Re: [Int-area] Continuing the addressing discussion: what is an address anyway?

Dino Farinacci <> Tue, 08 March 2022 20:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 59F843A15CB for <>; Tue, 8 Mar 2022 12:00:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.109
X-Spam-Status: No, score=-7.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id aY6yM6Otupfn for <>; Tue, 8 Mar 2022 12:00:04 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9F77A3A13B3 for <>; Tue, 8 Mar 2022 12:00:04 -0800 (PST)
Received: by with SMTP id m11-20020a17090a7f8b00b001beef6143a8so307451pjl.4 for <>; Tue, 08 Mar 2022 12:00:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20210112; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=//RbM3lgSou5ES1Fms8LLvNbpulstbJ56kDb+z29tJA=; b=AdOFGqbWvENvqy4w985FscxJqs2UINcq/xC50Gr8rfKvILTN5R0K9y92p81ylqHpGs 8mtrHBSyhV1CUzEeLkazgyZJE38BohuqkfjAeaCnpUi8fY+4YiqferZNAvPQGx1/oKp+ +cINpNnFUCQZ83X8TJKJ/n59wexdisPDc32E+iqrCZGpkNGfInb0gbALOXMpX8sU6G6g OdodWgwMyEzh85nkphzShfYf7mv/35DeIpYyUJZHr5krD10FMeqCDrwSlcLFx8oJiF0B UiP/Mb9Ewp/l99q7mNj1D5rBdXZb4iB4l1g64JrinuTAApn2x5wr5XW6YhZ7joi/de7D DmoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=//RbM3lgSou5ES1Fms8LLvNbpulstbJ56kDb+z29tJA=; b=NJTP+G9os7wYNGw3tN8rV9ZYiylgipkZvi5ebErshVL8wvQ5rphEHTiWaykhLPrSA8 grjboZXf3ocfMoTcVLhCbfFnjC0UP5E1K/gb7owteZG4Rwo4r57er3DVA0LdILQe5BRo FK83skHRNASq+pIFqXnmdItg4cqid1LGfWvgQkqEfT65sk72FmZxjpx0hxBKlU0iy6gz Obxk7sXLLF1OEz7OsGBb8RcVx0OPVrfQWuGOO5C8/vbaGqjMp8bOOXzxFcyjkMTe+bQj mslKNlelFNbbVAbLQ5F3X+LDD01pVCVYnEAjEbfn9yjL9eJ3R+/qTdB1SyYPEvMuapMW 4BvA==
X-Gm-Message-State: AOAM531R2oOqyhjWFQgg74T7dfcw+hqeCX3EQ8jrNnShxqWz0MbEDQ1O d4DublQDX49z14/PebZXb5I=
X-Google-Smtp-Source: ABdhPJzV7vZcQc4KQroSmMs7X0sfMmshb+Qmow0yJgKfJVLwWQHGealvV7WddlZHBsRR4c9fl6SHtg==
X-Received: by 2002:a17:90b:4c44:b0:1bf:f00:3735 with SMTP id np4-20020a17090b4c4400b001bf0f003735mr6575016pjb.168.1646769603616; Tue, 08 Mar 2022 12:00:03 -0800 (PST)
Received: from ( []) by with ESMTPSA id q12-20020a17090a178c00b001bd036e11fdsm3730363pja.42.2022. (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 08 Mar 2022 12:00:03 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.\))
From: Dino Farinacci <>
In-Reply-To: <>
Date: Tue, 08 Mar 2022 12:00:01 -0800
Cc: Antoine FRESSANCOURT <>, Toerless Eckert <>, "" <>, Dirk Trossen <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <> <> <> <> <> <> <>
To: Jens Finkhaeuser <>
X-Mailer: Apple Mail (2.3693.
Archived-At: <>
Subject: Re: [Int-area] Continuing the addressing discussion: what is an address anyway?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Internet Area WG Mailing List <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 08 Mar 2022 20:00:15 -0000

> Dino,
> thank you for this and your other answers!


> I can see that it's possible to treat EIDs as sufficiently static to treat them as (stand-ins for) unique identifiers.

Yes, that is correct.

> I can still (quite easily) construct scenarios with drones where the EID-to-RLOC mapping on a LISP map server is not going to suffice for AAA. I'd gladly discuss this further, but it is increasingly out of scope of the current topic on the distinction between identifiers and locators.

If you want to go private, I can discuss with you. 

But note that registration to the mapping system can be signed and verified with PKI so when a requesting EID is authenticated (and authorized) to lookup a destination EID, the map-server can decide if a reply should be returned (map-servers can proxy-reply for Map-Requests).

> I'm conducting some ongoing research on this more general AAA topic, however. I can see that there is space for a LISP extension at some point to cover such scenarios. That is a highly interesting conclusion in its own right. If you 

It is my belief that you don't need other AAA solutions if your mapping system supports access-control and identity verification.

> don't mind, I shall reach out to you regarding this in some time, because you appear to be the right person for this!

Sure, anytime. Thanks.