas-problem-statement-00.txt

Lin Han <Lin.Han@huawei.com> Thu, 29 September 2016 17:37 UTC

Return-Path: <Lin.Han@huawei.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95DF112B068 for <ideas@ietfa.amsl.com>; Thu, 29 Sep 2016 10:37:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.536
X-Spam-Level:
X-Spam-Status: No, score=-6.536 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OtWHYnS3Tla5 for <ideas@ietfa.amsl.com>; Thu, 29 Sep 2016 10:37:34 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9BFCD12B172 for <ideas@ietf.org>; Thu, 29 Sep 2016 10:37:27 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CSD22506; Thu, 29 Sep 2016 17:37:25 +0000 (GMT)
Received: from DFWEML702-CAH.china.huawei.com (10.193.5.176) by lhreml704-cah.china.huawei.com (10.201.5.130) with Microsoft SMTP Server (TLS) id 14.3.235.1; Thu, 29 Sep 2016 18:37:24 +0100
Received: from DFWEML501-MBB.china.huawei.com ([10.193.5.179]) by dfweml702-cah.china.huawei.com ([10.193.5.176]) with mapi id 14.03.0235.001; Thu, 29 Sep 2016 10:37:18 -0700
From: Lin Han <Lin.Han@huawei.com>
To: "'Robert Raszuk'" <robert@raszuk.net>
Thread-Topic: [Ideas] Mapping System Requirements and draft-padma-ideas-problem-statement-00.txt
Thread-Index: AQHSFEz/FaqdWIqsa0+j3Mkt86zi8qCN9f8QgACATYCAAk7acA==
Date: Thu, 29 Sep 2016 17:37:18 +0000
Message-ID: <1D30AF33624CDD4A99E8C395069A2A162AFA9F6E@dfweml501-mbb>
References: <32C28142-350A-4242-A9C6-9E32D9966601@gmail.com> <1D30AF33624CDD4A99E8C395069A2A162A600B3E@SJCEML701-CHM.china.huawei.com> <CA+b+ER=JhWHkDWgJhwpxUs8MWHr_yuRvqSeWgMuaJofkX_5QVg@mail.gmail.com>
In-Reply-To: <CA+b+ER=JhWHkDWgJhwpxUs8MWHr_yuRvqSeWgMuaJofkX_5QVg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.213.64.181]
Content-Type: multipart/alternative; boundary="_000_1D30AF33624CDD4A99E8C395069A2A162AFA9F6Edfweml501mbb_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020201.57ED5155.0245, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: d6a275bb350c90b0f50613df29a6291f
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/vtF5eDOipu2sBAHHVX9BLwq_nxk>
Cc: "ideas@ietf.org" <ideas@ietf.org>, Dino Farinacci <farinacci@gmail.com>
Subject: Re: [Ideas] Mapping System Requirements and draft-padma-ideas-problem-statement-00.txt
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Sep 2016 17:37:37 -0000

Hi, Robert

Agree that the distributed mapping system will not have the root DNS location/ownership/operation issues which brought a lot of debating before.
As a basic protocol for internet, BGP has been very successful in this area.
But if we want to use BGP for this mapping system, I guess BGP’s current performance/security may not satisfy the requirement of mobility hand over unless we change it a lot. Sure this might be a direction to investigate for the architecture of mapping server.

Rgds

Lin

From: rraszuk@gmail.com [mailto:rraszuk@gmail.com] On Behalf Of Robert Raszuk
Sent: Tuesday, September 27, 2016 4:14 PM
To: Lin Han
Cc: Dino Farinacci; ideas@ietf.org; beta@lispers.net; LISP mailing list list; NVO3; lisp-alpha@external.cisco.com; LISPmob; 5gangip@ietf.org; lisp-ops@external.cisco.com
Subject: Re: [Ideas] Mapping System Requirements and draft-padma-ideas-problem-statement-00.txt

Dear Lin,

You bring interesting news to the table with your insight ...

IMHO any global mapping plane should be fully distributed with no root under any specific gov.

