Re: [I2nsf] [IPsec] your example (like Gap) about IPSec VPN gateway deployed in shopping mall not aware of where the controller is.

2017-09-19 Thread Michael Richardson 

Yoav Nir  wrote:
>> If you have the ID of entities you connect to (eg a hostname) then
>> things are easier to lookup then if you only know and IP address, and are
>> then given an ID. Because then you need to somehow verify the ID-IP set.
>> Otherwise, one node in a network can take over another node's IP
>> address, and present its own (valid!) credentials.

> This is what you do if all you have is a DNS.

DNS is a really well established distributed database with well established
and secure implementations which caches really well.  It has decades of
proven interoperation.

> However, if you have this SDN controller/SDWAN controller/Zero-Touch
> deployment thingie, why do you need public keys at all. You can just
> have the controller provision the CPEs with identities and pair-wise
> shared secrets plus addresses and domains of peers. Then you don’t need
> any PKI, lookups DNSSEC and the like.

yes, the highly available SDN controller can configure all the information,
remembering to update all the nodes regularly with new information.  Or the
SDN controller could simply do exactly the same thing using DNS zone
transfers using private DNS zones. (whether forward or reverse,etc.)
No PKI. DNSSEC if you like, TSIG authenticated zone transfers otherwise, and
numerous competing services that can provide DDoS resistance so that the SDN
controller doesn't have to be so available.

I don't really see the difference except new people can get paid to
re-discover the last 30 years of mistakes in DNS implementations.

--
Michael Richardson , Sandelman Software Works
 -= IPv6 IoT consulting =-





signature.asc
Description: PGP signature
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] WG Adoption call for draft-xibassnez-i2nsf-capability-02

2017-09-19 Thread Diego R. Lopez 
With all due apologies for the delay, caused by the clash of the adoption call, 
and my holidays (and the subsequent e-mail recovery process) I support the 
adoption as an author.

I believe this document is the core element to define the I2NSF IM, and we 
should structure it around it. I am maturing a proposal to do so, and foster IM 
and DM development, to be shared on the list soon.

Be goode,

--
"Esta vez no fallaremos, Doctor Infierno"

Dr Diego R. Lopez
Telefonica I+D
http://people.tid.es/diego.lopez/

e-mail: diego.r.lo...@telefonica.com
Tel:+34 913 129 041
Mobile: +34 682 051 091
--


On 19/9/2017, 09:04 , "John Strassner"  wrote:

I also support the adoption.

Regards,
John

-Original Message-
From: Aldo Basile [mailto:cataldo.bas...@polito.it]
Sent: Monday, September 18, 2017 11:54 PM
To: Linda Dunbar ; 'i2nsf@ietf.org' 

Cc: draft-xibassnez-i2nsf-capabil...@ietf.org; Yoav Nir 

Subject: Re: WG Adoption call for draft-xibassnez-i2nsf-capability-02

I support the adoption.

Regards,
Aldo

On 02/08/2017 22:15, Linda Dunbar wrote:
> I2NSF participants,
>
> As I2NSF has completed the WGLC for the I2NSF Framework draft, the WG is
> ready to work on the information model and data model for both Consumer
> Facing and NSF Facing Interfaces.
>
> We will first start the 2 weeks WG Adoption Call of
> https://datatracker.ietf.org/doc/draft-xibassnez-i2nsf-capability/
>
> Please remember WG Adoption only means that the entire WG can contribute
> to the content of the draft.
>
> Thanks,
>
> Linda & Yoav.
>
> **
>







Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede 
contener información privilegiada o confidencial y es para uso exclusivo de la 
persona o entidad de destino. Si no es usted. el destinatario indicado, queda 
notificado de que la lectura, utilización, divulgación y/o copia sin 
autorización puede estar prohibida en virtud de la legislación vigente. Si ha 
recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente 
por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential 
information intended only for the use of the individual or entity named above. 
If the reader of this message is not the intended recipient, you are hereby 
notified that any dissemination, distribution or copying of this communication 
is strictly prohibited. If you have received this transmission in error, do not 
read it. Please immediately reply to the sender that you have received this 
communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode 
conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa 
ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica 
notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização 
pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem 
por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e 
proceda a sua destruição
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] WG Adoption call for draft-jeong-i2nsf-applicability-01

2017-09-19 Thread Diego R. Lopez 
I support the adoption and agree with Med in the need for an applicability 
statement.

