IETF Logo Mail Archive

Re: [mif] The formation of the design team

Margaret Wasserman <mrw@lilacglade.org> Thu, 04 April 2013 22:04 UTC

Return-Path: <mrw@lilacglade.org>
X-Original-To: mif@ietfa.amsl.com
Delivered-To: mif@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EF6821F8E72 for <mif@ietfa.amsl.com>; Thu, 4 Apr 2013 15:04:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.001, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MY04jyhmVd3R for <mif@ietfa.amsl.com>; Thu, 4 Apr 2013 15:04:24 -0700 (PDT)
Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) by ietfa.amsl.com (Postfix) with ESMTP id 560DA21F8C7D for <mif@ietf.org>; Thu, 4 Apr 2013 15:04:23 -0700 (PDT)
Received: from [10.1.10.103] (unknown [10.1.10.103]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.painless-security.com (Postfix) with ESMTPSA id DD9BC20218; Thu, 4 Apr 2013 18:03:07 -0400 (EDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: Margaret Wasserman <mrw@lilacglade.org>
In-Reply-To: <5082074F-69FC-44FD-AB79-804963B00CB5@lilacglade.org>
Date: Thu, 04 Apr 2013 18:04:22 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <3C815158-DE8F-4C48-9F99-FBBD967FB08A@lilacglade.org>
References: <CANF0JMAkCPYHotZ_j5YEDsB+CWPcjE2j1_sqO5iQ156-ebGbXQ@mail.gmail.com> <28783.1365004956@sandelman.ca> <515C5844.1020802@gmail.com> <0B1F4EC1-B8EA-4D0A-815E-27FD485A6BD0@lilacglade.org> <515D27EA.20006@gmail.com> <5082074F-69FC-44FD-AB79-804963B00CB5@lilacglade.org>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
X-Mailer: Apple Mail (2.1499)
Cc: MIF Mailing List <mif@ietf.org>
Subject: Re: [mif] The formation of the design team
X-BeenThere: mif@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiple Interface Discussion List <mif.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif>, <mailto:mif-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif>
List-Post: <mailto:mif@ietf.org>
List-Help: <mailto:mif-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif>, <mailto:mif-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2013 22:04:25 -0000

One thing I may not have made clear in this message, and that seems to be missing from other parts of this discussion…

We are _not_ breaking new ground here and/or proposing that we move IP stacks in a direction that they haven't already moved.  Virtually every TCP/IP stack on every operating system from desktops to cell phones to embedded systems is _already_ dealing with Multiple Provisioning Domains in one way or another, some more successfully than others.  Existing solutions range from stack changes to connection managers to point fixes in specific problem areas (like DHCP and DNS).

The idea is to try to come up with common set of terminology and a common understanding of the Multiple Provisioning Domain concept at an architectural level, so that we can engage in a useful conversation about whether the IETF can/should standardize anything in this area.

Margaret

On Apr 4, 2013, at 9:11 AM, Margaret Wasserman <mrw@lilacglade.org> wrote:

> 
> Hi Brian,
> 
> On Apr 4, 2013, at 3:12 AM, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>> Unfortunately I believe what I said above: the scope of the underlying
>> problem is very broad and very hard to solve. It would take a lot more than
>> one email to really justify that statement, but I think the design team will
>> have to scope their work very narrowly to focus on partial solutions.
> 
> I think of the design team effort as an interim step between the problem statement and "solutions" actually…  I guess I'd describe it as better defining, in architectural terms, what we're talking about when we say "provisioning domain".  I'd expect the design team to write a document (or documents?), as contributions to be considered by the MIF WG that cover things like:
> 
> - What is a "provisioning domain"?  
> 
> - What sorts of information are configured on a per-provisioning domain basis (vs. per interface, per prefix or per-stack)?
> 
> - How does a provisioning domain relate to currently well-understood architectural entities in a TCP/IP stack (like physical interfaces, logical interfaces, address prefixes, etc.)?  
> 
> - How does a provisioning domain relate to currently well-understood processes in a TCP/IP stack, like DNS lookups (and split DNS), application-level destination address selection, selection of "referral pools" for things like SCTP, source address selection in the stack, interface selection in the stack, etc.?  
> 
> - What are the interesting properties of provisioning domains?  Are there different types of provisioning domains that it would be interesting to distinguish between from an architectural perspective (i.e. behind a NAT or not, walled garden or not, IPv4 or IPv6, etc.)?  
> 
> - Are there security issues specific to being attached to more than one provisioning domain?  Is there a useful notion around the idea that one provisioning domain may be more "trusted" than another?  What would the practical implications of that?
> 
> - How (conceptually) should transport layers or applications (i.e. anything above IP) usefully communicate with the IP stack about provisioning domains?  What information (at a conceptual level) can the IP stack provide that would be useful to upper layers, and what do the upper layers want to say to the stack about provisioning domains?  For example, should upper layers be able to force selection of a particular provisioning domain, like they can currently force selection of a source IP address, destination IP address or interface? If so, how does the application find out what provisioning domains are available and usefully select between them?  To what extent can applications benefit from being aware of provisioning domains?
> 
> - Is there a provisioning domain configuration problem at the application layer, too? (I think there is.)  i.e. Do applications have problems when they get DHCP configuration options from more than one provisioning domain, and if so what can/should they do about it?  Is there a need for the applications and stacks to have a common notion of what provisioning domains exist and how to refer to them, so that applications can use the configuration corresponding to the domain or their outgoing connections, etc?
> 
> I could go on, but I'd be surprised if we could reach consensus on the answer to all of those questions.
> 
> Thoughts?
> 
> Margaret
> 
> 
>

v2.23.0 | Report a Bug | By Email