Look at BGP protocol ... it does not require a root .. yet it allows to dynamically interconnect quite a few of global databases. Of course from 30 years back we now know much more modern ways to share information then via distance vector protocol. But none of those should be based on any politics controlling "the root" of it no matter which side it is on.

/* Side comment .... */

When I spoke to some of the 5G folks this was clearly the direction and in fact Dino's LISP was one of the strongest candidates there as control plane.

Best,
Robert.

On Wed, Sep 28, 2016 at 1:06 AM, Lin Han <Lin.Han@huawei.com<mailto:Lin.Han@huawei.com>> wrote:
Hi, Dino

Should we consider the security of sovereignty for the mapping system? This question is probably too early.

As you know, DNS tree architecture introduced a lot debate historically for the ownership and operation of root DNS. Due to pressure from industry and other countries, USA government plans to hand over the operation of root DNS to IANA next month even there is a lot opposing voice from congress. It could change back again.

One side is that the national security of US prefer the government operates the root DNS, another side is that other countries don’t like US to completely control the DNS.

This is related to both technology and politics. Without the support of other countries, mapping server deployment globally will be in question.


Regards

Lin



-----Original Message-----
From: Ideas [mailto:ideas-bounces@ietf.org<mailto:ideas-bounces@ietf.org>] On Behalf Of Dino Farinacci
Sent: Wednesday, September 21, 2016 2:13 PM
To: ideas@ietf.org<mailto:ideas@ietf.org>
Cc: beta@lispers.net<mailto:beta@lispers.net>; LISP mailing list list; NVO3; lisp-alpha@external.cisco.com<mailto:lisp-alpha@external.cisco.com>; LISPmob; 5gangip@ietf.org<mailto:5gangip@ietf.org>; lisp-ops@external.cisco.com<mailto:lisp-ops@external.cisco.com>
Subject: [Ideas] Mapping System Requirements and draft-padma-ideas-problem-statement-00.txt

Hello folks. In draft-padma-ideas-problem-statement-00.txt, we have a section on mapping system requirements for map-n-encap and translation based loc/id split protocols. Rather than having you go into the document in detail (we wish you would and comment though), I will provide the short list below to attempt a discussion on requirements.

I have copied the possible WGs that may want to use the mapping system technology. And I have also copied the LISP working group who can shed expertise on the subject as well as some beta lists that have some operational experiences with mapping database deployment and management.

The requirements below have a security and robustness twist to it but I think that is the best place to start and to consider security “up front”.

Thanks in advance,
Dino

----

6.4.  Mapping System Security

   The secure mapping system must have the following requirements:

   1.  The components of the mapping system need to be robust against
       direct and indirect attacks.  If any component is attacked, the
       rest of the system should act with integrity and scale and only
       the information associated with the compromised component is made
       unavailable.

   2.  The addition and removal of components of the mapping system must
       be performed in a secure matter so as to not violate the
       integrity and operation of the system and service it provides.

   3.  The information returned by components of the mapping system
       needs to be authenticated as to detect spoofing from
       masqueraders.

   4.  Information registered (by publishers) to the mapping system must
       be authenticated so the registering entity or the information is
       not spoofed.

   5.  The mapping system must allow request access (for subscribers) to
       be open and public.  However, it is optional to provide
       confidentiality and authentication of the requesters and the
       information they are requesting.

   6.  Any information provided by components of the mapping system must
       be cryptographically signed by the provider and verified by the
       consumer.

   7.  Message rate-limiting and other heuristics must be part of the
       foundational support of the mapping system to protect the system
       from invalid overloaded conditions.

   8.  The mapping system should support some form of provisioned
       policy.  Either internal to the system or via mechanisms for
       users of the system to describe policy rules.  Access control
       should not use traditional granular-based access lists since they
       do not scale and are hard to manage.  By the use of token- or
       key- based authentication methods as well as deploying multiple
       instances of the mapping system will allow acceptable policy
       profiles.  Machine learning techniques could automate these
       mechanisms.
_______________________________________________
Ideas mailing list
Ideas@ietf.org<mailto:Ideas@ietf.org>
https://www.ietf.org/mailman/listinfo/ideas

v2.8.7 | Report a Bug | By Email