draft-ietf-lisp-eid-anonymity-04.txt   draft-ietf-lisp-eid-anonymity-05.txt 
Network Working Group D. Farinacci Network Working Group D. Farinacci
Internet-Draft lispers.net Internet-Draft lispers.net
Intended status: Experimental P. Pillay-Esnault Intended status: Experimental P. Pillay-Esnault
Expires: April 25, 2019 Huawei Technologies Expires: September 29, 2019 Huawei Technologies
W. Haddad W. Haddad
Ericsson Ericsson
October 22, 2018 March 28, 2019
LISP EID Anonymity LISP EID Anonymity
draft-ietf-lisp-eid-anonymity-04 draft-ietf-lisp-eid-anonymity-05
Abstract Abstract
This specification will describe how ephemeral LISP EIDs can be used This specification will describe how ephemeral LISP EIDs can be used
to create source anonymity. The idea makes use of frequently to create source anonymity. The idea makes use of frequently
changing EIDs much like how a credit-card system uses a different changing EIDs much like how a credit-card system uses a different
credit-card numbers for each transaction. credit-card numbers for each transaction.
Requirements Language Requirements Language
skipping to change at page 1, line 42 skipping to change at page 1, line 42
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 25, 2019. This Internet-Draft will expire on September 29, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 2, line 32 skipping to change at page 2, line 32
6. Interworking Considerations . . . . . . . . . . . . . . . . . 5 6. Interworking Considerations . . . . . . . . . . . . . . . . . 5
7. Multicast Considerations . . . . . . . . . . . . . . . . . . 5 7. Multicast Considerations . . . . . . . . . . . . . . . . . . 5
8. Performance Improvements . . . . . . . . . . . . . . . . . . 6 8. Performance Improvements . . . . . . . . . . . . . . . . . . 6
9. Security Considerations . . . . . . . . . . . . . . . . . . . 6 9. Security Considerations . . . . . . . . . . . . . . . . . . . 6
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 6
11.1. Normative References . . . . . . . . . . . . . . . . . . 6 11.1. Normative References . . . . . . . . . . . . . . . . . . 6
11.2. Informative References . . . . . . . . . . . . . . . . . 8 11.2. Informative References . . . . . . . . . . . . . . . . . 8
Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . 8 Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . 8
Appendix B. Document Change Log . . . . . . . . . . . . . . . . 8 Appendix B. Document Change Log . . . . . . . . . . . . . . . . 8
B.1. Changes to draft-ietf-lisp-eid-anonymity-04 . . . . . . . 8 B.1. Changes to draft-ietf-lisp-eid-anonymity-05 . . . . . . . 8
B.2. Changes to draft-ietf-lisp-eid-anonymity-03 . . . . . . . 8 B.2. Changes to draft-ietf-lisp-eid-anonymity-04 . . . . . . . 8
B.3. Changes to draft-ietf-lisp-eid-anonymity-02 . . . . . . . 9 B.3. Changes to draft-ietf-lisp-eid-anonymity-03 . . . . . . . 9
B.4. Changes to draft-ietf-lisp-eid-anonymity-01 . . . . . . . 9 B.4. Changes to draft-ietf-lisp-eid-anonymity-02 . . . . . . . 9
B.5. Changes to draft-ietf-lisp-eid-anonymity-00 . . . . . . . 9 B.5. Changes to draft-ietf-lisp-eid-anonymity-01 . . . . . . . 9
B.6. Changes to draft-farinacci-lisp-eid-anonymity-02 . . . . 9 B.6. Changes to draft-ietf-lisp-eid-anonymity-00 . . . . . . . 9
B.7. Changes to draft-farinacci-lisp-eid-anonymity-01 . . . . 9 B.7. Changes to draft-farinacci-lisp-eid-anonymity-02 . . . . 9
B.8. Changes to draft-farinacci-lisp-eid-anonymity-00 . . . . 9 B.8. Changes to draft-farinacci-lisp-eid-anonymity-01 . . . . 9
B.9. Changes to draft-farinacci-lisp-eid-anonymity-00 . . . . 10
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction 1. Introduction
The LISP architecture [RFC6830] specifies two namespaces, End-Point The LISP architecture [RFC6830] specifies two namespaces, End-Point
IDs (EIDs) and Routing Locators (RLOCs). An EID identifies a node in IDs (EIDs) and Routing Locators (RLOCs). An EID identifies a node in
the network and the RLOC indicates the EID's topological location. the network and the RLOC indicates the EID's topological location.
