On Thu, Feb 28, 2008 at 12:23:18PM +0100, Stephane Bortzmeyer wrote:
An example of an Use Case is given by IKE (RFC 4306). Section 3.5
lists several possible identities for a machine, and there is not a
clear unique way to define this identity (identities like ID_IPV4_ADDR
are typically a poor way to define a machine on the network).
After several years in network management (where the first thing you
like to have are stable unique identities), I have come to the
conclusion that it is hopeless to search for such a generally useful
identity. What works is all very much dependent on the purpose and
the specific situation, as others have pointed out before.
And even if someone manages to come up with a good solution, people
sooner or later will try to circumvent it since in several situations
it is a feature and not a bug to be able to do dirty things with
identities.