rfc9374.original.xml   rfc9374.xml 
<?xml version='1.0' encoding='utf-8'?> <?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc SYSTEM "rfc2629-xhtml.ent"> <!DOCTYPE rfc [
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?> <!ENTITY nbsp "&#160;">
<!ENTITY zwsp "&#8203;">
<!ENTITY nbhy "&#8209;">
<!ENTITY wj "&#8288;">
]>
<?rfc toc="yes" ?> <?rfc toc="yes" ?>
<?rfc symrefs="yes" ?> <?rfc symrefs="yes" ?>
<?rfc sortrefs="yes"?> <?rfc sortrefs="yes"?>
<?rfc compact="yes" ?> <?rfc compact="yes" ?>
<?rfc subcompact="no" ?> <?rfc subcompact="no" ?>
<?rfc iprnotified="no" ?> <?rfc iprnotified="no" ?>
<?rfc strict="no" ?> <?rfc strict="no" ?>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" consensus="true" docName="draft- <rfc xmlns:xi="http://www.w3.org/2001/XInclude" consensus="true" number="9374"
ietf-drip-rid-37" docName="draft-ietf-drip-rid-37" category="std" ipr="trust200902" obsoletes="" u
category="std" ipr="trust200902" obsoletes="" updates="7401, 7343" submis pdates="7401, 7343" submissionType="IETF" xml:lang="en" tocInclude="true" symRef
sionType="IETF" s="true" sortRefs="true" version="3">
xml:lang="en" tocInclude="true" symRefs="true" sortRefs="true" version="3
">
<front> <title abbrev="DRIP Entity Tag (DET)">DRIP Entity Tag (DET) for Unmanned Aircraft System Remote ID (UAS RID)</title> <front> <title abbrev="DRIP Entity Tag (DET)">DRIP Entity Tag (DET) for Unmanned Aircraft System Remote ID (UAS RID)</title>
<seriesInfo name="Internet-Draft" value="draft-ietf-drip-rid-37"/> <seriesInfo name="RFC" value="9374" />
<author fullname="Robert Moskowitz" initials="R" surname="Moskowitz"> <author fullname="Robert Moskowitz" initials="R" surname="Moskowitz">
<organization>HTT Consulting</organization> <organization>HTT Consulting</organization>
<address> <address>
<postal> <postal>
<street></street> <street></street>
<city>Oak Park</city> <city>Oak Park</city>
<region>MI</region> <region>MI</region>
<code>48237</code> <code>48237</code>
<country>USA</country> <country>USA</country>
</postal> </postal>
skipping to change at line 68 skipping to change at line 70
<address> <address>
<postal> <postal>
<street>IDA</street> <street>IDA</street>
<city>Linköping</city> <city>Linköping</city>
<code>58183</code> <code>58183</code>
<country>Sweden</country> <country>Sweden</country>
</postal> </postal>
<email>gurtov@acm.org</email> <email>gurtov@acm.org</email>
</address> </address>
</author> </author>
<date year="2022" /> <date month="March" year="2023" />
<area>Internet</area> <area>Internet</area>
<workgroup>DRIP</workgroup> <workgroup>DRIP</workgroup>
<keyword>RFC</keyword>
<keyword>Request for Comments</keyword>
<keyword>I-D</keyword>
<keyword>Internet-Draft</keyword>
<keyword>RID</keyword> <keyword>RID</keyword>
<abstract> <abstract>
<t> <t>
This document describes the use of Hierarchical Host Identity Tags This document describes the use of Hierarchical Host Identity Tags
(HHITs) as self-asserting IPv6 addresses and thereby a trustable (HHITs) as self-asserting IPv6 addresses, which makes them trustable
identifier for use as the Unmanned Aircraft System Remote identifiers for use in Unmanned Aircraft System Remote
Identification and tracking (UAS RID). Identification (UAS RID) and tracking.
</t> </t>
<t> <t>
This document updates RFC7401 and RFC7343. This document updates RFCs 7401 and 7343.
</t> </t>
<t> <t>
Within the context of RID, HHITs will be called DRIP Entity Tags Within the context of RID, HHITs will be called DRIP Entity Tags
(DETs). HHITs provide claims to the included explicit hierarchy (DETs). HHITs provide claims to the included explicit hierarchy
that provides registry (via, e.g., DNS, RDAP) discovery for that provides registry (via, for example, DNS, RDAP) discovery for
3rd-party identifier endorsement. third-party identifier endorsement.
</t> </t>
</abstract> </abstract>
</front> </front>
<middle> <middle>
<section numbered="true" toc="default"> <name>Introduction</name> <section numbered="true" toc="default"> <name>Introduction</name>
<t> <t>
<xref target="RFC9153" format="default">Drone Remote ID Protocol <xref target="RFC9153" format="default">Drone Remote ID Protocol
(DRIP) Requirements</xref> describe an Unmanned Aircraft System (DRIP) Requirements</xref> describe an Unmanned Aircraft System
Remote ID (UAS ID) as unique (ID-4), non-spoofable (ID-5), and Remote ID (UAS ID) as unique (ID-4), non-spoofable (ID-5), and
identify a registry where the ID is listed (ID-2); all within a identify a registry where the ID is listed (ID&nbhy;2); all within a
19-character identifier (ID-1). 19-character identifier (ID-1).
</t> </t>
<t> <t>
This DRIP foundational document (i.e., all else in DRIP enables or This RFC is a foundational document of DRIP, as it describes the use of
uses it) describes (per <xref target="I-D.ietf-drip-arch" <xref target="HHIT" format="default">Hierarchical Host Identity Tags (HHITs)<
section="3" format="default" />) the use of <xref target="HHIT" /xref> as self-asserting
format="default">Hierarchical Host Identity Tags (HHITs)</xref> as IPv6 addresses and thereby a trustable identifier for use as the UAS
self-asserting IPv6 addresses and thereby a trustable identifier Remote ID (see <xref target="I-D.ietf-drip-arch" section="3" format="default"
for use as the UAS Remote ID. HHITs add explicit hierarchy to the />). All other DRIP-related
technologies will enable or use HHITs as multipurpose remote identifiers.
HHITs add explicit hierarchy to the
128-bit HITs, enabling DNS HHIT queries (Host ID for 128-bit HITs, enabling DNS HHIT queries (Host ID for
authentication, e.g., <xref target="I-D.ietf-drip-auth" authentication, e.g., <xref target="I-D.ietf-drip-auth"
format="default"/>) and for use with a Differentiated Access format="default"/>) and use with a Differentiated Access
Control (e.g. Registration Data Access Protocol (RDAP) <xref Control (e.g., Registration Data Access Protocol (RDAP) <xref
target="RFC9224" />) for 3rd-party identification endorsement target="RFC9224" />) for 3rd-party identification endorsement
(e.g., <xref target="I-D.ietf-drip-auth" format="default"/>). (e.g., <xref target="I-D.ietf-drip-auth" format="default"/>).
</t> </t>
<t> <t>
This addition of hierarchy to HITs is an extension to <xref The addition of hierarchy to HITs is an extension to <xref
target="RFC7401"/> and requires an update to <xref target="RFC7401"/> and requires an update to <xref
target="RFC7343"/>. As this document also adds EdDSA (<xref target="RFC7343"/>. As this document also adds EdDSA (<xref
target="EdDSA" format="default"/>) for Host Identities (HIs), a target="EdDSA" format="default"/>) for Host Identities (HIs), a
number of Host Identity Protocol (HIP) parameters in <xref number of Host Identity Protocol (HIP) parameters in <xref
target="RFC7401"/> are updated, but these should not be needed in a target="RFC7401"/> are updated, but these should not be needed in a
DRIP implementation that does not use HIP. DRIP implementation that does not use HIP.
</t> </t>
<t> <t>
HHITs as used within the context of Unmanned Aircraft System (UAS) HHITs as used within the context of UAS
are labeled as DRIP Entity Tags (DETs). Throughout this document are labeled as DRIP Entity Tags (DETs). Throughout this document,
HHIT and DET will be used appropriately. HHIT will be used when HHIT and DET will be used appropriately. HHIT will be used when covering
covering the technology, and DET for their context within UAS RID. the technology, and DET will be used in the context of UAS RID.
</t> </t>
<t> <t>
Hierarchical HITs provide self-claims of the HHIT registry. A HHIT HHITs provide self-claims of the HHIT registry. A HHIT
can only be in a single registry within a registry system (e.g. can only be in a single registry within a registry system (e.g.,
DNS). DNS).
</t> </t>
<t> <t>
Hierarchical HITs are valid, though non-routable, IPv6 addresses HHITs are valid, though non-routable, IPv6 addresses
<xref target="RFC8200" />. As such, they fit in many ways within <xref target="RFC8200" />. As such, they fit in many ways within
various IETF technologies. various IETF technologies.
</t> </t>
<section anchor="x509" numbered="true" toc="default"> <name>HHIT Statistical Uni queness different from UUID or X.509 Subject</name> <section anchor="x509" numbered="true" toc="default"> <name>HHIT Statistical Uni queness Different from UUID or X.509 Subject</name>
<t> <t>
HHITs are statistically unique through the cryptographic hash HHITs are statistically unique through the cryptographic hash
feature of second-preimage resistance. The cryptographically-bound feature of second-preimage resistance. The cryptographically bound
addition of the hierarchy and a HHIT registration process <xref addition of the hierarchy and a HHIT registration process <xref
target="I-D.ietf-drip-registries" format="default"/> provide target="I-D.ietf-drip-registries" format="default"/> provide
complete, global HHIT uniqueness. If the HHITs cannot be looked up complete, global HHIT uniqueness. If the HHITs cannot be looked up
with services provided by the DRIP Identity Management Entity with services provided by the DRIP Identity Management Entity
(DIME) identified via the embedded hierarchical information or its (DIME) identified via the embedded hierarchical information or its
registration validated by registration endorsement messages <xref registration validated by registration endorsement messages <xref
target="I-D.ietf-drip-auth" format="default"/>, then the HHIT is target="I-D.ietf-drip-auth" format="default"/>, then the HHIT is
either fraudulent or revoked/expired. In-depth discussion of these either fraudulent or revoked/expired. In-depth discussion of these
processes are out of scope for this document. processes are out of scope for this document.
</t> </t>
skipping to change at line 156 skipping to change at line 154
addition of the hierarchy and a HHIT registration process <xref addition of the hierarchy and a HHIT registration process <xref
target="I-D.ietf-drip-registries" format="default"/> provide target="I-D.ietf-drip-registries" format="default"/> provide
complete, global HHIT uniqueness. If the HHITs cannot be looked up complete, global HHIT uniqueness. If the HHITs cannot be looked up
with services provided by the DRIP Identity Management Entity with services provided by the DRIP Identity Management Entity
(DIME) identified via the embedded hierarchical information or its (DIME) identified via the embedded hierarchical information or its
registration validated by registration endorsement messages <xref registration validated by registration endorsement messages <xref
target="I-D.ietf-drip-auth" format="default"/>, then the HHIT is target="I-D.ietf-drip-auth" format="default"/>, then the HHIT is
either fraudulent or revoked/expired. In-depth discussion of these either fraudulent or revoked/expired. In-depth discussion of these
processes are out of scope for this document. processes are out of scope for this document.
</t> </t>
<t> <t>
This contrasts with using general identifiers (e.g., a Universally This contrasts with using general identifiers (e.g., Universally
Unique IDentifiers <xref target="RFC4122" Unique IDentifiers <xref target="RFC4122"
format="default">(UUID)</xref> or device serial numbers as the format="default">(UUID)</xref> or device serial numbers) as the
subject in an <xref target="RFC5280" format="default">X.509</xref> subject in an <xref target="RFC5280" format="default">X.509</xref>
certificate. In either case, there can be no unique proof of certificate. In either case, there can be no unique proof of
ownership/registration. ownership/registration.
</t> </t>
<t> <t>
For example, in a multi-Certificate Authority (multi-CA) PKI For example, in a multi-Certificate Authority (multi-CA) PKI
alternative to HHITs, a Remote ID as the Subject (<xref alternative to HHITs, a Remote ID as the Subject (<xref
target="RFC5280" section="4.1.2.6" />) can occur in multiple CAs, target="RFC5280" section="4.1.2.6" />) can occur in multiple CAs,
possibly fraudulently. CAs within the PKI would need to implement possibly fraudulently. CAs within the PKI would need to implement
an approach to enforce assurance of the uniqueness achieved with an approach to enforce assurance of the uniqueness achieved with
HHITs. HHITs.
</t> </t>
</section> </section>
</section> </section>
<section anchor="terms" numbered="true" toc="default"> <name>Terms and Definitio ns</name> <section anchor="terms" numbered="true" toc="default"> <name>Terms and Definitio ns</name>
<section numbered="true" toc="default"> <name>Requirements Terminology</name> <section numbered="true" toc="default"> <name>Requirements Terminology</name>
<t> <t>
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "
NOT", "SHOULD", "SHOULD NOT", "NOT RECOMMENDED", <bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
"MAY", and "OPTIONAL" in this document are to be interpreted as NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>
", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this docum
ent are to be interpreted as
described in BCP 14 <xref target="RFC2119" /> <xref described in BCP 14 <xref target="RFC2119" /> <xref
target="RFC8174" /> when, and only when, they appear in all target="RFC8174" /> when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
</t> </t>
<t> <t>
The document includes a set of algorithms with a guidance on the The document includes a set of algorithms and recommends the ones
ones that are recommended to be supported by implementations. The that should be supported by implementations. The
following term is used for that purpose: RECOMMENDED. following term is used for that purpose: <bcp14>RECOMMENDED</bcp14>.
</t> </t>
<!-- <dl newline="true" spacing="normal">
<dt>RECOMMENDED</dt>
<dd>
RECOMMENDED, as used here instructs implementors which
choice (here only of possible algorithms) the authors
advise be used. Implementors are recommended to research
the choices to make an informed decision.
</dd>
</dl> -->
</section> </section>
<section anchor="notation" numbered="true" toc="default"> <name>Notations</name> <section anchor="notation" numbered="true" toc="default"> <name>Notation</name>
<dl newline="false" spacing="normal"> <dl newline="false" spacing="normal">
<dt>| </dt> <dt>| </dt>
<dd> <dd>
Signifies concatenation of information - e.g., X | Y is t he Signifies concatenation of information, e.g., X | Y is th e
concatenation of X and Y. concatenation of X and Y.