Typically EIDs are globally unique so a end-node system can connect Typically EIDs are globally unique so a end-node system can connect
to any other end-node system on the Internet. Privately used EIDs to any other end-node system on the Internet. Privately used EIDs
are allowed when scoped within a VPN but must always be unique within are allowed when scoped within a VPN but must always be unique within
skipping to change at page 2, line 52 skipping to change at page 3, line 4
1. Introduction 1. Introduction
The LISP architecture [RFC6830] specifies two namespaces, End-Point The LISP architecture [RFC6830] specifies two namespaces, End-Point
IDs (EIDs) and Routing Locators (RLOCs). An EID identifies a node in IDs (EIDs) and Routing Locators (RLOCs). An EID identifies a node in
the network and the RLOC indicates the EID's topological location. the network and the RLOC indicates the EID's topological location.
Typically EIDs are globally unique so a end-node system can connect Typically EIDs are globally unique so a end-node system can connect
to any other end-node system on the Internet. Privately used EIDs to any other end-node system on the Internet. Privately used EIDs
are allowed when scoped within a VPN but must always be unique within are allowed when scoped within a VPN but must always be unique within
that scope. Therefore, address allocation is required by network that scope. Therefore, address allocation is required by network
administration to avoid address collisions or duplicate address use. administration to avoid address collisions or duplicate address use.
In a multiple namespace architecture like LISP, typically the EID In a multiple namespace architecture like LISP, typically the EID
will stay fixed while the RLOC can change. This occurs when the EID will stay fixed while the RLOC can change. This occurs when the EID
is mobile or when the LISP site the EID resides in changes its is mobile or when the LISP site the EID resides in changes its
connection to the Internet. connection to the Internet.
LISP creates the opportunity where EIDs are fixed and won't change. LISP creates the opportunity where EIDs are fixed and won't change.
This can create a privacy problem more so than what we have on the This draft will examine a technique to allow a end-node system to use
Internet today. This draft will examine a technique to allow a end- a temporary address. The lifetime of a temporary address can be the
node system to use a temporary address. The lifetime of a temporary same as a lifetime of an address in use today on the Internet or can
address can be the same as a lifetime of an address in use today on have traditionally shorter lifetimes, possibly on the order of a day
the Internet or can have traditionally shorter lifetimes, possibly on or even change as frequent as new connection attempts.
the order of a day or even change as frequent as new connection
attempts.
2. Definition of Terms 2. Definition of Terms
Ephemeral-EID - is an IP address that is created randomly for use Ephemeral-EID - is an IP address that is created randomly for use
for a temporary period of time. An Ephemeral-EID has all the for a temporary period of time. An Ephemeral-EID has all the
properties of an EID as defined in [RFC6830]. Ephemeral-EIDs are properties of an EID as defined in [RFC6830]. Ephemeral-EIDs are
not stored in the Domain Name System (DNS) and should not be used not stored in the Domain Name System (DNS) and should not be used
in long-term address referrals. in long-term address referrals.
Client End-Node - is a network node that originates and consumes Client End-Node - is a network node that originates and consumes
skipping to change at page 8, line 20 skipping to change at page 8, line 20
11.2. Informative References 11.2. Informative References
[I-D.farinacci-lisp-ecdsa-auth] [I-D.farinacci-lisp-ecdsa-auth]
Farinacci, D. and E. Nordmark, "LISP Control-Plane ECDSA Farinacci, D. and E. Nordmark, "LISP Control-Plane ECDSA
Authentication and Authorization", draft-farinacci-lisp- Authentication and Authorization", draft-farinacci-lisp-
ecdsa-auth-03 (work in progress), September 2018. ecdsa-auth-03 (work in progress), September 2018.
[I-D.ietf-lisp-eid-mobility] [I-D.ietf-lisp-eid-mobility]
Portoles-Comeras, M., Ashtaputre, V., Moreno, V., Maino, Portoles-Comeras, M., Ashtaputre, V., Moreno, V., Maino,
F., and D. Farinacci, "LISP L2/L3 EID Mobility Using a F., and D. Farinacci, "LISP L2/L3 EID Mobility Using a
Unified Control Plane", draft-ietf-lisp-eid-mobility-02 Unified Control Plane", draft-ietf-lisp-eid-mobility-03
(work in progress), May 2018. (work in progress), November 2018.
[I-D.ietf-lisp-signal-free-multicast] [I-D.ietf-lisp-signal-free-multicast]
Moreno, V. and D. Farinacci, "Signal-Free LISP Multicast", Moreno, V. and D. Farinacci, "Signal-Free LISP Multicast",
draft-ietf-lisp-signal-free-multicast-09 (work in draft-ietf-lisp-signal-free-multicast-09 (work in
progress), March 2018. progress), March 2018.
Appendix A. Acknowledgments Appendix A. Acknowledgments
The author would like to thank the LISP WG for their review and The author would like to thank the LISP WG for their review and
acceptance of this draft. acceptance of this draft.
Appendix B. Document Change Log Appendix B. Document Change Log
[RFC Editor: Please delete this section on publication as RFC.] [RFC Editor: Please delete this section on publication as RFC.]
B.1. Changes to draft-ietf-lisp-eid-anonymity-04 B.1. Changes to draft-ietf-lisp-eid-anonymity-05
o Posted March IETF week 2019.
o Do not state that ephemeral EIDs make the privacy problem worse.
B.2. Changes to draft-ietf-lisp-eid-anonymity-04
o Posted October 2018 before Bangkok IETF deadline. o Posted October 2018 before Bangkok IETF deadline.
o Made Padma requested changes to refer to ephemeral-EIDs allowed to o Made Padma requested changes to refer to ephemeral-EIDs allowed to
have many on one interface and can be registered with more than 1 have many on one interface and can be registered with more than 1
RLOC but one RLOC-set. RLOC but one RLOC-set.
B.2. Changes to draft-ietf-lisp-eid-anonymity-03 B.3. Changes to draft-ietf-lisp-eid-anonymity-03
o Posted October 2018. o Posted October 2018.
o Update document timer and references. o Update document timer and references.
B.3. Changes to draft-ietf-lisp-eid-anonymity-02 B.4. Changes to draft-ietf-lisp-eid-anonymity-02
o Posted April 2018. o Posted April 2018.
o Update document timer and references. o Update document timer and references.
B.4. Changes to draft-ietf-lisp-eid-anonymity-01 B.5. Changes to draft-ietf-lisp-eid-anonymity-01
o Posted October 2017. o Posted October 2017.
o Add to section 5 that PKI can be used to authenticate EIDs. o Add to section 5 that PKI can be used to authenticate EIDs.
o Update references. o Update references.
B.5. Changes to draft-ietf-lisp-eid-anonymity-00 B.6. Changes to draft-ietf-lisp-eid-anonymity-00
o Posted August 2017. o Posted August 2017.
o Made draft-farinacci-lisp-eid-anonymity-02 a LISP working group o Made draft-farinacci-lisp-eid-anonymity-02 a LISP working group
document. document.
B.6. Changes to draft-farinacci-lisp-eid-anonymity-02 B.7. Changes to draft-farinacci-lisp-eid-anonymity-02
o Posted April 2017. o Posted April 2017.
o Added section describing how ephemeral-EIDs can use a public key o Added section describing how ephemeral-EIDs can use a public key
hash as an alternative to a random number. hash as an alternative to a random number.
o Indciate when an EID/RLOC co-located, that the xTR can register o Indciate when an EID/RLOC co-located, that the xTR can register
the EID when it is configured or changed versus waiting for a the EID when it is configured or changed versus waiting for a
packet to be sent as in the EID/RLOC separated case. packet to be sent as in the EID/RLOC separated case.
B.7. Changes to draft-farinacci-lisp-eid-anonymity-01 B.8. Changes to draft-farinacci-lisp-eid-anonymity-01
o Posted October 2016. o Posted October 2016.
o Update document timer. o Update document timer.
B.8. Changes to draft-farinacci-lisp-eid-anonymity-00 B.9. Changes to draft-farinacci-lisp-eid-anonymity-00
o Posted April 2016. o Posted April 2016.
o Initial posting. o Initial posting.
Authors' Addresses Authors' Addresses
Dino Farinacci Dino Farinacci
lispers.net lispers.net
San Jose, CA San Jose, CA
 End of changes. 17 change blocks. 
30 lines changed or deleted 36 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/