IETF Logo Mail Archive

Re: [Int-area] The small address use case in FlexIP

Stewart Bryant <stewart.bryant@gmail.com> Mon, 08 February 2021 11:31 UTC

Return-Path: <stewart.bryant@gmail.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF10A3A1632; Mon, 8 Feb 2021 03:31:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i-0qz3eFesd3; Mon, 8 Feb 2021 03:31:50 -0800 (PST)
Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B54F3A1631; Mon, 8 Feb 2021 03:31:50 -0800 (PST)
Received: by mail-wr1-x434.google.com with SMTP id g6so3649852wrs.11; Mon, 08 Feb 2021 03:31:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=p37olEaN6kGcC+XF1mNFzKz2TtHIZWExKIBISJYFskU=; b=eF/QXL3XR9jrxD5pE4jEZ7zFe8Pttqwji89W4DbVT7/49Ptqu00p9c9Z7yFuiRjR/6 Pit2OAdvdAqSp6xP7StHXqvpd2oFF/TrQh2QM7WIKLI+4Kp4/Ppxwv8FTknC7B4Rqqdp lIU8OD6oRPkyfgDJGFBRhzSpL5nitjYhs1NAniZhXdMmR70Od2t8saHt7ZD9pVD4bn1T IsfkxAEUqSnbDn0igaRK3DDYy1TdsgSLt8yOAMxLbikE6p8MYeZDrjaCZ09dPR5GqAox vEZVgsSYW4J1dV6KLKr0R/PlTWNJw3UJZMW/Hq/RsmtLsTkFuPaHMphnsMwv2kDAjaGB +bZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=p37olEaN6kGcC+XF1mNFzKz2TtHIZWExKIBISJYFskU=; b=t+hqEOiRklV8tt7px/FjMqUole9lbdblMkOV8OIrh5+6iXNX5dUxfeIIDH4u0tECk/ jfoo4kEQMZJwMwMx5NWLWy0ugcDnUFia654v41ICn93nwZsicok2bwVqCk7BJKiXmcnT 93Zr9JHpJB6OdHfIIIJNM5w6B2skzYpx/QU4hKUNhq8rmyyw+hcjDQ7KFSXOg66GgitP mV/a8w0MdoRH5Wk9CDaTJ9B00M4iSBW1OIfElu8te2nViP0SNJ1qdJ+f3JVg3o0x14Sz XWRXKJT1q0d96rmZeLsUs9Bo4LNnY0bD/EhQEnBhXj7lh2WZ5zsgPd6VLUig+tuwDxuW xMPA==
X-Gm-Message-State: AOAM533FmanIypD/7EjVZ+Fpc+dcdBgoJZZ1jfQ4ikkJIzQtMHyQyQOk wA2gsD4zxw/fMi9b2ITZGKo=
X-Google-Smtp-Source: ABdhPJwiXhjFpl62zcjeIFRB0FMO7hJaUEicAGspBBTfRCMY3vTdNrmTugkp5LgqO4TqDNcduepgzQ==
X-Received: by 2002:adf:a501:: with SMTP id i1mr6369687wrb.149.1612783908713; Mon, 08 Feb 2021 03:31:48 -0800 (PST)
Received: from broadband.bt.com ([2a00:23c5:3395:c901:852c:66f3:e724:be65]) by smtp.gmail.com with ESMTPSA id t15sm19730197wmi.48.2021.02.08.03.31.47 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 08 Feb 2021 03:31:48 -0800 (PST)
From: Stewart Bryant <stewart.bryant@gmail.com>
Message-Id: <1A1B8B65-5806-42FA-9E4D-893855653E98@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_1E95D612-DED5-4C59-B393-D9F1C8394F15"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Date: Mon, 08 Feb 2021 11:31:46 +0000
In-Reply-To: <1749aa4fe2f44eb8852d1914d2623cb3@huawei.com>
Cc: Stewart Bryant <stewart.bryant@gmail.com>, int-area <int-area@ietf.org>, "draft-jia-flex-ip-address-structure@ietf.org" <draft-jia-flex-ip-address-structure@ietf.org>, "draft-jia-scenarios-flexible-address-structure@ietf.org" <draft-jia-scenarios-flexible-address-structure@ietf.org>
To: Jiayihao <jiayihao@huawei.com>
References: <1749aa4fe2f44eb8852d1914d2623cb3@huawei.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/Sjc_oP7Fwl7FVSQn902ZQVdOj3k>
Subject: Re: [Int-area] The small address use case in FlexIP
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Feb 2021 11:31:53 -0000

The problem with this approach is that you only secure the address and not the rest of the packet, so you end up with two crypto functions to execute.

Also there are other contenders for the suffix such as the arrival action as per network programming, and the perhaps per hop action as per foam. Now I suppose that this simply means a much longer address and the semantics of the stuff that follows the prefix is defined by the address, but then I think that it is better to simply call that a blob defined by the prefix rather with no formal semantics in the protocol and leave the definition of the blob to the network application designers.

There is clearly quite a lot to study in terms of multi-semantics which I think really should be taken out and put in its own draft. 

- Stewart

> On 8 Feb 2021, at 10:05, Jiayihao <jiayihao@huawei.com> wrote:
> 
> As for address embedding public key, it need not to carry any algorithm in the address. It would be much better to carry the public key by address, while indicate the algorithm by protocol. I think CGA is a good instance for involve address in cryptography. For forwarding efficiency, a public key can be only set as a suffix, thus forwarder could process the prefix only, and thus the cryptography related stuff may not hinder the looking up efficiency. 
>

v2.23.0 | Report a Bug | By Email