Hi SM, Please see inline.
Cheers, Med >-----Message d'origine----- >De : S Moonesamy [mailto:sm+i...@elandsys.com] >Envoyé : vendredi 6 juin 2014 14:56 >À : BOUCADAIR Mohamed IMT/OLN; Tirumaleswar Reddy (tireddy); int- >a...@ietf.org >Objet : RE: [Int-area] Call for adoption of draft-boucadair-intarea-host- >identifier-scenarios-04 > >Hi Med, >At 00:59 06-06-2014, mohamed.boucad...@orange.com wrote: >>[Med] FWIW, the scenarios draft is not a "HOST_ID specification document". > >[snip] > >>[Med] Having a dedicated section for privacy is a signal that we >>have those issues on our radar. Our analysis at this stage is that >>RFC6967 includes a decent discussion that is still valid for this >>use cases document. If you think that additional concerns are to be >>discussed, please don't hesitate to share them. We will consider >>updating the document accordingly. > >[snip] > >>[Med] There is no mention of "HOST_ID" in this draft. Furthermore, >>the current text says the following: >>" The document does not elaborate whether explicit authentication is >> enabled or not." >> >>Solution-specific discussions are out of scope. The main mission of >>the document is to help identifying use cases where there are >>difficulties to enforce per-host policies due to the presence of >>address sharing or the use of tunnels. > >[snip] > >>[Med] Documenting misuses should be definitely in scope. >>Contributions are more than welcome. > > From the above (quoted text) I understand that there are >difficulties to enforce policies and those difficulties have not be >discussed or addressed in IETF RFCs. [Med] Yes. The INTAREA working group >previously worked on a RFC about potential solutions for revealing a >host identifier. Are the potential solutions discussed in RFC 6967 >inadequate? [Med] The effort in RFC6967 does not ambition to pick a solution but to conduct an analysis effort with a focus on the CGN case. That case is only one among others defined in the scenario draft. Identify and document the use cases is a first step to actually understand the problem we are talking about. This is a contribution to clarify the big picture of this problem space. I don't think the question is out of scope given that >the draft references RFC 6967. [Med] Privacy is not out of scope as I mentioned in a previous message. Nevertheless, privacy implications may depend on the targeted use case. The considerations in RFC6967 can be completed with new ones if any. > >If the mission is to identify use cases, why are discussions about >the use cases (see Section 2) out of scope? [Med] What we declared out of scope is solution-oriented aspects. We wanted to have a very focused document. > >The lack of host identification does not affect host >connectivity. This scenarios draft makes the case for the lack of >host identification being the cause of problems. [Med] The draft focuses only on scenarios where complications arise. The problem may be abstracted from other perspective but the host identification is a valid angle IMHO. Do the problems >affect the internet or are they limited cases? [Med] Implication on connectivity depends on the use cases. For example, a service that black list a full IP address or rate limit based on the source IP address will impact a lot of customers; access to services won't be granted. > >Regards, >S. Moonesamy _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area