</dd> </dd>
</dl> </dl>
</section> </section>
<section numbered="true" toc="default"> <name>Definitions</name> <section numbered="true" toc="default"> <name>Definitions</name>
<t> <t>
This document uses the terms defined in <xref target="RFC9153" This document uses the terms defined in <xref target="RFC9153"
section="2.2" format="default" /> and in <xref section="2.2" format="default" /> and in <xref
target="I-D.ietf-drip-arch" section="2" format="default" />. The target="I-D.ietf-drip-arch" section="2" format="default" />. The
following new terms are used in the document: following terms are used in the document:
</t> </t>
<dl newline="true" spacing="normal"> <dl newline="true" spacing="normal">
<dt>cSHAKE (The customizable SHAKE function <xref <dt>cSHAKE (The customizable SHAKE function <xref
target="DOI_10.6028_NIST.SP.800-185" format="default"/>): </dt> target="DOI_10.6028_NIST.SP.800-185" format="default"/>): </dt>
<dd> <dd>
Extends the SHAKE <xref target="DOI_10.6028_NIST.FIPS.202 Extends the SHAKE scheme <xref target="DOI_10.6028_NIST.F
" IPS.202"
format="default"/> scheme to allow users to customize the format="default"/> to allow users to customize their
ir
use of the SHAKE function. use of the SHAKE function.
</dd> </dd>
<dt>HDA (HHIT Domain Authority):</dt> <dt>HDA (HHIT Domain Authority):</dt>
<dd> <dd>
The 14-bit field that identifies the HHIT Domain Authorit y The 14-bit field that identifies the HHIT Domain Authorit y
under a Registered Assigning Authority (RAA). See <xref under a Registered Assigning Authority (RAA). See <xref
target="HHIT_Format" format="default"/>. target="HHIT_Format" format="default"/>.
</dd> </dd>
<dt>HHIT</dt> <dt>HHIT (Hierarchical Host Identity Tag):</dt>
<dd> <dd>
Hierarchical Host Identity Tag. A HIT with extra A HIT with extra
hierarchical information not found in a standard HIT <xre f hierarchical information not found in a standard HIT <xre f
target="RFC7401" format="default"/>. target="RFC7401" format="default"/>.
</dd> </dd>
<dt>HI</dt> <dt>HI (Host Identity):</dt>
<dd> <dd>
Host Identity. The public key portion of an asymmetric k ey The public key portion of an asymmetric key
pair as defined in <xref target="RFC9063" pair as defined in <xref target="RFC9063"
format="default"/>. format="default"/>.
</dd> </dd>
<dt>HID (Hierarchy ID):</dt> <dt>HID (Hierarchy ID):</dt>
<dd> <dd>
The 28-bit field providing the HIT Hierarchy ID. See <xre f The 28-bit field providing the HIT Hierarchy ID. See <xre f
target="HHIT_Format" format="default"/>. target="HHIT_Format" format="default"/>.
</dd> </dd>
<dt>HIP (Host Identity Protocol)</dt> <dt>HIP (Host Identity Protocol):</dt>
<dd> <dd>The origin of HI, HIT, and HHIT <xref target="RFC7401" format
The origin <xref target="RFC7401" format="default"/> of H ="default"/>.
I,
HIT, and HHIT.
</dd> </dd>
<dt>HIT</dt> <dt>HIT (Host Identity Tag):</dt>
<dd> <dd>
Host Identity Tag. A 128-bit handle on the HI. HITs are A 128-bit handle on the HI. HITs are
valid IPv6 addresses. valid IPv6 addresses.
</dd> </dd>
<dt>Keccak (KECCAK Message Authentication Code):</dt> <dt>Keccak (KECCAK Message Authentication Code):</dt>
<dd> <dd>
The family of all sponge functions with a KECCAK-f The family of all sponge functions with a KECCAK-f
permutation as the underlying function and multi-rate permutation as the underlying function and multi-rate
padding as the padding rule. It refers in particular to padding as the padding rule. In particular, it refers to
all the functions referenced from <xref all the functions referenced from <xref
target="DOI_10.6028_NIST.FIPS.202" format="default"/> and target="DOI_10.6028_NIST.FIPS.202" format="default"/> and
<xref target="DOI_10.6028_NIST.SP.800-185" <xref target="DOI_10.6028_NIST.SP.800-185"
format="default"/>. format="default"/>.
</dd> </dd>
<dt>KMAC (KECCAK Message Authentication Code <xref <dt>KMAC (KECCAK Message Authentication Code <xref
target="DOI_10.6028_NIST.SP.800-185" format="default"/>): </dt> target="DOI_10.6028_NIST.SP.800-185" format="default"/>): </dt>
<dd> <dd>
A Pseudo Random Function (PRF) and keyed hash function A Pseudo Random Function (PRF) and keyed hash function
based on KECCAK. based on KECCAK.
skipping to change at line 300 skipping to change at line 289
target="DOI_10.6028_NIST.FIPS.202" format="default"/>):</ dt> target="DOI_10.6028_NIST.FIPS.202" format="default"/>):</ dt>
<dd> <dd>
A function on bit strings (also called messages) in which A function on bit strings (also called messages) in which
the output can be extended to any desired length. the output can be extended to any desired length.
</dd> </dd>
</dl> </dl>
</section> </section>
</section> </section>
<section anchor="HHIT" numbered="true" toc="default"> <name>The Hierarchical Hos t Identity Tag (HHIT)</name> <section anchor="HHIT" numbered="true" toc="default"> <name>The Hierarchical Hos t Identity Tag (HHIT)</name>
<t> <t>
The Hierarchical HIT (HHIT) is a small but important enhancement The HHIT is a small but important enhancement
over the flat Host Identity Tag (HIT) space, constructed as an over the flat Host Identity Tag (HIT) space, constructed as an
Overlay Routable Cryptographic Hash IDentifier (ORCHID) <xref Overlay Routable Cryptographic Hash IDentifier (ORCHID) <xref
target="RFC7343" format="default"/>. By adding two levels of target="RFC7343" format="default"/>. By adding two levels of
hierarchical administration control, the HHIT provides for device hierarchical administration control, the HHIT provides for device
registration/ownership, thereby enhancing the trust framework for registration/ownership, thereby enhancing the trust framework for
HITs. HITs.
</t> </t>
<t> <t>
The 128-bit HHITs represent the HI in only a 64-bit hash, rather The 128-bit HHITs represent the HI in only a 64-bit hash, rather
than the 96 bits in HITs. 4 of these 32 freed up bits expand the than the 96 bits in HITs. 4 of these 32 freed up bits expand the
Suite ID to 8 bits, and the other 28 bits are used to create a Suite ID to 8 bits, and the other 28 bits are used to create a
hierarchical administration organization for HIT domains. hierarchical administration organization for HIT domains.
Hierarchical HIT construction is defined in <xref target="ORCHIDs" HHIT construction is defined in <xref target="ORCHIDs"
format="default"/>. The input values for the Encoding rules are format="default"/>. The input values for the encoding rules are
described in <xref target="HCGA" format="default"/>. described in <xref target="HCGA" format="default"/>.
</t> </t>
<t> <t>
A HHIT is built from the following fields (<xref A HHIT is built from the following fields (<xref
target="HHIT_Format" format="default"/>): target="HHIT_Format" format="default"/>):
</t> </t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
p = an IPV6 prefix (max 28 bit) p = an IPv6 prefix (max 28 bit)
</li> </li>
<li> <li>
<t>28-bit Hierarchy ID (HID) which provides the structure to <t>28-bit HID which provides the structure to
organize HITs into administrative domains. HIDs are furth er organize HITs into administrative domains. HIDs are furth er
divided into two fields:</t> divided into two fields:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
14-bit Registered Assigning Authority (RA A) (<xref 14-bit Registered Assigning Authority (RA A) (<xref
target="RAA" format="default"/>) target="RAA" format="default"/>)
</li> </li>
<li> <li>
14-bit Hierarchical HIT Domain Authority (HDA) 14-bit HHIT Domain Authority (HDA)
(<xref target="HDA" format="default"/>) (<xref target="HDA" format="default"/>)
</li> </li>
</ul> </ul>
</li> </li>
<li> <li>
8-bit HHIT Suite ID (HHSI) 8-bit HHIT Suite ID (HHSI)
</li> </li>
<li> <li>
ORCHID hash (92 - prefix length, e.g., 64) See <xref ORCHID hash (92 - prefix length, e.g., 64) See <xref
target="ORCHIDs" format="default"/> for more details. target="ORCHIDs" format="default"/> for more details.
skipping to change at line 350 skipping to change at line 339
<li> <li>
8-bit HHIT Suite ID (HHSI) 8-bit HHIT Suite ID (HHSI)
</li> </li>
<li> <li>
ORCHID hash (92 - prefix length, e.g., 64) See <xref ORCHID hash (92 - prefix length, e.g., 64) See <xref
target="ORCHIDs" format="default"/> for more details. target="ORCHIDs" format="default"/> for more details.
</li> </li>
</ul> </ul>
<figure anchor="HHIT_Format"> <figure anchor="HHIT_Format">
<name>HHIT Format</name> <name>HHIT Format</name>
<artwork name="" type="ascii-art" align="left" alt=""> <artwork name="" type="ascii-art" align="left" alt="">
<![CDATA[ <![CDATA[
14 bits| 14 bits 8 bits 14 bits| 14 bits 8 bits
+-------+-------+ +--------------+ +-------+-------+ +--------------+
| RAA | HDA | |HHIT Suite ID | | RAA | HDA | |HHIT Suite ID |
+-------+-------+ +--------------+ +-------+-------+ +--------------+
\ | ____/ ___________/ \ | ____/ ___________/
\ \ _/ ___/ \ \ _/ ___/
\ \/ / \ \/ /
| p bits | 28 bits |8bits| o=92-p bits | | p bits | 28 bits |8bits| o=92-p bits |
+--------------+------------+-----+------------------------+ +--------------+------------+-----+------------------------+
| IPV6 Prefix | HID |HHSI | ORCHID hash | | IPv6 Prefix | HID |HHSI | ORCHID hash |
+--------------+------------+-----+------------------------+ +--------------+------------+-----+------------------------+
]]> ]]>
</artwork> </artwork>
</figure> </figure>
<t> <t>
The Context ID (generated with openssl rand) for the ORCHID hash is: The Context ID (generated with openssl rand) for the ORCHID hash is:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
Context ID := 0x00B5 A69C 795D F5D5 F008 7F56 843F 2C40 Context ID := 0x00B5 A69C 795D F5D5 F008 7F56 843F 2C40
]]> ]]>
</artwork> </artwork>
<t> <t>
Context IDs are allocated out of the namespace introduced for Context IDs are allocated out of the namespace introduced for
Cryptographically Generated Addresses (CGA) Type Tags <xref Cryptographically Generated Addresses (CGA) Type Tags <xref
target="RFC3972" format="default"/>. target="RFC3972" format="default"/>.
</t> </t>
<section anchor="Prefix" numbered="true" toc="default"> <name>HHIT Prefix for RI D Purposes</name> <section anchor="Prefix" numbered="true" toc="default"> <name>HHIT Prefix for RI D Purposes</name>
<t> <t>
The IPv6 HHIT prefix MUST be distinct from that used in the The IPv6 HHIT prefix <bcp14>MUST</bcp14> be distinct from that used in th e
flat-space HIT as allocated in <xref target="RFC7343" flat-space HIT as allocated in <xref target="RFC7343"
format="default"/>. Without this distinct prefix, the first 4 bits format="default"/>. Without this distinct prefix, the first 4 bits
of the RAA would be interpreted as the HIT Suite ID per <xref of the RAA would be interpreted as the HIT Suite ID per <xref
target="RFC7401" format="default">HIPv2</xref>. target="RFC7401" format="default">HIPv2</xref>.
</t> </t>
<t> <t>
Initially, for DET use, one 28-bit prefix should be assigned out of Initially, the IPv6 prefix listed in <xref target="prefix"/> is assigned for DET
the IANA IPv6 Special Purpose Address Block (<xref target="RFC6890" use. It has been registered in the "IANA IPv6 Special-Purpose Address Registry"
format="default"> </xref>). <xref target="RFC6890"/>.</t>
</t> <table anchor="prefix">
<artwork name="" type="" align="left" alt=""> <name>Initial DET IPv6 Prefix</name>
<![CDATA[ <thead>
HHIT Use Bits Value <tr>
DET 28 TBD6 (suggested value 2001:30::/28)
]]> <th>HHIT Use</th>
</artwork> <th>Bits</th>
<th>Value</th>
</tr>
</thead>
<tbody>
<tr>
<td>DET</td>
<td>28</td>
<td>2001:30::/28</td>
</tr>
</tbody>
</table>
<t> <t>
Other prefixes may be added in the future either for DET use or Other prefixes may be added in the future either for DET use or
other applications of HHITs. For a prefix to be added to the other applications of HHITs. For a prefix to be added to the
registry in <xref target="IANA_DRIP_reg" format="default"/>, its registry in <xref target="IANA_DRIP_reg" format="default"/>, its
usage and HID allocation process have to be publicly available. usage and HID allocation process have to be publicly available.
</t> </t>
</section> </section>
<section anchor="HHIT_Suite" numbered="true" toc="default"> <name>HHIT Suite IDs </name> <section anchor="HHIT_Suite" numbered="true" toc="default"> <name>HHIT Suite IDs </name>
<t> <t>
The HHIT Suite IDs specify the HI and hash algorithms. These are a The HHIT Suite IDs specify the HI and hash algorithms. These are a
superset of the 4/8-bit HIT Suite ID as defined in <xref superset of the 4-bit and 8-bit HIT Suite IDs as defined in <xref
target="RFC7401" section="5.2.10" format="default"/>. target="RFC7401" section="5.2.10" format="default"/>.
</t> </t>
<t> <t>
The HHIT values of 1 - 15 map to the basic 4-bit HIT Suite IDs. The HHIT values 1 - 15 map to the basic 4-bit HIT Suite IDs.
HHIT values of 17 - 31 map to the extended 8-bit HIT Suite IDs. HHIT values 17 - 31 map to the extended 8-bit HIT Suite IDs.
HHIT values unique to HHIT will start with value 32. HHIT values unique to HHIT will start with value 32.
</t> </t>
<t> <t>
As HHIT introduces a new Suite ID, EdDSA/cSHAKE128, and since this As HHIT introduces a new Suite ID, EdDSA/cSHAKE128, and because this
is of value to HIPv2, it will be allocated out of the 4-bit HIT is of value to HIPv2, it will be allocated out of the 4-bit HIT
space and result in an update to HIT Suite IDs. Future HHIT Suite space and result in an update to HIT Suite IDs. Future HHIT Suite
IDs may be allocated similarly, or may come out of the additional IDs may be allocated similarly, or they may come out of the additional
space made available by going to 8 bits. space made available by going to 8 bits.
