[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

domain names as end-point identifiers?




Dave,

I think this depends on what problem you're trying
to solve. In the case of mobility and multihoming,
you might want a stable identifier on a per-packet
basis which is independent of the routing layer.
This is the classic problem that mobile IP solves,
and I believe is also the jist of what HIP was
trying to address as well (or at least one of
them). One might even be able to make a case that
an IPsec SPI could serve the same purpose.

In all of these cases, a domain name per se would
not work well since it's too big. As you point
out, domain name as some form of session
establishment seems plausible, but it is clearly
not suited to the per-packet job which we have in
various forms these days.

	      Mike

Dave Crocker writes:
 > Honest.  I'm really sorry to have to send this query.
 > 
 > In looking over various archives and documents, on the matter of separating
 > node address from node identifier, I have not been able to find or develop a
 > clear summary of the reasons the identifier cannot be a domain name.
 > 
 > There are plenty of notes assuming that a new name space is needed. And there
 > are plenty of statements that say a new name space is needed because it will
 > make certain things better.
 > 
 > But I have not seen a clear summary of what will be made better nor a clear
 > argument against using domain names, as the stable, public,
 > address-independent end-point identifier.
 > 
 > I recall seeing a note from Christian Huitema that raised some interesting
 > concerns about using domain names, but I haven't been able to recover it.
 > 
 > If the identifier is used only occasionally, such as at the start of an
 > association and during occasional state changes, then it is acceptable to have
 > the string be a bit long.  If it must be in every packet, clearly it needs to
 > be short.  If the identifier needs to be in every packet, then why?
 > 
 > The string must be globally assigned only if it is needed for some sort of
 > rendezvous or third-party validation effort.  Otherwise, the string can be
 > local to the association context, in the manner of purpose-built keys.
 > 
 > So a new, global identifier space seems to be needed only if every packet is
 > subject to some sort of rendezvous or third-party validation.
 > 
 > What am I missing?
 > 
 > /d
 > --
 >  Dave Crocker <dcrocker-at-brandenburg-dot-com>
 >  Brandenburg InternetWorking <www.brandenburg.com>
 >  Sunnyvale, CA  USA <tel:+1.408.246.8253>
 > 
 > --------------------------------------------------------------------
 > IETF IPng Working Group Mailing List
 > IPng Home Page:                      http://playground.sun.com/ipng
 > FTP archive:                      ftp://playground.sun.com/pub/ipng
 > Direct all administrative requests to majordomo@sunroof.eng.sun.com
 > --------------------------------------------------------------------
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to majordomo@sunroof.eng.sun.com
--------------------------------------------------------------------