Re: [Int-area] Call for adoption of draft-boucadair-intarea-host-identifier-scenarios-04

[<mohamed.boucadair@orange.com>]

Hi SM, 

Please see inline.

Cheers,
Med

>-----Message d'origine-----
>De : S Moonesamy [mailto:sm+ietf@elandsys.com]
>Envoyé : vendredi 6 juin 2014 14:56
>À : BOUCADAIR Mohamed IMT/OLN; Tirumaleswar Reddy (tireddy); int-
>area@ietf.org
>Objet : RE: [Int-area] Call for adoption of draft-boucadair-intarea-host-
>identifier-scenarios-04
>
>Hi Med,
>At 00:59 06-06-2014, mohamed.boucadair@orange.com wrote:
>>[Med] FWIW, the scenarios draft is not a "HOST_ID specification document".
>
>[snip]
>
>>[Med] Having a dedicated section for privacy is a signal that we
>>have those issues on our radar. Our analysis at this stage is that
>>RFC6967 includes a decent discussion that is still valid for this
>>use cases document. If you think that additional concerns are to be
>>discussed, please don't hesitate to share them. We will consider
>>updating the document accordingly.
>
>[snip]
>
>>[Med] There is no mention of "HOST_ID" in this draft. Furthermore,
>>the current text says the following:
>>"   The document does not elaborate whether explicit authentication is
>>    enabled or not."
>>
>>Solution-specific discussions are out of scope. The main mission of
>>the document is to help identifying use cases where there are
>>difficulties to enforce per-host policies due to the presence of
>>address sharing or the use of tunnels.
>
>[snip]
>
>>[Med] Documenting misuses should be definitely in scope.
>>Contributions are more than welcome.
>
> From the above (quoted text) I understand that there are
>difficulties to enforce policies and those difficulties have not be
>discussed or addressed in IETF RFCs.

[Med] Yes. 

  The INTAREA working group
>previously worked on a RFC about potential solutions for revealing a
>host identifier.   Are the potential solutions discussed in RFC 6967
>inadequate?

[Med] The effort in RFC6967 does not ambition to pick a solution but to conduct an analysis effort with a focus on the CGN case. That case is only one among others defined in the scenario draft. Identify and document the use cases is a first step to actually understand the problem we are talking about. This is a contribution to clarify the big picture of this problem space. 

  I don't think the question is out of scope given that
>the draft references RFC 6967.

[Med] Privacy is not out of scope as I mentioned in a previous message. Nevertheless, privacy implications may depend on the targeted use case. The considerations in RFC6967 can be completed with new ones if any.

>
>If the mission is to identify use cases, why are discussions about
>the use cases (see Section 2) out of scope?

[Med] What we declared out of scope is solution-oriented aspects. We wanted to have a very focused document.

>
>The lack of host identification does not affect host
>connectivity.  This scenarios draft makes the case for the lack of
>host identification being the cause of problems.

[Med] The draft focuses only on scenarios where complications arise. The problem may be abstracted from other perspective but the host identification is a valid angle IMHO. 

  Do the problems
>affect the internet or are they limited cases?

[Med] Implication on connectivity depends on the use cases. For example, a service that black list a full IP address  or rate limit based on the source IP address will impact a lot of customers; access to services won't be granted. 

>
>Regards,
>S. Moonesamy