</t> </t>
<t> <t>
The following HHIT Suite IDs are defined: The following HHIT Suite IDs are defined:
</t> </t>
<artwork name="" type="" align="left" alt=""> <table>
<![CDATA[ <name>Initial HHIT Suite IDs</name>
HHIT Suite Value <thead>
RESERVED 0 <tr>
RSA,DSA/SHA-256 1 [RFC7401] <th>HHIT Suite</th>
ECDSA/SHA-384 2 [RFC7401] <th>Value</th>
ECDSA_LOW/SHA-1 3 [RFC7401] </tr>
EdDSA/cSHAKE128 TBD3 (suggested value 5) </thead>
]]> <tbody>
</artwork> <tr>
<section anchor="HDA_OGA" numbered="true" toc="default"> <name>HDA custom HIT Su <td>RESERVED</td>
ite IDs</name> <td>0</td>
</tr>
<tr>
<td>RSA,DSA/SHA-256</td>
<td>1 <xref target="RFC7401"/></td>
</tr>
<tr>
<td>ECDSA/SHA-384</td>
<td>2 <xref target="RFC7401"/></td>
</tr>
<tr>
<td>ECDSA_LOW/SHA-1</td>
<td>3 <xref target="RFC7401"/></td>
</tr>
<tr>
<td>EdDSA/cSHAKE128</td>
<td>5</td>
</tr>
</tbody>
</table>
<section anchor="HDA_OGA" numbered="true" toc="default"> <name>HDA Custom HIT Su
ite IDs</name>
<t> <t>
Support for 8-bit HHIT Suite IDs allows for HDA custom HIT Suite Support for 8-bit HHIT Suite IDs allows for HDA custom HIT Suite IDs (see <xref
IDs. These will be assigned values greater than 15 as follows: target="suiteIDs"/>).
</t> </t>
<artwork name="" type="" align="left" alt=""> <table anchor="suiteIDs">
<![CDATA[ <name>HDA Custom HIT Suite IDs</name>
HHIT Suite Value <thead>
HDA Private Use 1 TBD4 (suggested value 254) <tr>
HDA Private Use 2 TBD5 (suggested value 255) <th>HHIT Suite</th>
]]> <th>Value</th>
</artwork> </tr>
</thead>
<tbody>
<tr>
<td>HDA Private Use 1</td>
<td>254</td>
</tr>
<tr>
<td>HDA Private Use 2</td>
<td>255</td>
</tr>
</tbody>
</table>
<t> <t>
These custom HIT Suite IDs, for example, may be used for These custom HIT Suite IDs, for example, may be used for
large-scale experimenting with post quantum computing hashes or large-scale experimentation with post-quantum computing hashes or
similar domain specific needs. Note that currently there is no similar domain-specific needs. Note that currently there is no
support for domain-specific HI algorithms. support for domain-specific HI algorithms.
</t> </t>
<t> <t>
They should not be used to create a "de facto standardization". They should not be used to create a "de facto standardization".
<xref target="IANA_DRIP_reg" format="default"> </xref> states that <xref target="IANA_DRIP_reg" format="default"> </xref> states that
additional Suite IDs can be made through IETF Review. additional Suite IDs can be made through IETF Review.
</t> </t>
</section> </section>
</section> </section>
<section anchor="HID" numbered="true" toc="default"> <name>The Hierarchy ID (HID )</name> <section anchor="HID" numbered="true" toc="default"> <name>The Hierarchy ID (HID )</name>
<t> <t>
The Hierarchy ID (HID) provides the structure to organize HITs into The HID provides the structure to organize HITs into
administrative domains. HIDs are further divided into two fields: administrative domains. HIDs are further divided into two fields:
</t> </t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
14-bit Registered Assigning Authority (RAA) 14-bit Registered Assigning Authority (RAA)
</li> </li>
<li> <li>
14-bit Hierarchical HIT Domain Authority (HDA) 14-bit HHIT Domain Authority (HDA)
</li> </li>
</ul> </ul>
<t> <t>
The rationale for the 14/14 HID split is described in <xref The rationale for splitting the HID into two 14-bit domains is described in <
xref
target="HID_Split" format="default"/>. target="HID_Split" format="default"/>.
</t> </t>
<t> <t>
The two levels of hierarchy allows for Civil Aviation Authorities The two levels of hierarchy allow for Civil Aviation Authorities
(CAAs) to have it least one RAA for their National Air Space (NAS). (CAAs) to have it least one RAA for their National Air Space (NAS).
Within its RAA(s), the CAAs can delegate HDAs as needed. There may Within its RAAs, the CAAs can delegate HDAs as needed. There may
be other RAAs allowed to operate within a given NAS; this is a be other RAAs allowed to operate within a given NAS; this is a
policy decision of each CAA. policy decision of each CAA.
</t> </t>
<section anchor="RAA" numbered="true" toc="default"> <name>The Registered Assign ing Authority (RAA)</name> <section anchor="RAA" numbered="true" toc="default"> <name>The Registered Assign ing Authority (RAA)</name>
<t> <t>
An RAA is a business or organization that manages a registry of An RAA is a business or organization that manages a registry of
HDAs. For example, the Federal Aviation Authority (FAA) or Japan HDAs. For example, the Federal Aviation Authority (FAA) or Japan
Civil Aviation Bureau (JCAB) could be an RAA. Civil Aviation Bureau (JCAB) could be RAAs.
</t> </t>
<t> <t>
The RAA is a 14-bit field (16,384 RAAs). The management of this The RAA is a 14-bit field (16,384 RAAs). Management of this
space is further elaborated in <xref space is further described in <xref
target="I-D.ietf-drip-registries" format="default"/>. An RAA MUST target="I-D.ietf-drip-registries" format="default"/>. An RAA <bcp14>MUST
</bcp14>
provide a set of services to allocate HDAs to organizations. It provide a set of services to allocate HDAs to organizations. It
SHOULD have a public policy on what is necessary to obtain an HDA. <bcp14>SHOULD</bcp14> have a public policy on what is necessary to obtain
The RAA need not maintain any HIP related services. It MUST an HDA.
maintain a DNS zone minimally for the HDA zone delegation for The RAA need not maintain any HIP-related services. At minimum, it <bcp14
>MUST</bcp14>
maintain a DNS zone for the HDA zone delegation for
discovering HIP RVS servers <xref target="RFC8004" discovering HIP RVS servers <xref target="RFC8004"
format="default"/> for the HID. The zone delegation is covered in format="default"/> for the HID. Zone delegation is covered in
<xref target="I-D.ietf-drip-registries" format="default"/>. <xref target="I-D.ietf-drip-registries" format="default"/>.
</t> </t>
<t> <t>
As DETs under an administrative control may be used in many As DETs under administrative control may be used in many
different domains (e.g., commercial, recreation, military), RAAs different domains (e.g., commercial, recreation, military), RAAs
should be allocated in blocks (e.g. 16-19) with consideration on should be allocated in blocks (e.g., 16-19) with consideration of
the likely size of a particular usage. Alternatively, different the likely size of a particular usage. Alternatively, different
prefixes can be used to separate different domains of use of HHITs. prefixes can be used to separate different domains of use of HHITs.
</t> </t>
<t> <t>
The RAA DNS zone within the UAS DNS tree may be a PTR for its RAA. The RAA DNS zone within the UAS DNS tree may be a PTR for its RAA.
It may be a zone in an HHIT specific DNS zone. Assume that the RAA It may be a zone in a HHIT-specific DNS zone. Assume that the RAA
is decimal 100. The PTR record could be constructed as follows is decimal 100. The PTR record could be constructed as follows
(where 20010030 is the DET prefix): (where 20010030 is the DET prefix):
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
100.20010030.hhit.arpa. IN PTR raa.example.com. 100.20010030.hhit.arpa. IN PTR raa.example.com.
]]> ]]>
</artwork> </artwork>
<t> <t>
Note that if the zone 20010030.hhit.arpa is ultimately used, some Note that if the zone 20010030.hhit.arpa is ultimately used, a
registrar will need to manage this for all HHIT applications. Thus registrar will need to manage this for all HHIT applications. Thus,
further thought will be needed in the actual zone tree and further thought will be needed in the actual DNS zone tree and
registration process <xref target="I-D.ietf-drip-registries" registration process <xref target="I-D.ietf-drip-registries"
format="default"/>. format="default"/>.
</t> </t>
</section> </section>
<section anchor="HDA" numbered="true" toc="default"> <name>The Hierarchical HIT Domain Authority (HDA)</name> <section anchor="HDA" numbered="true" toc="default"> <name>The HHIT Domain Autho rity (HDA)</name>
<t> <t>
An HDA may be an Internet Service Provider (ISP), UAS Service An HDA may be an Internet Service Provider (ISP), UAS Service
Supplier (USS), or any third party that takes on the business to Supplier (USS), or any third party that takes on the business to
provide UAS services management, HIP RVSs or other needed services provide UAS services management, HIP RVSs or other needed services
such as those required for HHIT and/or HIP-enabled devices. such as those required for HHIT and/or HIP-enabled devices.
</t> </t>
<t> <t>
The HDA is a 14-bit field (16,384 HDAs per RAA) assigned by an The HDA is a 14-bit field (16,384 HDAs per RAA) assigned by an
RAA is further elaborated in <xref target="I-D.ietf-drip-registries" RAA and is further described in <xref target="I-D.ietf-drip-registries"
format="default"/>. An HDA must maintain public and private UAS format="default"/>. An HDA must maintain public and private UAS
registration information and should maintain a set of RVS servers registration information and should maintain a set of RVS servers
for UAS clients that may use HIP. How this is done and scales to for UAS clients that may use HIP. How this is done and scales to
the potentially millions of customers are outside the scope of this the potentially millions of customers are outside the scope of this
document, though covered in <xref target="I-D.ietf-drip-registries" document; they are covered in <xref target="I-D.ietf-drip-registries"
format="default"/>. This service should be discoverable through format="default"/>. This service should be discoverable through
the DNS zone maintained by the HDA's RAA. the DNS zone maintained by the HDA's RAA.
</t> </t>
<t> <t>
An RAA may assign a block of values to an individual organization. An RAA may assign a block of values to an individual organization.
This is completely up to the individual RAA's published policy for This is completely up to the individual RAA's published policy for
delegation. Such policy is out of scope. delegation. Such a policy is out of scope for this document.
</t> </t>
</section> </section>
</section> </section>
<section anchor="EdDSA" numbered="true" toc="default"> <name>Edwards-Curve Digit al Signature Algorithm for HHITs</name> <section anchor="EdDSA" numbered="true" toc="default"> <name>Edwards-Curve Digit al Signature Algorithm for HHITs</name>
<t> <t>
The Edwards-Curve Digital Signature Algorithm (EdDSA) <xref The Edwards-Curve Digital Signature Algorithm (EdDSA) <xref
target="RFC8032" format="default"> </xref> is specified here for target="RFC8032" format="default"> </xref> is specified here for
use as HIs per <xref target="RFC7401" format="default">HIPv2</xref>. use as HIs per <xref target="RFC7401" format="default">HIPv2</xref>.
</t> </t>
<t> <t>
The intent in this document is to add EdDSA as a HI algorithm for The intent in this document is to add EdDSA as a HI algorithm for
DETs, but doing so impacts the HIP parameters used in a HIP DETs, but doing so impacts the HIP parameters used in a HIP
exchange. The subsections of this section document the required exchange. Sections <xref target="host_id" format="counter"/> through <xr
updates of HIP parameters. Other than the HIP DNS RR (Resource ef target="hit_suite_list" format="counter"/> describe the required
updates to HIP parameters. Other than the HIP DNS RR (Resource
Record) <xref target="RFC8005" format="default"/>, these should not Record) <xref target="RFC8005" format="default"/>, these should not
be needed in a DRIP implementation that does not use HIP. be needed in a DRIP implementation that does not use HIP.
</t> </t>
<t> <t>
See <xref target="HHIT_Suite" format="default"/> for use of the HIT See <xref target="HHIT_Suite" format="default"/> for use of the HIT
Suite in the context of DRIP. Suite in the context of DRIP.
</t> </t>
<section anchor="host_id" numbered="true" toc="default"> <name>HOST_ID</n ame> <section anchor="host_id" numbered="true" toc="default"> <name>HOST_ID</n ame>
<t> <t>
The HOST_ID parameter specifies the public key algorithm, and for The HOST_ID parameter specifies the public key algorithm, and for
elliptic curves, a name. The HOST_ID parameter is defined in elliptic curves, a name. The HOST_ID parameter is defined in
<xref target="RFC7401" section="5.2.9" format="default"/>. <xref target="RFC7401" section="5.2.9" format="default"/>. <xref target= "hostID"/> adds a new HI Algorithm.
</t> </t>
<artwork name="" type="" align="left" alt=""> <table anchor="hostID">
<![CDATA[ <name>New EdDSA Host ID</name>
Algorithm <thead>
profile Value <tr>
<th> Algorithm
profile</th>
<th>Value</th>
<th>Reference</th>
</tr>
</thead>
<tbody>
<tr>
<td>EdDSA</td>
<td>13</td>
<td><xref target="RFC8032"/></td>
</tr>
</tbody>
</table>
EdDSA TBD1 (suggested value 13) [RFC8032]
]]>
</artwork>
<section anchor="HIP_EdDSA_Parm" numbered="true" toc="default"> <name>HIP Parame ter support for EdDSA</name> <section anchor="HIP_EdDSA_Parm" numbered="true" toc="default"> <name>HIP Parame ter support for EdDSA</name>
<t> <t>
The addition of EdDSA as a HI algorithm requires a subfield in the The addition of EdDSA as a HI algorithm requires a subfield in the
HIP HOST_ID parameter (<xref target="RFC7401" section="5.2.9" HIP HOST_ID parameter (<xref target="RFC7401" section="5.2.9"
format="default"/>) as was done for ECDSA when used in a HIP format="default"/>) as was done for ECDSA when used in a HIP
exchange. exchange.
</t> </t>
<t> <t>
For HIP hosts that implement EdDSA as the algorithm, the following For HIP hosts that implement EdDSA as the algorithm, the following
EdDSA curves are represented by the following fields: EdDSA curves are represented by the fields in <xref target="fig2"/>
</t> </t>
<figure> <figure anchor="fig2">
<name>EdDSA Curves Fields</name>
<artwork> <artwork>
<![CDATA[ <![CDATA[
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| EdDSA Curve | NULL | | EdDSA Curve | NULL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Public Key | | Public Key |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
EdDSA Curve Curve label
Public Key Represented in Octet-string format [RFC8032]
]]> ]]>
</artwork> </artwork>
</figure> </figure>
<dl><dt>EdDSA Curve:</dt><dd>Curve label</dd>
<dt>Public Key:</dt><dd>Represented in Octet-string format <xref target="RFC8032
" /></dd>
</dl>
<t> <t>
For hosts that implement EdDSA as a HIP algorithm the following For hosts that implement EdDSA as a HIP algorithm, the following
EdDSA curves are defined; recommended curves are tagged EdDSA curves are defined. Recommended curves are tagged
accordingly: accordingly:
</t> </t>
<artwork name="" type="" align="left" alt=""> <table>
<![CDATA[ <name>EdDSA Curves</name>
Algorithm Curve Values <thead>
<tr>
<th>Algorithm</th>
<th>Curve</th>
<th>Values</th>
</tr>
</thead>
<tbody>
<tr>
<td>EdDSA</td>
<td>RESERVED</td>
<td>0</td>
</tr>
<tr>
<td>EdDSA</td>
<td>EdDSA25519</td>
<td>1 <xref target="RFC8032"/> (<bcp14>RECOMMENDED</bcp14>)</td>
</tr>
<tr>
<td>EdDSA</td>
<td>EdDSA25519ph</td>
<td>2 <xref target="RFC8032"/></td>
</tr>
<tr>
<td>EdDSA</td>
<td>EdDSA448</td>
<td>3 <xref target="RFC8032"/> (<bcp14>RECOMMENDED</bcp14>)</td>
</tr>
<tr>
<td>EdDSA</td>
<td>EdDSA448ph</td>
<td>4 <xref target="RFC8032"/></td>
</tr>
</tbody>
</table>
EdDSA RESERVED 0
EdDSA EdDSA25519 1 [RFC8032] (RECOMMENDED)
EdDSA EdDSA25519ph 2 [RFC8032]
EdDSA EdDSA448 3 [RFC8032] (RECOMMENDED)
EdDSA EdDSA448ph 4 [RFC8032]
]]>
</artwork>
</section> </section>
<section anchor="HIP_DNS_RR" numbered="true" toc="default"> <name>HIP DNS RR sup port for EdDSA</name> <section anchor="HIP_DNS_RR" numbered="true" toc="default"> <name>HIP DNS RR sup port for EdDSA</name>
<t> <t>
The HIP DNS RR is defined in <xref target="RFC8005" The HIP DNS RR is defined in <xref target="RFC8005"
format="default"/>. It uses the values defined for the 'Algorithm format="default"/>. It uses the values defined for the 'Algorithm
Type' of the IPSECKEY RR <xref target="RFC4025" format="default"/> Type' of the IPSECKEY RR <xref target="RFC4025" format="default"/>
for its PK Algorithm field. for its PK Algorithm field.
</t> </t>
<t> <t>
The new EdDSA HI uses <xref The 'Algorithm Type' value and EdDSA HI encoding are assigned per <xref target="
target="I-D.moskowitz-ipsecme-ipseckey-eddsa" format="default"/> RFC9373" format="default"/>.
for the IPSECKEY RR encoding.
</t> </t>
<!--<t>
The new EdDSA HI uses <xref target="RFC8080" format="default"/> for
the IPSECKEY RR encoding:
</t> -->
<!--<artwork name="" type="" align="left" alt="">
<![CDATA[
Value Description
TBD2 (suggested value 4)
An EdDSA key is present, in the format defined in [RFC8080]
]]>
</artwork> -->
</section> </section>
</section> </section>
<section anchor="hit_suite_list" numbered="true" toc="default"> <name>HIT_SUITE_ LIST</name> <section anchor="hit_suite_list" numbered="true" toc="default"> <name>HIT_SUITE_ LIST</name>
<t> <t>
The HIT_SUITE_LIST parameter contains a list of the supported HIT The HIT_SUITE_LIST parameter contains a list of the HIT
suite IDs of the HIP Responder. Based on the HIT_SUITE_LIST, the suite IDs that the HIP Responder supports. The HIT_SUITE_LIST allows the
HIP Initiator can determine which source HIT Suite IDs are HIP Initiator to determine which source HIT Suite IDs are
supported by the Responder. The HIT_SUITE_LIST parameter is defined supported by the Responder. The HIT_SUITE_LIST parameter is defined
in <xref target="RFC7401" section="5.2.10" format="default"/>. in <xref target="RFC7401" section="5.2.10" format="default"/>.
</t> </t>
<t> <t>
The following HIT Suite ID is defined: The following HIT Suite ID is defined:
</t> </t>
<artwork name="" type="" align="left" alt=""> <table>
<![CDATA[ <name>HIT Suite ID</name>
HIT Suite Value <thead>
EdDSA/cSHAKE128 TBD3 (suggested value 5) <tr>
]]> <th>HIT Suite</th>
</artwork> <th>Value</th>
</tr>
</thead>
<tbody>
<tr>
<td>EdDSA/cSHAKE128</td>
<td>5</td>
</tr>
</tbody>
</table>
<t> <t>
<xref target="table_hit_suites" format="default"/> provides more <xref target="table_hit_suites" format="default"/> provides more
detail on the above HIT Suite combination. detail on the above HIT Suite combination.
</t> </t>
<t> <t>
The output of cSHAKE128 is variable per the needs of a specific The output of cSHAKE128 is variable per the needs of a specific
ORCHID construction. It is at most 96 bits long and is directly ORCHID construction. It is at most 96 bits long and is directly
used in the ORCHID (without truncation). used in the ORCHID (without truncation).
</t> </t>
<table anchor="table_hit_suites" align="center"> <name>HIT Suites</name> <table anchor="table_hit_suites" align="center"> <name>HIT Suites</name>
skipping to change at line 705 skipping to change at line 780
<td align="right">5</td> <td align="right">5</td>
<td align="left">cSHAKE128</td> <td align="left">cSHAKE128</td>
<td align="left">KMAC128</td> <td align="left">KMAC128</td>
<td align="left">EdDSA</td> <td align="left">EdDSA</td>
<td align="left">EdDSA HI hashed with cSHAKE128, output i s variable</td> <td align="left">EdDSA HI hashed with cSHAKE128, output i s variable</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</section> </section>
</section> </section>
<section anchor="ORCHIDs" numbered="true" toc="default"> <name>ORCHIDs for Hiera rchical HITs</name> <section anchor="ORCHIDs" numbered="true" toc="default"> <name>ORCHIDs for HHITs </name>
<t> <t>
This section improves on <xref target="RFC7343" This section improves on <xref target="RFC7343"
format="default">ORCHIDv2</xref> with three enhancements: format="default">ORCHIDv2</xref> with three enhancements:
</t> </t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
Optional "Info" field between the Prefix and ORCHID the inclusion of an optional "Info" field between the Pre fix and ORCHID
Generation Algorithm (OGA) ID. Generation Algorithm (OGA) ID.
</li> </li>
<li> <li>
Increased flexibility on the length of each component in the an increase in flexibility on the length of each componen t in the
ORCHID construction, provided the resulting ORCHID is 128 ORCHID construction, provided the resulting ORCHID is 128
bits. bits.
</li> </li>
<li> <li>
Use of cSHAKE, <xref target="DOI_10.6028_NIST.SP.800-185" the use of cSHAKE <xref target="DOI_10.6028_NIST.SP.800-1
format="default">NIST SP 800-185</xref>, for the hashing 85"
format="default" /> for the hashing
function. function.
</li> </li>
</ul> </ul>
<t> <t>
The <xref target="Keccak" format="default">Keccak</xref> based The
cSHAKE XOF hash function is a variable output length hash function. cSHAKE XOF hash function based on <xref target="Keccak" format="default">
As such it does not use the truncation operation that other hashes Keccak</xref> is a variable output length hash function.
As such, it does not use the truncation operation that other hashes
need. The invocation of cSHAKE specifies the desired number of need. The invocation of cSHAKE specifies the desired number of
bits in the hash output. Further, cSHAKE has a parameter 'S' as a bits in the hash output. Further, cSHAKE has a parameter 'S' as a
customization bit string. This parameter will be used for customization bit string. This parameter will be used for
including the ORCHID Context Identifier in a standard fashion. including the ORCHID Context Identifier in a standard fashion.
</t> </t>
<t> <t>
This ORCHID construction includes the fields in the ORCHID in the This ORCHID construction includes the fields in the ORCHID in the
hash to protect them against substitution attacks. It also provides hash to protect them against substitution attacks. It also provides
for inclusion of additional information, in particular the for inclusion of additional information (in particular, the
hierarchical bits of the Hierarchical HIT, in the ORCHID hierarchical bits of the HHIT) in the ORCHID
generation. This should be viewed as an update to <xref generation. This should be viewed as an update to <xref
target="RFC7343" format="default">ORCHIDv2</xref>, as it can target="RFC7343" format="default">ORCHIDv2</xref>, as it can
produce ORCHIDv2 output. produce ORCHIDv2 output.
</t> </t>
<t> <t>
The follow sub-sections define the general, new, ORCHID construct The following subsections define the new general ORCHID construct
with the specific application here for HHITs. Thus items like the with the specific application for HHITs. Thus items like the
hash size is only discussed as it impacts HHIT's 64-bit hash. Other hash size are only discussed in terms of how they impact the HHIT's 64-bi
hash sizes should be discussed in any other specific use of this t hash. Other
hash sizes should be discussed for other specific uses of this
new ORCHID construct. new ORCHID construct.
</t> </t>
<section anchor="HCGA" numbered="true" toc="default"> <name>Adding Additional In formation to the ORCHID</name> <section anchor="HCGA" numbered="true" toc="default"> <name>Adding Additional In formation to the ORCHID</name>
<t> <t>
ORCHIDv2 <xref target="RFC7343" format="default"/> is defined as ORCHIDv2 <xref target="RFC7343" format="default"/> is defined as
consisting of three components: consisting of three components:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
ORCHID := Prefix | OGA ID | Encode_96( Hash ) ORCHID := Prefix | OGA ID | Encode_96( Hash )
]]>
</artwork>
where: <t>where:</t>
<dl newline="true">
Prefix : A constant 28-bit-long bitstring value <dt>Prefix</dt><dd>A constant 28-bit-long bitstring value
(IPV6 prefix) (IPv6 prefix)</dd>
OGA ID : A 4-bit long identifier for the Hash_function <dt>OGA ID</dt><dd>A 4-bit-long identifier for the Hash_function
in use within the specific usage context. When in use within the specific usage context. When
used for HIT generation this is the HIT Suite ID. used for HIT generation, this is the HIT Suite ID.</dd>
Encode_96( ) : An extraction function in which output is obtained <dt>Encode_96( )</dt><dd> An extraction function in which output is obtained
by extracting the middle 96-bit-long bitstring by extracting the middle 96-bit-long bitstring
from the argument bitstring. from the argument bitstring. </dd>
</dl>
]]>
</artwork>
<t> <t>
The new ORCHID function is as follows: The new ORCHID function is as follows:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
ORCHID := Prefix (p) | Info (n) | OGA ID (o) | Hash (m) ORCHID := Prefix (p) | Info (n) | OGA ID (o) | Hash (m)
]]>
</artwork>
<t>where:</t>
where: <dl newline="true">
<dt>Prefix (p)</dt><dd>An IPv6 prefix of length p (max 28 bits long).</dd>
Prefix (p) : An IPv6 prefix of length p (max 28-bit-long).
Info (n) : n bits of information that define a use of the <dt>Info (n)</dt><dd>n bits of information that define a use of the
ORCHID. 'n' can be zero, that is no additional ORCHID. 'n' can be zero, which means no additional
information. information.</dd>
OGA ID (o) : A 4- or 8-bit long identifier for the Hash_function <dt>OGA ID (o)</dt><dd>A 4- or 8-bit long identifier for the Hash_function
in use within the specific usage context. When in use within the specific usage context. When
used for HIT generation this is the HIT Suite ID used for HIT generation, this is the HIT Suite ID
[IANA-HIP]. When used for HHIT generation this is [IANA-HIP]. When used for HHIT generation, this is
the HHIT Suite ID [TBC_DRIP_REGISTRY]. the HHIT Suite ID <xref target="HHSI"/>.</dd>
Note to the RFC Editor: Please replace [TBC_DRIP_REGISTRY]
with the pointer to the IANA registry created in
Section 8.2.
Hash (m) : An extraction function in which output is 'm' bits.
Sizeof(p + n + o + m) 128 bits <dt>Hash (m)</dt><dd>An extraction function in which output is 'm' bits.</dd>
</dl>
]]> <t>Sizeof(p + n + o + m) = 128 bits</t>
</artwork>
<t> <t>
The ORCHID length MUST be 128 bits. For HHITs with a 28-bit IPv6 The ORCHID length <bcp14>MUST</bcp14> be 128 bits. For HHITs with a 28-b it IPv6
prefix, there are 100 bits remaining to be divided in any manner prefix, there are 100 bits remaining to be divided in any manner
between the additional information ("Info"), OGA ID, and the hash between the additional information ("Info"), OGA ID, and the hash
output. Consideration must be given to the size of the hash output. Consideration must be given to the size of the hash
portion, taking into account risks like pre-image attacks. 64 bits, portion, taking into account risks like pre-image attacks. 64 bits,
as used here for HHITs, may be as small as is acceptable. The size as used here for HHITs, may be as small as is acceptable. The size
of 'n', for the HID, is then determined as what is left; in the of 'n', for the HID, is then determined as what is left; in the
case of the 8-bit OGA used for HHIT, this is 28 bits. case of the 8-bit OGA used for HHIT, this is 28 bits.
</t> </t>
</section> </section>
<section anchor="Encode" numbered="true" toc="default"> <name>ORCHID Encoding</n ame> <section anchor="Encode" numbered="true" toc="default"> <name>ORCHID Encoding</n ame>
<t> <t>
This update adds a different encoding process to that currently This update adds a different encoding process to that currently
used in ORCHIDv2. The input to the hash function explicitly used in ORCHIDv2. The input to the hash function explicitly
includes all the header content plus the Context ID. The header includes all the header content plus the Context ID. The header
content consists of the Prefix, the Additional Information content consists of the Prefix, the Additional Information
("Info"), and OGA ID (HIT Suite ID). Secondly, the length of the ("Info"), and the OGA ID (HIT Suite ID). Secondly, the length of the
resulting hash is set by sum of the length of the ORCHID header resulting hash is set by the sum of the length of the ORCHID header
fields. For example, a 28-bit prefix with 28 bits for the HID and fields. For example, a 28-bit prefix with 28 bits for the HID and
8 bits for the OGA ID leaves 64 bits for the hash length. 8 bits for the OGA ID leaves 64 bits for the hash length.
</t> </t>
<t> <t>
To achieve the variable length output in a consistent manner, the To achieve the variable length output in a consistent manner, the
cSHAKE hash is used. For this purpose, cSHAKE128 is appropriate. cSHAKE hash is used. For this purpose, cSHAKE128 is appropriate.
The cSHAKE function call for this update is: The cSHAKE function call is:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
cSHAKE128(Input, L, "", Context ID) cSHAKE128(Input, L, "", Context ID)
Input := Prefix | Additional Information | OGA ID | HOST_ID Input := Prefix | Additional Information | OGA ID | HOST_ID
L := Length in bits of hash portion of ORCHID L := Length in bits of the hash portion of ORCHID
]]> ]]>
</artwork> </artwork>
<t> <t>
For full Suite ID support (those that use fixed length hashes like For full Suite ID support (those that use fixed length hashes like
SHA256), the following hashing can be used (Note: this does not SHA256), the following hashing can be used (Note: this does not
produce output Identical to ORCHIDv2 for a /28 prefix and produce output identical to ORCHIDv2 for a /28 prefix and
Additional Information of zero-length): Additional Information of zero length):
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
Hash[L](Context ID | Input) Hash[L](Context ID | Input)
Input := Prefix | Additional Information | OGA ID | HOST_ID Input := Prefix | Additional Information | OGA ID | HOST_ID
L := Length in bits of hash portion of ORCHID L := Length in bits of the hash portion of ORCHID
Hash[L] := An extraction function in which output is obtained Hash[L] := An extraction function in which output is obtained
by extracting the middle L-bit-long bitstring by extracting the middle L-bit-long bitstring
from the argument bitstring. from the argument bitstring.
]]> ]]>
</artwork> </artwork>
<t> <t>
The middle L-bits are those bits from the source number where The middle L-bits are those bits from the source number where
either there is an equal number of bits before and after these either there is an equal number of bits before and after these
bits, or there is one more bit prior (when the difference between bits, or there is one more bit prior (when the difference between
hash size and L is odd). hash size and L is odd).
</t> </t>
<t> <t>
Hierarchical HITs use the Context ID defined in <xref target="HHIT" HHITs use the Context ID defined in <xref target="HHIT"
format="default"/>. format="default"/>.
</t> </t>
<section anchor="HITv2_Encode" numbered="true" toc="default"> <name>Encoding ORC HIDs for HIPv2</name> <section anchor="HITv2_Encode" numbered="true" toc="default"> <name>Encoding ORC HIDs for HIPv2</name>
<t> <t>
This section discusses how to provide backwards compatibility for This section discusses how to provide backwards compatibility for
<xref target="RFC7343" format="default">ORCHIDv2</xref> as used in <xref target="RFC7343" format="default">ORCHIDv2</xref> as used in
<xref target="RFC7401" format="default">HIPv2</xref>. <xref target="RFC7401" format="default">HIPv2</xref>.
</t> </t>
<t> <t>
For HIPv2, the Prefix is 2001:20::/28 (<xref target="RFC7343" For HIPv2, the Prefix is 2001:20::/28 (<xref target="RFC7343"
section="6" format="default"/>). 'Info' is zero-length (i.e., not section="6" format="default"/>). 'Info' is zero-length (i.e., not
included), and OGA ID is 4-bit. Thus, the HI Hash is 96-bit included), and OGA ID is 4-bit. Thus, the HI Hash is 96 bits
length. Further, the Prefix and OGA ID are not included in the in length. Further, the Prefix and OGA ID are not included in the
hash calculation. Thus, the following ORCHID calculations for fixed hash calculation. Thus, the following ORCHID calculations for fixed
output length hashes are used: output length hashes are used:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
Hash[L](Context ID | Input) Hash[L](Context ID | Input)
Input := HOST_ID Input := HOST_ID
L := 96 L := 96
Context ID := 0xF0EF F02F BFF4 3D0F E793 0C3C 6E61 74EA Context ID := 0xF0EF F02F BFF4 3D0F E793 0C3C 6E61 74EA
skipping to change at line 928 skipping to change at line 1001
</section> </section>
</section> </section>
<section anchor="Decode" numbered="true" toc="default"> <name>ORCHID Decoding</n ame> <section anchor="Decode" numbered="true" toc="default"> <name>ORCHID Decoding</n ame>
<t> <t>
With this update, the decoding of an ORCHID is determined by the With this update, the decoding of an ORCHID is determined by the
Prefix and OGA ID. ORCHIDv2 <xref target="RFC7343" Prefix and OGA ID. ORCHIDv2 <xref target="RFC7343"
format="default"/> decoding is selected when the Prefix is: format="default"/> decoding is selected when the Prefix is:
2001:20::/28. 2001:20::/28.
</t> </t>
<t> <t>
For Hierarchical HITs, the decoding is determined by the presence For HHITs, the decoding is determined by the presence
of the HHIT Prefix as specified in <xref target="IANA_DRIP_reg" of the HHIT Prefix as specified in <xref target="IANA_DRIP_reg"
format="default"/>. format="default"/>.
</t> </t>
</section> </section>
<section anchor="HITv2_Decode" numbered="true" toc="default"> <name>Decoding ORC HIDs for HIPv2</name> <section anchor="HITv2_Decode" numbered="true" toc="default"> <name>Decoding ORC HIDs for HIPv2</name>
<t> <t>
This section is included to provide backwards compatibility for <xref This section is included to provide backwards compatibility for <xref
target="RFC7343" format="default">ORCHIDv2</xref> as used for <xref target="RFC7343" format="default">ORCHIDv2</xref> as used for <xref
target="RFC7401" format="default">HIPv2</xref>. target="RFC7401" format="default">HIPv2</xref>.
</t> </t>
<t> <t>
HITs are identified by a Prefix of 2001:20::/28. The next 4 bits HITs are identified by a Prefix of 2001:20::/28. The next 4 bits
are the OGA ID. The remaining 96 bits are the HI Hash. are the OGA ID. The remaining 96 bits are the HI Hash.
</t> </t>
</section> </section>
</section> </section>
</section> </section>
<section anchor="HHIT_RID" numbered="true" toc="default"> <name>Hierarchical HIT s as DRIP Entity Tags</name> <section anchor="HHIT_RID" numbered="true" toc="default"> <name>HHITs as DRIP En tity Tags</name>
<t> <t>
HHITs for UAS ID (called, DETs) use the new EdDSA/SHAKE128 HIT HHITs for UAS ID (called, DETs) use the new EdDSA/SHAKE128 HIT
suite defined in <xref target="EdDSA" format="default"/> (GEN-2 in suite defined in <xref target="EdDSA" format="default"/> (GEN-2 in
<xref target="RFC9153" format="default" />). This hierarchy, <xref target="RFC9153" format="default" />). This hierarchy,
cryptographically bound within the HHIT, provides the information cryptographically bound within the HHIT, provides the information
for finding the UA's HHIT registry (ID-3 in <xref target="RFC9153" for finding the UA's HHIT registry (ID-3 in <xref target="RFC9153"
format="default" />). format="default" />).
</t> </t>
<t anchor="IDtypes"> <t anchor="IDtypes">
The ASTM Standard Specification for Remote ID and Tracking <xref The ASTM Standard Specification for Remote ID and Tracking <xref
target="F3411-22a" format="default"/> adds support for DETs. This target="F3411-22a" format="default"/> adds support for DETs. This
is only available via the new UAS ID type 4, "Specific Session ID is only available via the new UAS ID type 4, "Specific Session ID
(SSI)". (SSI)".
</t> </t>
<t> <t>
This new SSI uses the first byte of the 20-byte UAS ID for the SSI This new SSI uses the first byte of the 20-byte UAS ID for the SSI
Type, thus restricting the UAS ID of this type to a maximum of 19 Type, thus restricting the UAS ID of this type to a maximum of 19
bytes. The SSI Types initially assigned are: bytes. The SSI Types initially assigned are:
</t> </t>
<ol spacing="normal" type="SSI %d" group="SSI"> <dl>
<li> <dt>SSI 1:</dt><dd>IETF - DRIP Drone Remote ID Protocol (DRIP) entity ID.</dd>
IETF - DRIP Drone Remote ID Protocol (DRIP) entity ID. <dt>SSI 2:</dt><dd>3GPP - IEEE 1609.2-2016 HashedID8</dd>
</li> </dl>
<li>
3GPP - IEEE 1609.2-2016 HashedID8
</li>
</ol>
<section anchor="DET_Nontransfer" numbered="true" toc="default"> <name>Nontransf erablity of DETs</name> <section anchor="DET_Nontransfer" numbered="true" toc="default"> <name>Nontransf erablity of DETs</name>
<t> <t>
A HI and its DET SHOULD NOT be transferable between UA or even A HI and its DET <bcp14>SHOULD NOT</bcp14> be transferable between UA or even
between replacement electronics (e.g., replacement of damaged between replacement electronics (e.g., replacement of damaged
controller CPU) for a UA. The private key for the HI SHOULD be controller CPU) for a UA. The private key for the HI <bcp14>SHOULD</bcp1 4> be
held in a cryptographically secure component. held in a cryptographically secure component.
</t> </t>
</section> </section>
<section anchor="CTA_Encode" numbered="true" toc="default"> <name>Encoding HHITs in CTA 2063-A Serial Numbers</name> <section anchor="CTA_Encode" numbered="true" toc="default"> <name>Encoding HHITs in CTA 2063-A Serial Numbers</name>
<t> <t>
In some cases, it is advantageous to encode HHITs as a CTA 2063-A In some cases, it is advantageous to encode HHITs as a CTA 2063-A
Serial Number <xref target="CTA2063A" format="default"/>. For Serial Number <xref target="CTA2063A" format="default"/>. For
example, the FAA Remote ID Rules <xref target="FAA_RID" example, the FAA Remote ID Rules <xref target="FAA_RID"
format="default"/> state that a Remote ID Module (i.e., not format="default"/> state that a Remote ID Module (i.e., not
integrated with UA controller) must only use "the serial number of integrated with UA controller) must only use "the serial number of
the unmanned aircraft"; CTA 2063-A meets this requirement. the unmanned aircraft"; CTA 2063-A meets this requirement.
</t> </t>
<t> <t>
Encoding an HHIT within the CTA 2063-A format is not simple. The Encoding a HHIT within the CTA 2063-A format is not simple. The
CTA 2063-A format is defined as follows: CTA 2063-A format is defined as follows:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
Serial Number := MFR Code | Length Code | MFR SN Serial Number := MFR Code | Length Code | MFR SN
]]>
</artwork>
<t>where:</t>
where: <dl newline="true">
<dt>MFR Code</dt><dd>4 character code assigned by ICAO
MFR Code : 4 character code assigned by ICAO
(International Civil Aviation Organization, (International Civil Aviation Organization,
a UN Agency). a UN Agency).</dd>
Length Code : 1 character Hex encoding of MFR SN length (1-F).
MFR SN : US-ASCII alphanumeric code (0-9, A-Z except O and I). <dt>Length Code</dt><dd>1 character Hex encoding of MFR SN length (1-F).</dd>
Maximum length of 15 characters. <dt>MFR SN</dt><dd>US-ASCII alphanumeric code (0-9, A-Z except O and I).
]]> Maximum length of 15 characters.</dd>
</artwork> </dl>
<t> <t>
There is no place for the HID; there will need to be a mapping There is no place for the HID; there will need to be a mapping
service from Manufacturer Code to HID. The HHIT Suite ID and service from Manufacturer Code to HID. The HHIT Suite ID and
ORCHID hash will take the full 15 characters (as described below) ORCHID hash will take the full 15 characters (as described below)
of the MFR SN field. of the MFR SN field.
</t> </t>
<t> <t>
A character in a CTA 2063-A Serial Number "shall include any A character in a CTA 2063-A Serial Number "shall include any
combination of digits and uppercase letters, except the letters O combination of digits and uppercase letters, except the letters O
and I, but may include all digits". This would allow for a Base34 and I, but may include all digits". This would allow for a Base34
encoding of the binary HHIT Suite ID and ORCHID hash in 15 encoding of the binary HHIT Suite ID and ORCHID hash in 15
characters. Although, programmatically, such a conversion is not characters. Although, programmatically, such a conversion is not
hard, other technologies (e.g., credit card payment systems) that hard, other technologies (e.g., credit card payment systems) that
have used such odd base encoding have had performance challenges. have used such odd base encoding have had performance challenges.
Thus, here a Base32 encoding will be used by also excluding the Thus, here a Base32 encoding will be used by also excluding the
letters Z and S (too similar to the digits 2 and 5). See <xref letters Z and S (because they are too similar to the digits 2 and 5, resp ectively). See <xref
target="Base32" format="default"/> for the encoding scheme. target="Base32" format="default"/> for the encoding scheme.
</t> </t>
<t> <t>
The low-order 72 bits (HHIT Suite ID | ORCHID hash) of the HHIT The low-order 72 bits (HHIT Suite ID | ORCHID hash) of the HHIT
SHALL be left-padded with 3 bits of zeros. This 75-bit number will <bcp14>SHALL</bcp14> be left-padded with 3 bits of zeros. This 75-bit nu mber will
be encoded into the 15-character MFR SN field using the be encoded into the 15-character MFR SN field using the
digit/letters above. The manufacturer MUST use a Length Code of F digit/letters as described above. The manufacturer <bcp14>MUST</bcp14> u se a Length Code of F
(15). (15).
</t> </t>
<t> <t>
Note: The manufacturer MAY use the same Manufacturer Code with a Note: The manufacturer <bcp14>MAY</bcp14> use the same Manufacturer Code with a
Length Code of 1 - E (1 - 14) for other types of serial numbers. Length Code of 1 - E (1 - 14) for other types of serial numbers.
</t> </t>
<t> <t>
Using the sample DET from <xref target="HHIT_DNS" Using the sample DET from <xref target="S5-DET"
format="default"/> that is for HDA=20 under RAA=10 and having the format="default"/> that is for HDA=20 under RAA=10 and having the
ICAO CTA MFR Code of 8653, the 20-character CTA 2063-A Serial ICAO CTA MFR Code of 8653, the 20-character CTA 2063-A Serial
Number would be: Number would be:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
8653F02T7B8RA85D19LX 8653F02T7B8RA85D19LX
]]> ]]>
</artwork> </artwork>
<t> <t>
A mapping service (e.g., DNS) MUST provide a trusted (e.g., via A mapping service (e.g., DNS) <bcp14>MUST</bcp14> provide a trusted (e.g. , via
DNSSEC <xref target="RFC4034" format="default"/>) conversion of the DNSSEC <xref target="RFC4034" format="default"/>) conversion of the
4-character Manufacturer Code to high-order 58 bits (Prefix | HID) 4-character Manufacturer Code to high-order 58 bits (Prefix | HID)
of the HHIT. That is, given a Manufacturer Code, a returned of the HHIT. That is, given a Manufacturer Code, a returned
Prefix|HID value is reliable. Definition of this mapping service Prefix|HID value is reliable. Definition of this mapping service
is out of scope of this document. is out of scope of this document.
</t> </t>
<t> <t>
It should be noted that this encoding would only be used in the It should be noted that this encoding would only be used in the
Basic ID Message (<xref target="RFC9153" section="2.2" Basic ID Message (<xref target="RFC9153" section="2.2"
format="default"/>). The DET is used in the Authentication Messages format="default"/>). The DET is used in the Authentication Messages
(i.e., the messages that provide framing for authentication data (i.e., the messages that provide framing for authentication data
only). only).
</t> </t>
</section> </section>
<section numbered="true" toc="default"> <name>Remote ID DET as one Class of Hier archical HITs</name> <section numbered="true" toc="default"> <name>Remote ID DET as one Class of HHIT s</name>
<t> <t>
UAS Remote ID DET may be one of a number of uses of HHITs. UAS Remote ID DET may be one of a number of uses of HHITs.
However, it is out of the scope of the document to elaborate on However, it is out of the scope of the document to elaborate on
other uses of HHITs. As such these follow-on uses need to be other uses of HHITs. As such these follow-on uses need to be
considered in allocating the RAAs (<xref target="RAA" considered in allocating the RAAs (<xref target="RAA"
format="default"/>) or HHIT prefix assignments (<xref target="IANA" format="default"/>) or HHIT prefix assignments (<xref target="IANA"
format="default"/>). format="default"/>).
</t> </t>
</section> </section>
<section numbered="true" toc="default"> <name>Hierarchy in ORCHID Generation</na me> <section numbered="true" toc="default"> <name>Hierarchy in ORCHID Generation</na me>
<t> <t>
ORCHIDS, as defined in <xref target="RFC7343" format="default"/>, ORCHIDS, as defined in <xref target="RFC7343" format="default"/>,
do not cryptographically bind an IPv6 prefix nor the OGA ID (the do not cryptographically bind an IPv6 prefix or the OGA ID (the
HIT Suite ID) to the hash of the HI. The rationale at the time of HIT Suite ID) to the hash of the HI. At the time ORCHID was being develo
developing ORCHID was attacks against these fields are ped, the rationale was attacks against these fields are
Denial-of-Service (DoS) attacks against protocols using ORCHIDs and Denial-of-Service (DoS) attacks against protocols using ORCHIDs and
thus up to those protocols to address the issue. thus it was up to those protocols to address the issue.
</t> </t>
<t> <t>
HHITs, as defined in <xref target="ORCHIDs" format="default"/>, HHITs, as defined in <xref target="ORCHIDs" format="default"/>,
cryptographically bind all content in the ORCHID through the cryptographically bind all content in the ORCHID through the
hashing function. A recipient of a DET that has the underlying HI hashing function. A recipient of a DET that has the underlying HI
can directly trust and act on all content in the HHIT. This can directly trust and act on all content in the HHIT. This
provides a strong, self-claim for using the hierarchy to find the provides a strong, self-claim for using the hierarchy to find the
DET Registry based on the HID (<xref target="DET_Regy" DET Registry based on the HID (<xref target="DET_Regy"
format="default"/>). format="default"/>).
</t> </t>
</section> </section>
<section anchor="DET_Regy" numbered="true" toc="default"> <name>DRIP Entity Tag (DET) Registry</name> <section anchor="DET_Regy" numbered="true" toc="default"> <name>DRIP Entity Tag (DET) Registry</name>
<t> <t>
DETs are registered to HDAs. A registration process, <xref DETs are registered to HDAs. The registration process defined in <xref
target="I-D.ietf-drip-registries" format="default"/>, target="I-D.ietf-drip-registries" format="default"/>
ensures DET global uniqueness (ID-4 in <xref ensures DET global uniqueness (ID-4 in <xref
target="RFC9153" format="default" />). It also provides target="RFC9153" sectionFormat="of" section="4.2.1"/>). It also allows
the mechanism to create UAS public/private data that are associated the mechanism to create UAS public/private data that are associated
with the DET (REG-1 and REG-2 in <xref target="RFC9153" with the DET (REG-1 and REG-2 in <xref target="RFC9153"
format="default" />). sectionFormat="of" section="4.4.1" />).
</t> </t>
</section> </section>
<section anchor="RID_Auth" numbered="true" toc="default"> <name>Remote ID Authen tication using DETs</name> <section anchor="RID_Auth" numbered="true" toc="default"> <name>Remote ID Authen tication Using DETs</name>
<t> <t>
The EdDSA25519 HI (<xref target="EdDSA" format="default"/>) The EdDSA25519 HI (<xref target="EdDSA" format="default"/>)
underlying the DET can be used in an 88-byte self-proof evidence underlying the DET can be used in an 88-byte self-proof evidence
(timestamp, HHIT, and signature of these) to provide proof to (timestamps, HHIT, and signature of these) to provide proof to
Observers of Remote ID ownership (GEN-1 in <xref target="RFC9153" Observers of Remote ID ownership (GEN-1 in <xref target="RFC9153"
format="default" />). In practice, the Wrapper and Manifest sectionFormat="of" section="4.1.1"/>). In practice, the Wrapper and Mani fest
authentication formats (Sections <xref target="I-D.ietf-drip-auth" authentication formats (Sections <xref target="I-D.ietf-drip-auth"
section="6.3.3" sectionFormat="bare"/> and <xref section="6.3.3" sectionFormat="bare"/> and <xref
target="I-D.ietf-drip-auth" section="6.3.4" sectionFormat="bare"/> target="I-D.ietf-drip-auth" section="6.3.4" sectionFormat="bare"/>
of <xref target="I-D.ietf-drip-auth" format="default"/>) implicitly of <xref target="I-D.ietf-drip-auth" format="default"/>) implicitly
provide this self-evidence. A lookup service like DNS can provide this self-proof evidence. A lookup service like DNS can
provide the HI and registration proof (GEN-3 in <xref provide the HI and registration proof (GEN-3 in <xref
target="RFC9153" format="default" />). target="RFC9153" format="default" />).
</t> </t>
<t> <t>
Similarly, for Observers without Internet access, a 200-byte Similarly, for Observers without Internet access, a 200-byte
offline self-endorsement (<xref target="I-D.ietf-drip-auth" offline self-endorsement (<xref target="I-D.ietf-drip-auth"
section="3.1.2" format="default"/>) could provide the same Remote section="3.1.2" format="default"/>) could provide the same Remote
ID ownership proof. This endorsement would contain the HDA's ID ownership proof. This endorsement would contain the HDA's
signing of the UA's HHIT, itself signed by the UA's HI. Only a signing of the UA's HHIT, itself signed by the UA's HI. Only a
small cache (also <xref target="I-D.ietf-drip-auth" section="3.1.2" small cache (also <xref target="I-D.ietf-drip-auth" section="3.1.2"
skipping to change at line 1147 skipping to change at line 1218
authentication message. authentication message.
</t> </t>
<t> <t>
Hashes of any previously sent ASTM messages can be placed in a Hashes of any previously sent ASTM messages can be placed in a
Manifest authentication message (GEN-2 in <xref Manifest authentication message (GEN-2 in <xref
target="RFC9153" format="default" />). When a Location/Vector target="RFC9153" format="default" />). When a Location/Vector
Message (i.e., a message that provides UA location, altitude, Message (i.e., a message that provides UA location, altitude,
heading, speed, and status) hash along with the hash of the HDA's heading, speed, and status) hash along with the hash of the HDA's
UA HHIT endorsement are sent in a Manifest authentication message UA HHIT endorsement are sent in a Manifest authentication message
and the Observer can visually see a UA at the claimed location, the and the Observer can visually see a UA at the claimed location, the
Observer has a very strong proof of the UA's Remote ID. Observer has very strong proof of the UA's Remote ID.
</t> </t>
<t> <t>
All this behavior and how to mix these authentication messages into This behavior and how to mix these authentication messages into
the flow of UA operation messages are detailed in <xref the flow of UA operation messages are detailed in <xref
target="I-D.ietf-drip-auth" format="default"/>. target="I-D.ietf-drip-auth" format="default"/>.
</t> </t>
</section> </section>
</section> </section>
<section anchor="HHIT_DNS" numbered="true" toc="default"> <name>DRIP Entity Tags (DETs) in DNS</name> <section anchor="HHIT_DNS" numbered="true" toc="default"> <name>DRIP Entity Tags (DETs) in DNS</name>
<t> <t>
There are two approaches for storing and retrieving DETs using DNS. There are two approaches for storing and retrieving DETs using DNS.
The following are examples of how this may be done. This will The following are examples of how this may be done. This
serve as guidance to the actual deployment of DETs in DNS. serves as guidance to the actual deployment of DETs in DNS.
However, this document does not provide a recommendation. Further However, this document does not provide a recommendation about which appr
oach to use.
Further
DNS-related considerations are covered in <xref DNS-related considerations are covered in <xref
target="I-D.ietf-drip-registries" format="default"/>. target="I-D.ietf-drip-registries" format="default"/>.
</t> </t>
<ul> <ul>
<li> <li>
As FQDNs, for example, "20010030.hhit.arpa.". As FQDNs, for example, "20010030.hhit.arpa.".
</li> </li>
<li> <li>
Reverse DNS lookups as IPv6 addresses per <xref Reverse DNS lookups as IPv6 addresses per <xref
target="RFC8005" format="default"/>. target="RFC8005" format="default"/>.
</li> </li>
</ul> </ul>
<t> <t>
A DET can be used to construct an FQDN that points to the USS A DET can be used to construct an FQDN that points to the USS
that has the public/private information for the UA (REG-1 and REG-2 that has the public/private information for the UA (REG-1 and REG-2
in <xref target="RFC9153" format="default" />). For example, the in <xref target="RFC9153" sectionFormat="of" section="4.4.1"/>). For exa mple, the
USS for the HHIT could be found via the following: assume the RAA USS for the HHIT could be found via the following: assume the RAA
is decimal 100 and the HDA is decimal 50. The PTR record is is decimal 100 and the HDA is decimal 50. The PTR record is
constructed as follows: constructed as follows:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
100.50.20010030.hhit.arpa. IN PTR foo.uss.example.org. 100.50.20010030.hhit.arpa. IN PTR foo.uss.example.org.
]]> ]]>
</artwork> </artwork>
<t> <t>
The HDA SHOULD provide DNS service for its zone and provide the The HDA <bcp14>SHOULD</bcp14> provide DNS service for its zone and provid e the
HHIT detail response. HHIT detail response.
</t> </t>
<t> <t>
The DET reverse lookup can be a standard IPv6 reverse look up, or The DET reverse lookup can be a standard IPv6 reverse look up, or
it can leverage off the HHIT structure. Using the allocated prefix it can leverage off the HHIT structure. Using the allocated prefix
for HHITs TBD6 [suggested value 2001:30::/28] (See <xref for HHITs 2001:30::/28 (see <xref
target="Prefix" format="default" />), the RAA is decimal 10 and the target="Prefix" format="default" />), the RAA is decimal 10 and the
HDA is decimal 20, the DET is: HDA is decimal 20, the DET is:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork anchor="S5-DET" name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
2001:30:280:1405:a3ad:1952:ad0:a69e 2001:30:280:1405:a3ad:1952:ad0:a69e
]]> ]]>
</artwork> </artwork>
<t> <t>
See <xref target="DET_Encoding" format="default" /> for how the See <xref target="DET_Encoding" format="default" /> for how the
upper 64 bits, above, are constructed. A DET reverse lookup could upper 64 bits, above, are constructed. A DET reverse lookup could
be to: be:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
a69e.0ad0.1952.a3ad.1405.0280.20.10.20010030.hhit.arpa.. a69e.0ad0.1952.a3ad.1405.0280.20.10.20010030.hhit.arpa.
]]> ]]>
</artwork> </artwork>
<t> <t>
or: or:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
a3ad19520ad0a69e.5.20.10.20010030.hhit.arpa. a3ad19520ad0a69e.5.20.10.20010030.hhit.arpa.
]]> ]]>
</artwork> </artwork>
skipping to change at line 1254 skipping to change at line 1328
Control Station (GCS) HHIT ID. Some GCS will use its HHIT for Control Station (GCS) HHIT ID. Some GCS will use its HHIT for
securing its Network Remote ID (to USS HHIT) and Command and securing its Network Remote ID (to USS HHIT) and Command and
Control (C2, <xref target="RFC9153" section="2.2.2" Control (C2, <xref target="RFC9153" section="2.2.2"
format="default" />) transports. format="default" />) transports.
</t> </t>
<t> <t>
Observers may have their own HHITs to facilitate UAS information Observers may have their own HHITs to facilitate UAS information
retrieval (e.g., for authorization to private UAS data). They retrieval (e.g., for authorization to private UAS data). They
could also use their HHIT for establishing a HIP connection with could also use their HHIT for establishing a HIP connection with
the UA Pilot for direct communications per authorization. Details the UA Pilot for direct communications per authorization. Details
about such issues are out of the scope of this document). about such issues are out of the scope of this document.
</t> </t>
</section> </section>
<section anchor="Reqs" numbered="true" toc="default"> <name>Summary of Addressed DRIP Requirements</name> <section anchor="Reqs" numbered="true" toc="default"> <name>Summary of Addressed DRIP Requirements</name>
<t> <t>
This document provides the details to solutions for GEN 1 - 3, ID 1 This document provides the details to solutions for GEN 1 - 3, ID 1
- 5, and REG 1 - 2 requirements that are described in <xref - 5, and REG 1 - 2 requirements that are described in <xref
target="RFC9153" format="default" />. target="RFC9153" format="default" />.
</t> </t>
</section> </section>
<section anchor="IANA" numbered="true" toc="default"> <name>IANA Considerations< /name> <section anchor="IANA" numbered="true" toc="default"> <name>IANA Considerations< /name>
<section anchor="IANA-DET-prefix" numbered="true" toc="default"> <name>New Well- Known IPv6 prefix for DETs</name> <section anchor="IANA-DET-prefix" numbered="true" toc="default"> <name>New Well- Known IPv6 Prefix for DETs</name>
<t> <t>
Since the DET format is not compatible with <xref target="RFC7343" Since the DET format is not compatible with <xref target="RFC7343"
format="default"> </xref>, IANA is requested to allocate a new format="default"> </xref>, IANA has allocated the following
prefix following this template for the IPv6 Special-Purpose Address prefix per this template for the "IANA IPv6 Special-Purpose Address
Registry. Registry" <xref target="IPv6-SPECIAL" />.
</t> </t>
<dl newline="true"> <dl newline="true">
<dt>Address Block:</dt> <dt>Address Block:</dt>
<dd> <dd>2001:30::/28</dd>
IANA is requested to allocate a new 28-bit prefix out of
the IANA IPv6 Special Purpose Address Block, namely
2001::/23, as per <xref target="RFC6890" format="default"
>
</xref> (TBD6, suggested: 2001:30::/28).
</dd>
<dt>Name:</dt> <dt>Name:</dt>
<dd> <dd>Drone Remote ID Protocol Entity Tags (DETs) Prefix</dd>
This block should be named "DRIP Entity Tags (DETs) <dt>Reference</dt>
Prefix". <dd>This document</dd>
</dd>
<dt>RFC:</dt>
<dd>
This document.
</dd>
<dt>Allocation Date:</dt> <dt>Allocation Date:</dt>
<dd> <dd>
Date this document published. 2022-12
</dd> </dd>
<dt>Termination Date:</dt> <dt>Termination Date:</dt>
<dd> <dd>
Forever. N/A
</dd> </dd>
<dt>Source:</dt> <dt>Source:</dt>
<dd> <dd>
False. True
</dd> </dd>
<dt>Destination:</dt> <dt>Destination:</dt>
<dd> <dd>
False. True
</dd> </dd>
<dt>Forwardable:</dt> <dt>Forwardable:</dt>
<dd> <dd>
False. True
</dd> </dd>
<dt>Globally Reachable:</dt> <dt>Globally Reachable:</dt>
<dd> <dd>
False. True
</dd> </dd>
<dt>Reserved-by-Protocol:</dt> <dt>Reserved-by-Protocol:</dt>
<dd> <dd>
False. False
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="IANA_DRIP_reg" numbered="true" toc="default"> <name>New IANA DR IP Registry</name> <section anchor="IANA_DRIP_reg" numbered="true" toc="default"> <name>New IANA DR IP Registry</name>
<t> <t>
This document requests IANA to create a new registry titled "Drone IANA has created the "Drone
Remote ID Protocol" registry. It is suggested that multiple Remote ID Protocol" registry. The following two subregistries have been
designated experts be appointed for registry change requests. created within the "Drone Remote ID Protocol" group.
</t>
<t>
Criteria that should be applied by the designated experts include
determining whether the proposed registration duplicates existing
functionality and whether the registration description is clear and
fits the purpose of this registry.
</t>
<t>
Registration requests MUST be sent to <eref
target="drip-reg-review@ietf.org"/> and are evaluated within a
three-week review period on the advice of one or more designated
experts. Within the review period, the designated experts will
either approve or deny the registration request, communicating this
decision to the review list and IANA. Denials should include an
explanation and, if applicable, suggestions as to how to make the
request successful.
</t>
<t>
Registration requests that are undetermined for a period longer
than 28 days can be brought to the IESG's attention for resolution.
</t>
<t>
The following two subregistries should be created under that registry.
</t> </t>
<dl newline="true">
<dt>Hierarchical HIT (HHIT) Prefixes:</dt> <section anchor="IANA_HHIT_PRE" numbered="true" toc="default">
<dd> <name>HHIT Prefixes</name>
Initially, for DET use, one 28-bit prefix should be <t> Initially, for DET use, one 28-bit prefix has been
assigned out of the IANA IPv6 Special Purpose Address assigned out of the IANA IPv6 Special Purpose Address
Block, namely 2001::/23, as per <xref target="RFC6890" Block, namely 2001::/23, as per <xref target="RFC6890"
format="default"> </xref>. Future additions to this format="default"> </xref>. Future additions to this
subregistry are to be made through Expert Review (<xref subregistry are to be made through Expert Review (<xref
target="RFC8126" section="4.5" format="default"/>). target="RFC8126" section="4.5" format="default"/>).
Entries with network-specific prefixes may be present in Entries with network-specific prefixes may be present in
the registry. the registry.
</t>
<table>
<name>Registered DET IPv6 Prefix</name>
<thead>
<tr>
</dd> <th>HHIT Use</th>
</dl> <th>Bits</th>
<artwork name="" type="" align="left" alt=""> <th>Value</th>
<![CDATA[ <th>Reference</th>
HHIT Use Bits Value Reference </tr>
DET 28 TBD6 (suggested value 2001:30::/28) [This] </thead>
]]> <tbody>
</artwork> <tr>
<dl newline="true">
<dt>Hierarchical HIT (HHIT) Suite ID:</dt> <td>DET</td>
<dd> <td>28</td>
This 8-bit valued subregistry is a superset of the 4/8-bi <td>2001:30::/28</td>
t <td>RFC 9374</td>
</tr>
</tbody>
</table>
<t>
Criteria that should be applied by the designated experts includes
determining whether the proposed registration duplicates existing
functionality and whether the registration description is clear and
fits the purpose of this registry.
</t>
<t>
Registration requests <bcp14>MUST</bcp14> be sent to <eref
target="drip-reg-review@ietf.org"/> and be evaluated within a
three-week review period on the advice of one or more designated
experts. Within that review period, the designated experts will
either approve or deny the registration request, and communicate their
decision to the review list and IANA. Denials should include an
explanation and, if applicable, suggestions to successfully register the
prefix.
</t>
<t>
Registration requests that are undetermined for a period longer
than 28 days can be brought to the IESG's attention for resolution.
</t>
</section>
<section anchor="HHIT_Suite_IDs" numbered="true" toc="default">
<name>HHIT Suite IDs</name>
<t> This 8-bit value subregistry is a superset of the 4/8-bit
"HIT Suite ID" subregistry of the "Host Identity Protocol "HIT Suite ID" subregistry of the "Host Identity Protocol
(HIP) Parameters" registry in <xref target="IANA-HIP" (HIP) Parameters" registry <xref target="IANA-HIP"
format="default"/>. Future additions to this subregistry format="default"/>. Future additions to this subregistry
are to be made through IETF Review (<xref target="RFC8126 " are to be made through IETF Review (<xref target="RFC8126 "
section="4.8" format="default"/>). The following HHIT section="4.8" format="default"/>). The following HHIT
Suite IDs are defined: Suite IDs are defined.
</dd> </t>
</dl> <table>
<artwork name="" type="" align="left" alt=""> <name>Registered HHIT Suite IDs</name>
<![CDATA[ <thead>
HHIT Suite Value Reference <tr>
RESERVED 0
RSA,DSA/SHA-256 1 [RFC7401] <th>HHIT Suite</th>
ECDSA/SHA-384 2 [RFC7401] <th>Value</th>
ECDSA_LOW/SHA-1 3 [RFC7401] <th>Reference</th>
EdDSA/cSHAKE128 TBD3 (suggested value 5) [This] </tr>
HDA Private Use 1 TBD4 (suggested value 254) [This] </thead>
HDA Private Use 2 TBD5 (suggested value 255) [This] <tbody>
]]> <tr>
</artwork>
<ul empty="true"> <td>RESERVED</td>
<li> <td>0</td>
The HHIT Suite ID values 1 - 31 are reserved for IDs that MUST <td>RFC 9374</td>
</tr>
<tr>
<td>RSA,DSA/SHA-256</td>
<td>1</td>
<td><xref target="RFC7401"/></td>
</tr>
<tr>
<td>ECDSA/SHA-384</td>
<td>2</td>
<td><xref target="RFC7401"/></td>
</tr>
<tr>
<td>ECDSA_LOW/SHA-1</td>
<td>3</td>
<td><xref target="RFC7401"/></td>
</tr>
<tr>
<td>EdDSA/cSHAKE128</td>
<td>5</td>
<td>RFC 9374</td>
</tr>
<tr>
<td>HDA Private Use 1</td>
<td>254</td>
<td>RFC 9374</td>
</tr>
<tr>
<td>HDA Private Use 2</td>
<td>255</td>
<td>RFC 9374</td>
</tr>
</tbody>
</table>
<t>
The HHIT Suite ID values 1 - 31 are reserved for IDs that <bcp14>
MUST</bcp14>
be replicated as HIT Suite IDs (<xref target="IANA_HIP_reg" be replicated as HIT Suite IDs (<xref target="IANA_HIP_reg"
format="default"/>) as is TBD3 here. Higher values (32 - 255) format="default"/>) as is 5 here. Higher values (32 - 255)
are for those Suite IDs that need not or cannot be accommodated are for those Suite IDs that need not or cannot be accommodated
as a HIT Suite ID. as a HIT Suite ID.
</li> </t>
</ul> </section>
</section> </section>
<section anchor="IANA_CGA_reg" numbered="true" toc="default"> <name>IANA CGA Reg istry Update</name> <section anchor="IANA_CGA_reg" numbered="true" toc="default"> <name>IANA CGA Reg istry Update</name>
<t> <t>
This document requests that this document be added to the This document has been added as a
reference field for the "CGA Extension Type Tags" registry <xref reference for the "CGA Extension Type Tags" registry <xref
target="IANA-CGA" format="default"/>, where IANA registers the target="IANA-CGA" format="default"/>. IANA has the
following Context ID: following Context ID in this registry:
</t> </t>
<dl newline="true"> <dl newline="true">
<dt>Context ID:</dt> <dt>Context ID:</dt>
<dd> <dd>
The Context ID (<xref target="HHIT" format="default"/>) The Context ID (<xref target="HHIT" format="default"/>)
shares the namespace introduced for CGA Type Tags. Defini shares the namespace introduced for CGA Type Tags. The fo
ng llowing Context ID is defined per the rules in <xref target="RFC3972"
new Context IDs follow the rules in <xref target="RFC3972
"
section="8" format="default"/>: section="8" format="default"/>:
</dd> </dd>
</dl> </dl>
<artwork name="" type="" align="left" alt="">
<![CDATA[ <table anchor="context_id">
Context ID := 0x00B5 A69C 795D F5D5 F008 7F56 843F 2C40 [This] <name>CGA Extension Type Tags</name>
]]> <thead>
</artwork> <tr>
<th>CGA Type Tag</th>
<th>Reference</th>
</tr>
</thead>
<tbody>
<tr>
<td>0x00B5 A69C 795D F5D5 F008 7F56 843F 2C40</td>
<td>RFC 9374</td>
</tr>
</tbody>
</table>
</section> </section>
<section anchor="IANA_HIP_reg" numbered="true" toc="default"> <name>IANA HIP Reg istry Updates</name> <section anchor="IANA_HIP_reg" numbered="true" toc="default"> <name>IANA HIP Reg istry Updates</name>
<t> <t>IANA has updated the "Host Identity Protocol (HIP) Parameters" registry <xref
This document requests IANA to make the following changes to the target="IANA-HIP" format="default"/> as described below.</t>
IANA "Host Identity Protocol (HIP) Parameters" <xref
target="IANA-HIP" format="default"/> registry:
</t>
<dl newline="true"> <dl newline="true">
<dt>Host ID:</dt> <dt>Host ID:</dt>
<dd> <dd>
This document defines the new EdDSA Host ID with value TB This document defines the new EdDSA Host ID with value 13
D1 (<xref target="host_id" format="default"/>)
(suggested: 13) (<xref target="host_id" format="default"/
>)
in the "HI Algorithm" subregistry of the "Host Identity in the "HI Algorithm" subregistry of the "Host Identity
Protocol (HIP) Parameters" registry. Protocol (HIP) Parameters" registry.
</dd> </dd>
</dl> </dl>
<artwork name="" type="" align="left" alt=""> <table>
<![CDATA[ <name>Registered HI Algorithm</name>
Algorithm <thead>
profile Value Reference <tr>
<th>Algorithm
Profile</th>
<th>Value</th>
<th>Reference</th>
</tr>
</thead>
<tbody>
<tr>
<td>EdDSA</td>
<td>13</td>
<td><xref target="RFC8032"/></td>
</tr>
</tbody>
</table>
EdDSA TBD1 (suggested value 13) [RFC8032]
]]>
</artwork>
<dl newline="true"> <dl newline="true">
<dt>EdDSA Curve Label:</dt> <dt>EdDSA Curve Label:</dt>
<dd> <dd>
This document specifies a new algorithm-specific This document specifies a new algorithm-specific
subregistry named "EdDSA Curve Label". The values for thi s subregistry named "EdDSA Curve Label". The values for thi s
subregistry are defined in <xref target="HIP_EdDSA_Parm" subregistry are defined in <xref target="HIP_EdDSA_Parm"
format="default"/>. Future additions to this subregistry format="default"/>. Future additions to this subregistry
are to be made through IETF Review (<xref target="RFC8126 " are to be made through IETF Review (<xref target="RFC8126 "
section="4.8" format="default"/>). section="4.8" format="default"/>).
</dd> </dd>
</dl> </dl>
<artwork name="" type="" align="left" alt=""> <table>
<![CDATA[ <name>Registered EdDSA Curve Labels</name>
Algorithm Curve Values Reference <thead>
<tr>
<th>Algorithm</th>
<th>Curve</th>
<th>Value</th>
<th>Reference</th>
</tr>
</thead>
<tbody>
<tr>
<td>EdDSA</td>
<td>RESERVED</td>
<td>0</td>
<td>RFC 9374</td>
</tr>
<tr>
<td>EdDSA</td>
<td>EdDSA25519</td>
<td>1</td>
<td><xref target="RFC8032"/></td>
</tr>
<tr>
<td>EdDSA</td>
<td>EdDSA25519ph</td>
<td>2</td>
<td><xref target="RFC8032"/></td>
</tr>
<tr>
<td>EdDSA</td>
<td>EdDSA448</td>
<td>3</td>
<td><xref target="RFC8032"/></td>
</tr>
<tr>
<td>EdDSA</td>
<td>EdDSA448ph</td>
<td>4</td>
<td><xref target="RFC8032"/></td>
</tr>
<tr>
<td></td>
<td></td>
<td>5-65535</td>
<td>Unassigned</td>
</tr>
</tbody>
</table>
EdDSA RESERVED 0
EdDSA EdDSA25519 1 [RFC8032]
EdDSA EdDSA25519ph 2 [RFC8032]
EdDSA EdDSA448 3 [RFC8032]
EdDSA EdDSA448ph 4 [RFC8032]
5-65535 Unassigned
]]>
</artwork>
<dl newline="true"> <dl newline="true">
<dt>HIT Suite ID:</dt> <dt>HIT Suite ID:</dt>
<dd> <dd>
This document defines the new HIT Suite of EdDSA/cSHAKE This document defines the new HIT Suite of EdDSA/cSHAKE
with value TBD3 (suggested: 5) (<xref with value 5 (<xref
target="hit_suite_list" format="default"/>) in the "HIT target="hit_suite_list" format="default"/>) in the "HIT
Suite ID" subregistry of the "Host Identity Protocol (HIP ) Suite ID" subregistry of the "Host Identity Protocol (HIP )
Parameters" registry. Parameters" registry.
