Toni Stoev allegedly wrote on 07/11/2009 1:21 AM:
> Please, anyone who writes on identifiers topic, identify your empathy to:
> Design Goals for Scalable Internet Routing, 3.6. Decoupling location and
> identification
>
> I do care about that goal.
Of course.
> We have interface (node) identification with IP addresses.
> It is used for node-local session identification as part of the socket.
> There the IP address is an identifier of the endpoint of the inter-node
> communication process.
Please let me know if I am paraphrasing you correctly:
- an IP address identifies an interface
- identifying an interface is the same as identifying a node
- an IP address is part of the identification of a session endpoint
IMHO an IP address can be part of the set of identifiers you use for
_initial_ contact, to establish a session in the first place (this is
the "stack ID" discussion). However, you want a session to be able to
run over more than one interface, so you quickly want to decouple
identifiers used for session continuity from any interface identifiers.
> Let us extract this identification from IP addresses and have it separately.
> But let us keep using the hierarchical structure for the function of
> authentication of identity.
If I understand correctly, you are saying that the set of {IP address,
port, protocol} can be used as input to authentication. For
authentication you generally need a trusted third party and identifiers
that third party understands.
Toni Stoev allegedly wrote on 07/11/2009 2:16 AM:
> Scott Brim wrote:
>> If I move a session from one device to another, or from one
>> interface to another,
>
> Scott, a session is established with a node. You can move
> communication among interfaces but you keep talking to the same node.
A session is established between communicating entities; those entities
may move from node to node. Don't forget about virtualization.
>> a node identifier is not enough to support session continuity.
>
> A node locator, a node identifier and a node-local session instance
> number would do the job.
You don't want identifiers used for session continuity to be required to
change just because a node changes its identifiers. The local session
instance identifier is the only one of these that may work for you.
>> If I have a way to identify sessions that does support session
>> continuity, then a node identifier is not necessary in addition for
>> that purpose.
>
> A node locator and a node-local session instance number are
> sufficient to have a session. A node identifier is needed to move the
> session from one node to another.
Now I'm confused.
_______________________________________________
rrg mailing list
[email protected]
http://www.irtf.org/mailman/listinfo/rrg