Be goode,

--
"Esta vez no fallaremos, Doctor Infierno"

Dr Diego R. Lopez
Telefonica I+D
http://people.tid.es/diego.lopez/

e-mail: diego.r.lo...@telefonica.com
Tel:+34 913 129 041
Mobile: +34 682 051 091
--


On 9/8/2017, 08:34 , 
"mohamed.boucad...@orange.com" 
> wrote:

Hi Linda, all,

I support.

That’s said, the current content and structure of the document need to be 
adjusted to reflect an applicability statement. FWIW, some comments and 
suggestions are available at: 
https://github.com/boucadair/IETF-Drafts-Reviews/raw/master/draft-jeong-i2nsf-applicability-01-rev%20Med.doc

Cheers,
Med

De : I2nsf [mailto:i2nsf-boun...@ietf.org] De la part de Linda Dunbar
Envoyé : mercredi 2 août 2017 22:27
À : 'i2nsf@ietf.org'
Cc : draft-jeong-i2nsf-applicabil...@ietf.org; Yoav Nir
Objet : [I2nsf] WG Adoption call for draft-jeong-i2nsf-applicability-01


I2NSF participants,

As adopting applicability statements as WG Document is one of the deliverables 
for I2NSF WG, we will start the 2 weeks WG Adoption Call for  
https://datatracker.ietf.org/doc/draft-jeong-i2nsf-applicability/

Please remember WG Adoption only means that the entire WG can contribute to the 
content of the draft.

Thanks,
Linda & Yoav.





Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede 
contener información privilegiada o confidencial y es para uso exclusivo de la 
persona o entidad de destino. Si no es usted. el destinatario indicado, queda 
notificado de que la lectura, utilización, divulgación y/o copia sin 
autorización puede estar prohibida en virtud de la legislación vigente. Si ha 
recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente 
por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential 
information intended only for the use of the individual or entity named above. 
If the reader of this message is not the intended recipient, you are hereby 
notified that any dissemination, distribution or copying of this communication 
is strictly prohibited. If you have received this transmission in error, do not 
read it. Please immediately reply to the sender that you have received this 
communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode 
conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa 
ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica 
notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização 
pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem 
por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e 
proceda a sua destruição
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] WG Adoption call for draft-xibassnez-i2nsf-capability-02

2017-09-19 Thread John Strassner 
I also support the adoption.

Regards,
John

-Original Message-
From: Aldo Basile [mailto:cataldo.bas...@polito.it] 
Sent: Monday, September 18, 2017 11:54 PM
To: Linda Dunbar ; 'i2nsf@ietf.org' 
Cc: draft-xibassnez-i2nsf-capabil...@ietf.org; Yoav Nir 
Subject: Re: WG Adoption call for draft-xibassnez-i2nsf-capability-02

I support the adoption.

Regards,
Aldo

On 02/08/2017 22:15, Linda Dunbar wrote:
> I2NSF participants,
> 
> As I2NSF has completed the WGLC for the I2NSF Framework draft, the WG is 
> ready to work on the information model and data model for both Consumer 
> Facing and NSF Facing Interfaces.
> 
> We will first start the 2 weeks WG Adoption Call of 
> https://datatracker.ietf.org/doc/draft-xibassnez-i2nsf-capability/
> 
> Please remember WG Adoption only means that the entire WG can contribute 
> to the content of the draft.
> 
> Thanks,
> 
> Linda & Yoav.
> 
> **
> 


___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf