RE: [P2PSIP] Re: HIP pros and cons
"David Barrett" <dbarrett@quinthar.com> Tue, 18 December 2007 21:29 UTC
Return-path: <p2psip-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1J4k0V-0001Ud-8U; Tue, 18 Dec 2007 16:29:43 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1J4k0T-0001UQ-Hj for p2psip@ietf.org; Tue, 18 Dec 2007 16:29:41 -0500
Received: from quinthar.com ([72.52.120.178]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1J4k0S-0007kE-MC for p2psip@ietf.org; Tue, 18 Dec 2007 16:29:41 -0500
Received: from lappy ([98.207.96.5]) by quinthar.com for <p2psip@ietf.org>; Tue, 18 Dec 2007 13:29:35 -0800
From: David Barrett <dbarrett@quinthar.com>
To: 'Salman Abdul Baset' <salman@cs.columbia.edu>
Subject: RE: [P2PSIP] Re: HIP pros and cons
Date: Tue, 18 Dec 2007 13:29:34 -0800
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
In-Reply-To: <Pine.LNX.4.63.0712181608510.12118@irtcluster02.cs.columbia.edu>
Thread-Index: AchBuq/YPgS06gjiS/ma/ml9Wzjc2AAAJlLw
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21be852dc93f0971708678c18d38c096
Cc: p2psip@ietf.org
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
Errors-To: p2psip-bounces@ietf.org
Message-Id: <E1J4k0V-0001Ud-8U@megatron.ietf.org>
Ah, I'm sorry, you're right -- authentication wasn't the problem, it was that the network couldn't reform after the loss of all the supernodes. So the specific lesson from Skype isn't about lack of centralized authentication capacity (which -- you're right -- had nothing to do with the problem), but rather the unnecessary use of supernodes for search/rendezvous leading to a congestion collapse scenario. -david > -----Original Message----- > From: Salman Abdul Baset [mailto:salman@cs.columbia.edu] > Sent: Tuesday, December 18, 2007 1:12 PM > To: David Barrett > Cc: p2psip@ietf.org > Subject: RE: [P2PSIP] Re: HIP pros and cons > > Skype does not have a distributed authentication mechanism. Their p2p > solution is for search and selecting voice/video relays. > -s > > On Tue, 18 Dec 2007, David Barrett wrote: > > > The Skype outage demonstrates precisely the opposite of what you're > > claiming. Rather, it shows that inappropriate use of decentralization > turns > > minor spikes into fatal calamities due to congestion-collapse scenarios. > > > > Had they simply authenticated everything globally, then a spike in login > > requests would result in a slowdown of logins for an hour or so, and > that's > > it. > > > > But because they built a totally unnecessary p2p solution, the spike > caused > > *days* of instability. > > > > Skype is the very example of why we should build central authentication. > > > > -david > > > >> -----Original Message----- > >> From: Dan York [mailto:dyork@voxeo.com] > >> Sent: Tuesday, December 18, 2007 10:09 AM > >> To: Brian Rosen; 'Miika Komu'; 'Eric Rescorla' > >> Cc: p2psip@ietf.org > >> Subject: Re: [P2PSIP] Re: HIP pros and cons > >> > >> Two words: "Skype outage". As best we can understand, (a) is similar to > >> the architecture used by Skype. A Skype client must be able to > communicate > >> with the authorization/enrollment servers to be able to access the > Skype > >> P2P cloud. When those servers then became inaccessible, the scenario > >> unfolded that led to the 2-day outage. > >> > >> I don't want to debate Skype's outage, but my point is that I would > think > >> we want to avoid anything that introduces a "single point-of-failure" > >> which (a) seems to me to do. It seems to me to be the opposite of what > we > >> are trying to do with P2P SIP. > >> > >> (So I agree with the comments from Brian and EKR that (a) is not > >> advisable.) > >> > >> My 2 cents, > >> Dan > >> -- > >> Dan York, CISSP, Director of Emerging Communication Technology > >> Office of the CTO Voxeo Corporation dyork@voxeo.com > >> Phone: +1-407-455-5859 Skype: danyork http://www.voxeo.com > >> Blogs: http://blogs.voxeo.com http://www.disruptivetelephony.com > >> > >> Bring your web applications to the phone. > >> Find out how at http://evolution.voxeo.com > >> > >> > >> > >> -----Original Message----- > >> From: "Brian Rosen" <br@brianrosen.net> > >> > >> Date: Tue, 18 Dec 2007 12:36:34 > >> To:"'Miika Komu'" <miika@iki.fi>, "'Eric Rescorla'" > >> <ekr@networkresonance.com> > >> Cc:p2psip@ietf.org > >> Subject: RE: [P2PSIP] Re: HIP pros and cons > >> > >> > >> <as individual> > >> While a) proves your point, I think we're not really interested in a > >> solution that requires the enrollment server to be reachable by any > peer > >> to > >> determine admittance to the overlay. It's one thing to need to be able > to > >> reach the enrollment service once to enroll; it's quite another to > require > >> it to be available to join the overlay. > >> > >> Brian > >> > >>> -----Original Message----- > >>> From: Miika Komu [mailto:miika@iki.fi] > >>> Sent: Tuesday, December 18, 2007 12:29 PM > >>> To: Eric Rescorla > >>> Cc: p2psip@ietf.org > >>> Subject: Re: [P2PSIP] Re: HIP pros and cons > >>> > >>> On Mon, 17 Dec 2007, Eric Rescorla wrote: > >>> > >>> Hi Eric, > >>> > >>>> At Mon, 17 Dec 2007 18:04:42 +0200 (EET), > >>>> Miika Komu wrote: > >>>>> The same way as without public keys. I fail to see the problem here. > >>>> > >>>> I don't even understand what you're proposing any more. > >>>> > >>>> If you want to describe a specific proposal, I'll be happy to address > >>>> its merits. > >>> > >>> This is one example how it could work: > >>> > >>> You connect with your web browser to the enrollment server. The DNS > >>> contains the HIT of the enrollment server, which triggers a base > >>> exchange with the enrollment server and makes the HTTP(S) connection > to > >>> use HIP. You fill in a web form and give your bank card number for the > >>> enrollment server. The web server software stores the HIT and the bank > >>> card number for enrollment purposes. From this on, we could have two > >>> alternative design solutions: > >>> > >>> a) When the new peer joins the network, DHT nodes that have been > already > >>> accepted in the network will ask the enrollment server if the new > >> peer > >>> has enrolled successfully. > >>> b) The enrollment server could give the new peer a certificate which > the > >>> peer could be using directly when actually joining the DHT. > >>> > >>> I believe approach (a) proves my original point that you can use > >>> host-generated DHT identifiers without certificates. > >>> > >>> -- > >>> Miika Komu > >> http://www.iki.fi/miika/ > >>> > >>> _______________________________________________ > >>> P2PSIP mailing list > >>> P2PSIP@ietf.org > >>> https://www1.ietf.org/mailman/listinfo/p2psip > >> > >> > >> _______________________________________________ > >> P2PSIP mailing list > >> P2PSIP@ietf.org > >> https://www1.ietf.org/mailman/listinfo/p2psip > > > > > > _______________________________________________ > > P2PSIP mailing list > > P2PSIP@ietf.org > > https://www1.ietf.org/mailman/listinfo/p2psip > > _______________________________________________ P2PSIP mailing list P2PSIP@ietf.org https://www1.ietf.org/mailman/listinfo/p2psip
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Spencer Dawkins
- [P2PSIP] Re: HIP pros and cons Miika Komu
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Ali Fessi
- Re: [P2PSIP] Re: HIP pros and cons Roy, Radhika R Dr CTR USA USAMC
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- [P2PSIP] HIP DHT interface (was HIP pros and cons) Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- RE: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- [P2PSIP] RE: HIP DHT interface (was HIP pros and … Ahrenholz, Jeffrey M
- Re: [P2PSIP] RE: HIP DHT interface (was HIP pros … Ali Fessi
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Philip Matthews
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Joakim Koskela
- Re: [P2PSIP] RE: HIP DHT interface (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Philip Matthews
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] Re: HIP pros and cons Palanisamy, Kandasamy (Kandasamy)
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] Re: HIP pros and cons Ahrenholz, Jeffrey M
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Philip Matthews
- Re: [P2PSIP] Re: HIP pros and cons Spencer Dawkins
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- Fw: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- Re: [P2PSIP] Re: HIP pros and cons Ali Fessi
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- Re: [P2PSIP] Re: HIP pros and cons Ingmar Baumgart
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros and … Ali Fessi
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- [P2PSIP] HIP performance concerns (was HIP pros a… Ali Fessi
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … David Barrett
- Re: [P2PSIP] Re: HIP pros and cons Spencer Dawkins
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Philip Matthews
- Re: [P2PSIP] HIP performance concerns (was HIP pr… Philip Matthews
- RE: [P2PSIP] HIP performance concerns (was HIP pr… Henderson, Thomas R
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Hannes Tschofenig
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Philip Matthews
- RE: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Henderson, Thomas R
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] Re: HIP pros and cons Brian Rosen
- RE: [P2PSIP] Re: HIP pros and cons Brian Rosen
- RE: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- RE: [P2PSIP] HIP performance concerns (was HIP pr… Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Dan York
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- RE: [P2PSIP] Re: HIP pros and cons Salman Abdul Baset
- Re: [P2PSIP] Re: HIP pros and cons Ali Fessi
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP performance concerns (was HIP pr… Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] HIP performance concerns (was HIP pr… Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- FW: [P2PSIP] Re: HIP pros and cons Andrey Lukyanenko