In line, preserving all for now, but we will need to trim or top-post soon.
Yours,
Joel
On 9/29/2020 3:42 PM, Dino Farinacci wrote:
Looking again at this draft, and at the example Dino points to, I
think there is a basic problem with the work and the usage.
the problem is not a problem for the mapping system per se. It is a
problem for usage.
The draft does not define any mechanism for structuring, allocating,
or otherwise managing the space of names. It does not say "URIs". It
does not say "DNS names" It syas "ASCII string, terminated by 0".
Because it is designed as a non-structured field where a deployment can
decide what the structure is based on the mapping system it uses, or the
instance-ID within a mapping system it uses.
The draft’s intent is to define a general encoding for LISP messages.
How it will be used is left to other documents.
I think it really needs more structure. One does not say "here is a
shared database; use any key you like and hope not to collide with other
users."
If there is to be standard usage of this, and if there is to be more
than one such usage, how are collisions avoided? It is not sufficient
to say "just don't" as different problems may end up needing
overlapping name spaces. The hash usage (below) assumes that the
solution is to prepend the string "hash:' on the front. But that is
not formally defined, and as such is not actually a reliable mechanism.
(Frankly, for the hashes I would prefer to use a different EID LCAF
that carries the binary hash.)
The ecdsa-auth use-case assumes that the hash length is largest where
collisions won’t happen. There are applications that use UUIDs and
encodes them in distinguished-name EIDs. UUIDs do not have an allocation
authority. And:
the ECDSA draft assumes that no other uses will begin with hash:. This
has nothing to do with length. My concern is not collision amon hashes.
It is collision between hashes and other uses of the "distinguished
name" LCAF.
Note that most uses in the industry for the last 40 yeaars of
"distinguished name" have gone to some length to be clear how names are
distinguished. This does not. That is what causes me concern.
I suspect that the people supporting this have expectations on how
this will work. But it seems sufficiently basic that the semantics,
rather than the encoding, is where I would expect the WG to start.
Encodings are easy.
So lets have a look at each Internet Draft that
references draft-farinacci-lisp-name-encoding and lets review those
semantic encodings.
Looking at the couple of places you have chosen to use this, and have
therefore been careful not to collide with yourself really does not tell
us much.
If you want a sub-type under LCAF, then let's do that. trying to
pretend arbitrary strings have distinguishable semantics is asking for
trouble.
For draft-farinacci-lisp-simple-nat-00, the RLOCs are encoded with human
readable RLOC-names so you can distinguish a multi-homed interface
through NATs. That has proved useful for my lispers.net
<http://lispers.net> implementation.
I will also acknowledge that as chair I have concerns about turning
LISP into an arbitrary database system. Our charter is a mapping
system in support of routing. I understand why the ECDSA keys need to
be in there. But I do not want to fall into the BGP trap of trying to
solve every problem with the hammer in my hand.
I could encode anything I want in an IPv6 EID and make the LISP mapping
system an arbitrary database. I don’t think anyone wants to do this. The
mapping system is used for routing, addressing, identity, and location
problems (at the network layer).
Dino
_______________________________________________
lisp mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/lisp
