IETF Logo Mail Archive

Re: [mif] The formation of the design team

Margaret Wasserman <mrw@lilacglade.org> Thu, 04 April 2013 13:11 UTC

Return-Path: <mrw@lilacglade.org>
X-Original-To: mif@ietfa.amsl.com
Delivered-To: mif@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FD0F21F84E3 for <mif@ietfa.amsl.com>; Thu, 4 Apr 2013 06:11:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yd9f0BM270o4 for <mif@ietfa.amsl.com>; Thu, 4 Apr 2013 06:11:23 -0700 (PDT)
Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) by ietfa.amsl.com (Postfix) with ESMTP id 9C64021F8BF4 for <mif@ietf.org>; Thu, 4 Apr 2013 06:11:09 -0700 (PDT)
Received: from new-host-3.home (pool-71-184-79-25.bstnma.fios.verizon.net [71.184.79.25]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.painless-security.com (Postfix) with ESMTPSA id 179CE20218; Thu, 4 Apr 2013 09:09:52 -0400 (EDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: Margaret Wasserman <mrw@lilacglade.org>
In-Reply-To: <515D27EA.20006@gmail.com>
Date: Thu, 04 Apr 2013 09:11:05 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <5082074F-69FC-44FD-AB79-804963B00CB5@lilacglade.org>
References: <CANF0JMAkCPYHotZ_j5YEDsB+CWPcjE2j1_sqO5iQ156-ebGbXQ@mail.gmail.com> <28783.1365004956@sandelman.ca> <515C5844.1020802@gmail.com> <0B1F4EC1-B8EA-4D0A-815E-27FD485A6BD0@lilacglade.org> <515D27EA.20006@gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
X-Mailer: Apple Mail (2.1499)
Cc: MIF Mailing List <mif@ietf.org>
Subject: Re: [mif] The formation of the design team
X-BeenThere: mif@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiple Interface Discussion List <mif.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif>, <mailto:mif-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif>
List-Post: <mailto:mif@ietf.org>
List-Help: <mailto:mif-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif>, <mailto:mif-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2013 13:11:24 -0000

Hi Brian,

On Apr 4, 2013, at 3:12 AM, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
> Unfortunately I believe what I said above: the scope of the underlying
> problem is very broad and very hard to solve. It would take a lot more than
> one email to really justify that statement, but I think the design team will
> have to scope their work very narrowly to focus on partial solutions.

I think of the design team effort as an interim step between the problem statement and "solutions" actually…  I guess I'd describe it as better defining, in architectural terms, what we're talking about when we say "provisioning domain".  I'd expect the design team to write a document (or documents?), as contributions to be considered by the MIF WG that cover things like:

- What is a "provisioning domain"?  

- What sorts of information are configured on a per-provisioning domain basis (vs. per interface, per prefix or per-stack)?

- How does a provisioning domain relate to currently well-understood architectural entities in a TCP/IP stack (like physical interfaces, logical interfaces, address prefixes, etc.)?  

- How does a provisioning domain relate to currently well-understood processes in a TCP/IP stack, like DNS lookups (and split DNS), application-level destination address selection, selection of "referral pools" for things like SCTP, source address selection in the stack, interface selection in the stack, etc.?  

- What are the interesting properties of provisioning domains?  Are there different types of provisioning domains that it would be interesting to distinguish between from an architectural perspective (i.e. behind a NAT or not, walled garden or not, IPv4 or IPv6, etc.)?  

- Are there security issues specific to being attached to more than one provisioning domain?  Is there a useful notion around the idea that one provisioning domain may be more "trusted" than another?  What would the practical implications of that?

- How (conceptually) should transport layers or applications (i.e. anything above IP) usefully communicate with the IP stack about provisioning domains?  What information (at a conceptual level) can the IP stack provide that would be useful to upper layers, and what do the upper layers want to say to the stack about provisioning domains?  For example, should upper layers be able to force selection of a particular provisioning domain, like they can currently force selection of a source IP address, destination IP address or interface? If so, how does the application find out what provisioning domains are available and usefully select between them?  To what extent can applications benefit from being aware of provisioning domains?

- Is there a provisioning domain configuration problem at the application layer, too? (I think there is.)  i.e. Do applications have problems when they get DHCP configuration options from more than one provisioning domain, and if so what can/should they do about it?  Is there a need for the applications and stacks to have a common notion of what provisioning domains exist and how to refer to them, so that applications can use the configuration corresponding to the domain or their outgoing connections, etc?

I could go on, but I'd be surprised if we could reach consensus on the answer to all of those questions.

Thoughts?

Margaret

v2.23.0 | Report a Bug | By Email