[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Notes about identifier - locator separator

To: multi6@ops.ietf.org
Subject: Re: Notes about identifier - locator separator
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date: Fri, 08 Nov 2002 17:03:18 -0500
In-reply-to: Your message of "Fri, 08 Nov 2002 09:37:03 PST." <F66A04C29AD9034A8205949AD0C9010401C0E715@win-msg-02.wingroup.windeploy.ntdev.microsoft.com>

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Christian" == Christian Huitema <huitema@windows.microsoft.com> writes:
    >> If you separate locators completely from end-point identifiers, the
    >> logical conclusion is NOT to move the function to the transport layer
    >> but to split the IP layer into two halves:
    >> 
    >> - A "lower" IP that routers packets much as today, and uses IP
    >> addresses as locators.
    >> 
    >> - An "upper" IP that provides end-point identifiers to the transport
    >> protocols and eventually to the hosted applications, and maps these
    >> identifiers to locators before passing them to the "lower" IP.

    Christian> There are a couple of issues with any proposal of that nature,
    Christian> and the main one is privacy. Having a unique identifier

  Sounds like an opportunity to me.
  Let's solve this problem by securing the internet.

  End-point identifiers with public keys in reverse DNS is very nice.
The argument against has been that the ISPs don't give end-users access
to the reverse DNS. 

  But, they'll just worry about reverse for locators, not for end-points.
We can do something sane about getting access to reverse for end-points.

    Christian> exposed to the network means that anybody on the path can
    Christian> track the presence and location of users, with consequence
    Christian> ranging from annoying (e.g. variations of telemarketing) to
    Christian> downright dramatic (e.g. missile auto-aining to a cell
    Christian> phone). To meet the privacy requirement, you would want
    Christian> addresses (as incorporated in the header) to disclose as
    Christian> little as possible about their owner. In a mobility or
    Christian> multi-homing situation, you may well want to hide from the
    Christian> network any correlation between addresses that happen to be
    Christian> used by the same entity.

    Christian> -- Christian Huitema


]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPcw0o4qHRg3pndX9AQFjXQP/fAjOt2584gGsz5J0R8zEsALqLarPY0sx
hneLFznUiLgzkJVDEl7wfpjWFtMnl2DZXJ0JKWECaTdzqnlDY5122YbMsiaQSchc
tqxRL1CkEY1Q0QKsPRtIKUTGNORd4ZrTHMGsUAswzziMkxDuwt+LncvD/rzbtyht
ZLQW5CmXuT8=
=Ei1L
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: PTR lookups
  - From: RJ Atkinson <rja@extremenetworks.com>

References:
- RE: Notes about identifier - locator separator
  - From: "Christian Huitema" <huitema@windows.microsoft.com>

Prev by Date: RE: Notes about identifier - locator separator
Next by Date: RE: Notes about identifier - locator separator
Previous by thread: Re: Notes about identifier - locator separator
Next by thread: Re: PTR lookups
Index(es):
- Date
- Thread