IETF Logo Mail Archive

[P2PSIP] Identity certificate segregation [was Re: draft-ietf-p2psip-base publication to be requested]

Marc Petit-Huguenin <petithug@acm.org> Thu, 09 June 2011 17:05 UTC

Return-Path: <petithug@acm.org>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59CBB11E81C4 for <p2psip@ietfa.amsl.com>; Thu, 9 Jun 2011 10:05:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.471
X-Spam-Level:
X-Spam-Status: No, score=-102.471 tagged_above=-999 required=5 tests=[AWL=0.129, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mWjyv7QXHssZ for <p2psip@ietfa.amsl.com>; Thu, 9 Jun 2011 10:05:17 -0700 (PDT)
Received: from implementers.org (implementers.org [IPv6:2604:3400:dc1:41:216:3eff:fe5b:8240]) by ietfa.amsl.com (Postfix) with ESMTP id 2103D11E8180 for <p2psip@ietf.org>; Thu, 9 Jun 2011 10:05:17 -0700 (PDT)
Received: from [IPv6:2001:470:1f05:616:213:d4ff:fe04:3e08] (shalmaneser.org [IPv6:2001:470:1f05:616:213:d4ff:fe04:3e08]) by implementers.org (Postfix) with ESMTPS id 6BC132218B; Thu, 9 Jun 2011 19:04:22 +0200 (CEST)
Message-ID: <4DF0FD49.3020505@acm.org>
Date: Thu, 09 Jun 2011 10:05:13 -0700
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110606 Iceowl/1.0b2 Icedove/3.1.10
MIME-Version: 1.0
To: Diego Suarez <loopp2psip@gmail.com>
References: <BANLkTikuy8qpZ42Zod1YK2+iYv1ib6=Yag@mail.gmail.com> <1307629878.30919.87.camel@toedo>
In-Reply-To: <1307629878.30919.87.camel@toedo>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: P2PSIP WG <p2psip@ietf.org>
Subject: [P2PSIP] Identity certificate segregation [was Re: draft-ietf-p2psip-base publication to be requested]
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jun 2011 17:05:18 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Does this model really required modifications in the base document, or can it be
designed as an extension?  (Unfortunately the paper is not freely available, so
it is difficult to know really what is needed for this).

On 06/09/2011 07:31 AM, Diego Suarez wrote:
> Hi, 
> 
> I had in mind writing a draft about this, but since I'm running out of
> time, I would like to summarize a new certification model for P2PSIP I
> have been working on, in case it is of interest for the group.
> Further details can be found in paper:
> 
> D. Touceda, J. Camara, L. Villalba, and J. Marquez, “Advantages of
> identity certificate segregation in P2PSIP systems,” Communications,
> IET, vol. 5, pp. 879–889, Apr. 2011.
> 
> 
> The idea is to split the certification of users and devices. Devices are
> identified by PKCs including a nodeID and the PK of the device, while
> users are identified by PKCs including a username and the PK of the
> user. Similar models have been used before in other communications
> systems, such as GSM where devices and users are separately represented
> by the international mobile equipment identity (IMEI) stored in the
> phones and the international mobile subscriber identity (IMSI) stored in
> the user subscriber identity module (SIM), respectively.
> 
> Motivations of this model are:
> 
> - Users and devices are different entities performing different
> roles within a P2PSIP system. Devices are nodes of the P2P
> overlay network (represented by a nodeID) that offer services
> (to route messages, to store data, . . .) to the system, while
> users (represented by an username) utilize these services,
> usually to establish media communications using SIP.
> 
> - Support for mobility scenarios where a user may be logged at different
> devices at the same time using the same PKC.
> 
> - Support several users to be logged in the same device (like a fixed
> phone) at the same time.
> 
> - Support for user independent hard-coded devices.
> 
> - Interoperability with SIP. SIP certificates are not valid in actual
> P2PSIP since they don't include a nodeID.
> 
> cheers
> 
> Diego Suárez
> 
> 
> On Wed, 2011-06-08 at 09:48 -0700, David A. Bryan wrote:
>> Unless something major comes up, we plan to request the newest version
>> of the base draft, draft-ietf-p2psip-base-15, be published. I'll put
>> in the request in a week (June 16th or 17th). If there are any further
>> comments from the last call a while ago (or further comments on the
>> comments since then), please send them to the list ASAP.
>>
>> Thanks,
>>
>> David (as chair)
>> _______________________________________________
>> P2PSIP mailing list
>> P2PSIP@ietf.org
>> https://www.ietf.org/mailman/listinfo/p2psip
> 
> 
> _______________________________________________
> P2PSIP mailing list
> P2PSIP@ietf.org
> https://www.ietf.org/mailman/listinfo/p2psip


- -- 
Marc Petit-Huguenin
Personal email: marc@petit-huguenin.org
Professional email: petithug@acm.org
Blog: http://blog.marc.petit-huguenin.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk3w/UMACgkQ9RoMZyVa61ctqACfTdnpLBUDY3GqmcHvcT41ncRS
3r0An3YjUnCnMv4Rg/a91pra/xZFiGj6
=NiCK
-----END PGP SIGNATURE-----

v2.8.7 | Report a Bug | By Email