IETF Logo Mail Archive

Re: [Status] SPRING Charter

"John G. Scudder" <jgs@juniper.net> Wed, 16 October 2013 17:33 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: status@ietfa.amsl.com
Delivered-To: status@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7827011E82FD; Wed, 16 Oct 2013 10:33:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.716
X-Spam-Level:
X-Spam-Status: No, score=-3.716 tagged_above=-999 required=5 tests=[AWL=-0.117, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RWuEsT-2HsXf; Wed, 16 Oct 2013 10:33:43 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe005.messaging.microsoft.com [216.32.180.31]) by ietfa.amsl.com (Postfix) with ESMTP id 0544E11E8192; Wed, 16 Oct 2013 10:33:42 -0700 (PDT)
Received: from mail128-va3-R.bigfish.com (10.7.14.232) by VA3EHSOBE006.bigfish.com (10.7.40.26) with Microsoft SMTP Server id 14.1.225.22; Wed, 16 Oct 2013 17:33:42 +0000
Received: from mail128-va3 (localhost [127.0.0.1]) by mail128-va3-R.bigfish.com (Postfix) with ESMTP id E95F820006C; Wed, 16 Oct 2013 17:33:41 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:157.56.240.101; KIP:(null); UIP:(null); IPV:NLI; H:BL2PRD0510HT005.namprd05.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: 5
X-BigFish: VPS5(zz98dI9371I1432Izz1f42h208ch1ee6h1de0h1fdah2073h1202h1e76h1d1ah1d2ah1fc6h1082kzz1de098h1de097h8275bhz2fh2a8h839h944hd25he5bhf0ah1220h1288h12a5h12a9h12bdh137ah139eh13b6h1441h1504h1537h162dh1631h1662h1758h1898h18e1h1946h19b5h19ceh1ad9h1b0ah1d0ch1d2eh1d3fh1dfeh1dffh1e23h1fe8h1ff5h2052h20b3m1155h)
Received-SPF: pass (mail128-va3: domain of juniper.net designates 157.56.240.101 as permitted sender) client-ip=157.56.240.101; envelope-from=jgs@juniper.net; helo=BL2PRD0510HT005.namprd05.prod.outlook.com ; .outlook.com ;
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(51704005)(377454003)(189002)(199002)(24454002)(33656001)(62966002)(85306002)(54316002)(65816001)(81686001)(76482001)(56776001)(82746002)(66066001)(80022001)(79102001)(23726002)(74366001)(77982001)(47776003)(63696002)(59766001)(57306001)(81816001)(46406003)(74876001)(83072001)(69226001)(47736001)(49866001)(50986001)(47976001)(42186004)(53806001)(46102001)(51856001)(4396001)(50226001)(31966008)(80976001)(74662001)(19580405001)(74502001)(47446002)(19580395003)(83322001)(50466002)(74706001)(76796001)(76786001)(36756003)(81342001)(81542001)(77096001)(56816003)(77156001)(83716002)(42262001); DIR:OUT; SFP:; SCL:1; SRVR:DM2PR05MB527; H:[172.28.132.71]; CLIP:66.129.232.2; FPR:; RD:InfoNoRecords; MX:1; A:1; LANG:en;
Received: from mail128-va3 (localhost.localdomain [127.0.0.1]) by mail128-va3 (MessageSwitch) id 1381944755574479_19105; Wed, 16 Oct 2013 17:32:35 +0000 (UTC)
Received: from VA3EHSMHS005.bigfish.com (unknown [10.7.14.229]) by mail128-va3.bigfish.com (Postfix) with ESMTP id 7AFD718004C; Wed, 16 Oct 2013 17:32:35 +0000 (UTC)
Received: from BL2PRD0510HT005.namprd05.prod.outlook.com (157.56.240.101) by VA3EHSMHS005.bigfish.com (10.7.99.15) with Microsoft SMTP Server (TLS) id 14.16.227.3; Wed, 16 Oct 2013 17:32:33 +0000
Received: from DM2PR05MB527.namprd05.prod.outlook.com (10.141.99.151) by BL2PRD0510HT005.namprd05.prod.outlook.com (10.255.100.40) with Microsoft SMTP Server (TLS) id 14.16.371.2; Wed, 16 Oct 2013 17:32:33 +0000
Received: from [172.28.132.71] (66.129.232.2) by DM2PR05MB527.namprd05.prod.outlook.com (10.141.99.151) with Microsoft SMTP Server (TLS) id 15.0.775.9; Wed, 16 Oct 2013 17:32:30 +0000
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: "John G. Scudder" <jgs@juniper.net>
In-Reply-To: <525ECA07.2070207@cisco.com>
Date: Wed, 16 Oct 2013 13:31:55 -0400
Content-Transfer-Encoding: quoted-printable
Message-ID: <9C5D9C4D-F90E-48B3-A005-3DAC1EEC378F@juniper.net>
References: <52584CCA.8000902@cisco.com> <201310151346.r9FDkSIl023262@cichlid.raleigh.ibm.com> <525ECA07.2070207@cisco.com>
To: stbryant@cisco.com
X-Mailer: Apple Mail (2.1510)
X-Originating-IP: [66.129.232.2]
X-ClientProxiedBy: BLUPR07CA017.namprd07.prod.outlook.com (10.255.223.170) To DM2PR05MB527.namprd05.prod.outlook.com (10.141.99.151)
X-Forefront-PRVS: 0001227049
X-OriginatorOrg: juniper.net
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Cc: Thomas Narten <narten@us.ibm.com>, Benoit Claise <bclaise@cisco.com>, Jari Arkko <jari.arkko@piuha.net>, "status@ietf.org" <status@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>
Subject: Re: [Status] SPRING Charter
X-BeenThere: status@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Stacked Tunnels for Source Routing \(STATUS\)." <status.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/status>, <mailto:status-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/status>
List-Post: <mailto:status@ietf.org>
List-Help: <mailto:status-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/status>, <mailto:status-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Oct 2013 17:33:49 -0000

On Oct 16, 2013, at 1:16 PM, Stewart Bryant <stbryant@cisco.com> wrote:

> Could we perhaps say:
> 
> "There is an assumed trust model such that any node
> imposing an explicit route on a packet is assumed to
> be allowed to do so. Some hosts may be part of the
> trust domain, but others may not. SPRING must provide
> the means to distinguish between these two classes
> of host and prevent untrusted hosts from imposing
> a route on its packets. Administrative and trust
> boundaries may strip explicit routes from a packet."

As you observe elsewhere in your note, the distinction between "hosts" and "routers" is blurry at best, and from the point of view of the trust model I think there's neither a need nor a value to draw the distinction at all. For example, a BYOD router is just as much of a potential problem as a BYOD host.

Insofar as the added text really says "all the stuff we said you have to do for a 'node' applies equally to the special class of node called 'host'", it's harmless, but it's also unnecessary. I guess one might even argue it to be mildly harmful insofar as a casual reader might suppose that if hosts are called out specially, the listed considerations don't apply to other types of node. ("The exception that proves the rule" and all that.)

I'd be inclined to leave it as you had it.

--John

v2.23.0 | Report a Bug | By Email