Stephane Bortzmeyer wrote:
Such an identity should be almost unique (as is a number choosen at random in a very large space) and the machine should be able to prove that it indeed "owns" this identity (as is an ID which is the public part of a cryptographic key). For me, SSH keys or HIP Host Identifiers fulfill these requirments.
Apologies. My query about your requirements was sent before receiving your later note.
You are talking about an identifier that is used only during a session, since the statistical aspect of uniqueness wouldn't be acceptable for a persistent identifier.
Let me modify my query. Rather than asking about your requirements, I'll ask about the uses you have in mind.
For example, identity-based initial rendezvous requires a persistent, unique identifier that is globally obtainable. Re-establishing a session well might not.
Simplistically, an identifier that is used between sessions seems to need to be globally registered, unique, and obtainable. An identifier used within a session can be transient, private and statistical.
So can you describe particular scenarios you have in mind, where the identifier is used?
d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net