IETF Logo Mail Archive

Re: [mif-arch-dt] Strawman solution proposals for DHCPv6 and RA support for multiple provisioning domains

Jouni Korhonen <jouni.nospam@gmail.com> Sat, 23 November 2013 20:19 UTC

Return-Path: <jouni.nospam@gmail.com>
X-Original-To: mif-arch-dt@ietfa.amsl.com
Delivered-To: mif-arch-dt@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE35E1AE1CA for <mif-arch-dt@ietfa.amsl.com>; Sat, 23 Nov 2013 12:19:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e-uN4iibhAhp for <mif-arch-dt@ietfa.amsl.com>; Sat, 23 Nov 2013 12:19:33 -0800 (PST)
Received: from mail-la0-x22a.google.com (mail-la0-x22a.google.com [IPv6:2a00:1450:4010:c03::22a]) by ietfa.amsl.com (Postfix) with ESMTP id D39341AE0A0 for <mif-arch-dt@ietf.org>; Sat, 23 Nov 2013 12:19:32 -0800 (PST)
Received: by mail-la0-f42.google.com with SMTP id ec20so1897677lab.1 for <mif-arch-dt@ietf.org>; Sat, 23 Nov 2013 12:19:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=a3TbSnpBZWCdhIIWLtZrmBSf+4WMUxezA6nlWE+8vbQ=; b=rRktAtY5IcDoju0BRtgj67dlbXds6FE117ofjWwv+Xra8qEGc7ghda3hAg/J8j5gvb Qhg+M96JPwLcL8mJxIGnvtXfabrk9qls+1irBrkgFb8nJJ932AoODO1PMIpO9KxA8Pk4 akD+BQfId3zw3/kVzTPVtUBcgraMg2zfMS0/IXSx4ocD0wYve+1YeKiowhguhf/jTJpu Wm1vE/KNydVDSTLx/uYOs0O7WjZ25h28d9xzdXImGjZsDDpStnxakQJdZ2cJVNS4lkzm ee8Tt07QrH+3IMjcYcp+9ewppdGmPEB/LtJXp9vZk0Fj2qF9eEzwTKHEPlogUuWTBw2I MiIw==
X-Received: by 10.152.143.6 with SMTP id sa6mr15460044lab.20.1385237964617; Sat, 23 Nov 2013 12:19:24 -0800 (PST)
Received: from [188.117.15.110] ([188.117.15.110]) by mx.google.com with ESMTPSA id j1sm14916479lbl.10.2013.11.23.12.19.23 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 23 Nov 2013 12:19:24 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Jouni Korhonen <jouni.nospam@gmail.com>
In-Reply-To: <6AC3097B-C63D-4DC6-80BE-29FEFE355D40@nominum.com>
Date: Sat, 23 Nov 2013 22:19:26 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <6C4F8A6D-43FA-4C91-922B-97AA8A1C901E@gmail.com>
References: <5267F29C.3010304@ericsson.com> <0010ca0ba1f44fe2a1b8fa5f110a00c0@SN2PR03MB077.namprd03.prod.outlook.com>, <41845B5F-8694-4368-B2F6-BA3BA0CFDD91@gmail.com> <ee10ff9826854918aebf0565c93ce5a9@SN2PR03MB077.namprd03.prod.outlook.com> <E07F8EDD-6BA5-4B7D-B307-C819B6AC2053@gmail.com> <6AC3097B-C63D-4DC6-80BE-29FEFE355D40@nominum.com>
To: Ted Lemon <Ted.Lemon@nominum.com>
X-Mailer: Apple Mail (2.1510)
Cc: "mif-arch-dt@ietf.org" <mif-arch-dt@ietf.org>, Suresh Krishnan <suresh.krishnan@ericsson.com>, Dmitry Anipko <Dmitry.Anipko@microsoft.com>
Subject: Re: [mif-arch-dt] Strawman solution proposals for DHCPv6 and RA support for multiple provisioning domains
X-BeenThere: mif-arch-dt@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: MIF Architecture Design Team mailing list <mif-arch-dt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif-arch-dt>, <mailto:mif-arch-dt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif-arch-dt/>
List-Post: <mailto:mif-arch-dt@ietf.org>
List-Help: <mailto:mif-arch-dt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif-arch-dt>, <mailto:mif-arch-dt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Nov 2013 20:19:35 -0000

On Nov 22, 2013, at 10:33 PM, Ted Lemon <Ted.Lemon@nominum.com> wrote:

> On Nov 22, 2013, at 12:11 PM, Jouni Korhonen <jouni.nospam@gmail.com> wrote:
>> Domain names and alike possible PVD-IDs are ok since they already are "human readable". However, I would put zero energy trying to add something readable data into PVDs if the used PVD-ID itself is e.g. a binary blob. I just see no value of that if it increases the data size of the PVD container or ID.
> 
> If the PVD ID is a blob, you need a mechanism for assigning a name to it and validating it.

For me UUID is a binary blod. Obviously you need to know to type of the
binary you are carrying.

- Jouni



> 
> Think about the possible flow here.   We want to be able to present this information to the user in a chooser, right?   So that means that if what's contained in the ID is a binary blob, we need a way to translate it.   Also, if the blob is something we've already seen and can cryptographically authenticate based on a previous leap of faith, then we need the signature to authenticate.  And if we don't have the name at this point, we need a process for finding the name associated with the blob after we've decided to try it.
> 
> It might be better to have a name that we can do all that too that's human-readable.   Then we can do cryptographic validation if we have already seen the name, and avoid connecting to a fraudulent version of the PVD (which we could also do with the blob).   But if we haven't seen the name before, and haven't yet accepted it, we want something to present to the user, don't we?
> 
> This bears thinking about.   I'm not saying you're wrong, but don't be too quick to leap to conclusions about this!
>

v2.23.0 | Report a Bug | By Email