</dd> </dd>
</dl> </dl>
<artwork name="" type="" align="left" alt=""> <table>
<![CDATA[ <name>Registered HIT Suite of EdDSA/cSHAKE</name>
HIT Suite Value Reference <thead>
EdDSA/cSHAKE128 TBD3 (suggested value 5) [This] <tr>
]]> <th>Suite ID</th>
</artwork> <th>Value</th>
<th>Reference</th>
</tr>
</thead>
<tbody>
<tr>
<td>EdDSA/cSHAKE128</td>
<td>5</td>
<td>RFC 9374</td>
</tr>
</tbody>
</table>
<ul empty="true"> <ul empty="true">
<li> <li>
The HIT Suite ID 4-bit values 1 - 15 and 8-bit values 0x00 - The HIT Suite ID 4-bit values 1 - 15 and 8-bit values 0x00 -
0x0F MUST be replicated as HHIT Suite IDs (<xref 0x0F <bcp14>MUST</bcp14> be replicated as HHIT Suite IDs (<xref
target="IANA_DRIP_reg" format="default"/>) as is TBD3 here. target="IANA_DRIP_reg" format="default"/>) as is 5 here.
</li> </li>
</ul> </ul>
<!-- <dl newline="true">
<dt>HIT Suite ID eight-bit encoding:</dt>
<dd>
This document defines the first four-bit encoded HIT Suit
e
IDs as defined in <xref target="RFC7401" section="5.2.10"
format="default"/>. These are the new HDA domain HIT
Suites with values TBD4 and TBD5 (suggested values: 0x0E
and 0x0F) (<xref target="HDA_OGA"
format="default"/>). IANA is requested to expand the "HIT
Suite ID" subregistry of the "Host Identity Protocol (HIP
)
Parameters" registry to show both the four-bit and
eight-bit values as shown in <xref target="RFC7401"
section="5.2.10" format="default"/> and add these new
values that only have 8-bit representations.
</dd> -->
</section> </section>
<!--<section anchor="IANA_IPSECKEY_reg" numbered="true" toc="default"> <name>IAN
A IPSECKEY Registry Update</name>
<t>
This document requests IANA to make the following change to the
"IPSECKEY Resource Record Parameters" <xref
target="IANA-IPSECKEY" format="default"/> registry:
</t>
<dl newline="true">
<dt>IPSECKEY:</dt>
<dd>
This document defines the new IPSECKEY value TBD2
(suggested: 4) (<xref target="HIP_DNS_RR"
format="default"/>) in the "Algorithm Type Field"
subregistry of the "IPSECKEY Resource Record Parameters"
registry.
</dd>
</dl>
<artwork name="" type="" align="left" alt="">
<![CDATA[
Value Description Reference
TBD2 (suggested value 4) [This]
An EdDSA key is present, in the format defined in [RFC8080]
]]>
</artwork>
</section> -->
</section> </section>
<section anchor="security-considerations" numbered="true" toc="default"> <name>S ecurity Considerations</name> <section anchor="security-considerations" numbered="true" toc="default"> <name>S ecurity Considerations</name>
<t> <t>
The 64-bit hash in HHITs presents a real risk of second pre-image The 64-bit hash in HHITs presents a real risk of second pre-image
cryptographic hash attack <xref target="Collision" cryptographic hash attack (see <xref target="Collision"
format="default"/>. There are no known (to the authors) studies of format="default"/>). There are no known (to the authors) studies of
hash size to cryptographic hash attacks. hash size impact on cryptographic hash attacks.
</t> </t>
<t> <t>
However, with today's computing power, producing 2^64 EdDSA However, with today's computing power, producing 2<sup>64</sup> EdDSA
keypairs and then generating the corresponding HHIT is economically keypairs and then generating the corresponding HHIT is economically
feasible. Consider that a *single* bitcoin mining ASIC can do on feasible. Consider that a *single* bitcoin mining ASIC can do on
the order of 2^46 sha256 hashes a second or about 2^62 hashes in a the order of 2<sup>46</sup> sha256 hashes per second or about 2<sup>62</s
single day. The point being, 2^64 is not prohibitive, especially up> hashes in a
single day. The point being, 2<sup>64</sup> is not prohibitive, especial
ly
as this can be done in parallel. as this can be done in parallel.
</t> </t>
<t> <t>
Now it should be noted that the 2^64 attempts is for stealing a Note that the 2<sup>64</sup> attempts is for stealing a
specific HHIT. Consider a scenario of a street photography company specific HHIT. Consider a scenario of a street photography company
with 1,024 UAs (each with its own HHIT); an attacker may well be with 1,024 UAs (each with its own HHIT); an attacker may well be
satisfied stealing any one of them. Then rather than needing to satisfied stealing any one of them. Then, rather than needing to
satisfy a 64-bit condition on the cSHAKE128 output, an attacker satisfy a 64-bit condition on the cSHAKE128 output, an attacker
needs only to satisfy what is equivalent to a 54-bit condition only needs to satisfy what is equivalent to a 54-bit condition
(since there are 2^10 more opportunities for success). (since there are 2<sup>10</sup> more opportunities for success).
</t> </t>
<t> <t>
Thus, although the probability of a collision or pre-image attack Thus, although the probability of a collision or pre-image attack
is low in a collection of 1,024 HHITs out of a total population of is low in a collection of 1,024 HHITs out of a total population of
2^64, per <xref target="Collision" format="default"/>, it is 2<sup>64</sup> (per <xref target="Collision" format="default"/>), it is
computationally and economically feasible. Therefore, the HHIT computationally and economically feasible. Therefore, the HHIT
registration is a MUST and HHIT/HI registration validation SHOULD registration is a <bcp14>MUST</bcp14> and HHIT/HI registration validation <bcp14>SHOULD</bcp14>
be performed by Observers either through registry lookups or via be performed by Observers either through registry lookups or via
broadcasted registration proofs (<xref target="I-D.ietf-drip-auth" broadcasted registration proofs (<xref target="I-D.ietf-drip-auth"
section="3.1.2" format="default"/>). section="3.1.2" format="default"/>).
</t> </t>
<t> <t>
The DET Registry services effectively block attempts to "take over" The DET Registry services effectively block attempts to "take over"
or "hijack" a DET. It does not stop a rogue attempting to or "hijack" a DET. It does not stop a rogue attempting to
impersonate a known DET. This attack can be mitigated by the impersonate a known DET. This attack can be mitigated by the
receiver of messages containing DETs using DNS to find the HI for receiver of messages containing DETs using DNS to find the HI for
the DET. As such, use of DNSSEC by the DET registries is the DET. As such, use of DNSSEC by the DET registries is
skipping to change at line 1577 skipping to change at line 1722
section="3.1.2" format="default"/>). section="3.1.2" format="default"/>).
</t> </t>
<t> <t>
The DET Registry services effectively block attempts to "take over" The DET Registry services effectively block attempts to "take over"
or "hijack" a DET. It does not stop a rogue attempting to or "hijack" a DET. It does not stop a rogue attempting to
impersonate a known DET. This attack can be mitigated by the impersonate a known DET. This attack can be mitigated by the
receiver of messages containing DETs using DNS to find the HI for receiver of messages containing DETs using DNS to find the HI for
the DET. As such, use of DNSSEC by the DET registries is the DET. As such, use of DNSSEC by the DET registries is
recommended to provide trust in HI retrieval. recommended to provide trust in HI retrieval.
</t> </t>
<t> <t>
Another mitigation of HHIT hijacking is if the HI owner (UA) Another mitigation of HHIT hijacking is when the HI owner (UA) supplies
supplies an object containing the HHIT and signed by the HI private an object containing the HHIT that is signed by the HI private key of the
key of the HDA such as detailed in <xref HDA as detailed in <xref
target="I-D.ietf-drip-auth" format="default"/>. target="I-D.ietf-drip-auth" format="default"/>.
</t> </t>
<t> <t>
The two risks with hierarchical HITs are the use of an invalid HID The two risks with HHITs are the use of an invalid HID
and forced HIT collisions. The use of a DNS zone (e.g., and forced HIT collisions. The use of a DNS zone (e.g.,
"det.arpa.") is a strong protection against invalid HIDs. Querying "det.arpa.") is strong protection against invalid HIDs. Querying
an HDA's RVS for a HIT under the HDA protects against talking to an HDA's RVS for a HIT under the HDA protects against talking to
unregistered clients. The Registry service <xref unregistered clients. The Registry service <xref
target="I-D.ietf-drip-registries" format="default"/>, target="I-D.ietf-drip-registries" format="default"/>,
through its HHIT uniqueness enforcement, provides against forced or through its HHIT uniqueness enforcement, provides against forced or
accidental HHIT hash collisions. accidental HHIT hash collisions.
</t> </t>
<t> <t>
Cryptographically Generated Addresses (CGAs) provide an assurance Cryptographically Generated Addresses (CGAs) provide an assurance
of uniqueness. This is two-fold. The address (in this case the of uniqueness. This is two-fold. The address (in this case the
UAS ID) is a hash of a public key and a Registry hierarchy naming. UAS ID) is a hash of a public key and a Registry hierarchy naming. Collis
Collision resistance (more important that it implied ion
second-preimage resistance) makes it statistically challenging to resistance (and more importantly, the implied second-preimage
attacks. A registration process <xref resistance) makes attacks statistically challenging.
A registration process <xref
target="I-D.ietf-drip-registries" format="default"/> within target="I-D.ietf-drip-registries" format="default"/> within
the HDA provides a level of assured uniqueness unattainable without the HDA provides a level of assured uniqueness unattainable without
mirroring this approach. mirroring this approach.
</t> </t>
<t> <t>
The second aspect of assured uniqueness is the digital signing The second aspect of assured uniqueness is the digital signing
(evidence) process of the DET by the HI private key and the (evidence) process of the DET by the HI private key and the
further signing (evidence) of the HI public key by the further signing (evidence) of the HI public key by the
Registry's key. This completes the ownership process. The Registry's key. This completes the ownership process. The
observer at this point does not know what owns the DET, but is observer at this point does not know what owns the DET but is
assured, other than the risk of theft of the HI private key, that assured, other than the risk of theft of the HI private key, that
this UAS ID is owned by something and is properly registered. this UAS ID is owned by something and it is properly registered.
</t> </t>
<section anchor="post-quantum-computing-out-of-scope"><name>Post Quantum Computi ng out of scope</name> <section anchor="post-quantum-computing-out-of-scope"><name>Post-Quantum Computi ng Is Out of Scope</name>
<t> <t>
As stated in <xref target="I-D.ietf-drip-arch" section="8.1" As stated in <xref target="I-D.ietf-drip-arch" section="8.1"
format="default" />, there has been no effort, at this time, to format="default" />, there has been no effort to
address post quantum computing cryptography. UAs and Broadcast address post-quantum computing cryptography. UAs and Broadcast
Remote ID communications are so constrained that current post Remote ID communications are so constrained that current post-quantum com
quantum computing cryptography is not applicable. Plus since a UA puting cryptography is not applicable. In addition, because a UA
may use a unique DET for each operation, the attack window could be may use a unique DET for each operation, the attack window could be
limited to the duration of the operation. limited to the duration of the operation.
</t> </t>
<t> <t>
HHITs contain the ID for the cryptographic suite used in its HHITs contain the ID for the cryptographic suite used in its
creation, a future post quantum computing safe algorithm that fits creation, a future algorithm that is safe for post-quantum computing
the Remote ID constraints may readily be added. that fits the Remote ID constraints may readily be added.
</t> </t>
</section> </section>
<section anchor="DET_trust" numbered="true" toc="default"> <name>DET Trust in AS <section anchor="DET_trust" numbered="true" toc="default"> <name>DET Trust in AS
TM messaging</name> TM Messaging</name>
<t> <t>
The DET in the ASTM Basic ID Message (Msg Type 0x0, the actual The DET in the ASTM Basic ID Message (Msg Type 0x0, the actual
Remote ID message) does not provide any assertion of trust. The Remote ID message) does not provide any assertion of trust.
best that might be done within this Basic ID Message is 4 bytes Truncating 4 bytes from a HI signing of the HHIT (the UA ID field is
truncated from a HI signing of the HHIT (the UA ID field is 20 20 bytes and a HHIT is 16) within this Basic ID Message is the best
bytes and a HHIT is 16). This is not trustable; that is, too open that can be done. This is not trustable, as it is too open
to a hash attack. Minimally, it takes 84 bytes (<xref to a hash attack. Minimally, it takes 88 bytes (<xref
target="RID_Auth" format="default"/>) to prove ownership of target="RID_Auth" format="default"/>) to prove ownership of
a DET with a full EdDSA signature. Thus, no attempt has been made a DET with a full EdDSA signature. Thus, no attempt has been made
to add DET trust directly within the very small Basic ID Message. to add DET trust directly within the very small Basic ID Message.
</t> </t>
<t> <t>
The ASTM Authentication Message (Msg Type 0x2) as shown in <xref The ASTM Authentication Message (Msg Type 0x2) as shown in <xref
target="RID_Auth" format="default"/> can provide practical actual target="RID_Auth" format="default"/> can provide actual
ownership proofs. These endorsements and evidences include ownership proofs in a practical manner. The endorsements and evidence in
timestamps to defend against replay attacks. But in themselves, clude
they do not prove which UA sent the message. They could have been timestamps to defend against replay attacks, but
they do not prove which UA sent the message. The messages could have been
sent by a dog running down the street with a Broadcast Remote ID sent by a dog running down the street with a Broadcast Remote ID
module strapped to its back. module strapped to its back.
</t> </t>
<t> <t>
Proof of UA transmission comes when the Authentication Message Proof of UA transmission comes, for example, when the Authentication Message
includes proofs for the ASTM Location/Vector Message (Msg Type 0x1) includes proof of the ASTM Location/Vector Message (Msg Type 0x1)
and the observer can see the UA or that information is validated by and a) the observer can see the UA or b) the location information is validate
ground multilateration. Only then does an observer gain full trust d by
ground multilateration. Only then does an observer gain full trust
in the DET of the UA. in the DET of the UA.
</t> </t>
<t> <t>
DETs obtained via the Network RID path provides a different DETs obtained via the Network RID path provide a different
approach to trust. Here the UAS SHOULD be securely communicating approach to trust. Here the UAS <bcp14>SHOULD</bcp14> be securely commun
icating
to the USS, thus asserting DET trust. to the USS, thus asserting DET trust.
</t> </t>
</section> </section>
<section anchor="Revocation" numbered="true" toc="default"> <name>DET Revocation </name> <section anchor="Revocation" numbered="true" toc="default"> <name>DET Revocation </name>
<t> <t>
The DNS entry for the DET can also provide a revocation service. The DNS entry for the DET can also provide a revocation service.
For example, instead of returning the HI RR it may return some For example, instead of returning the HI RR, it may return some
record showing that the HI (and thus DET) has been revoked. record showing that the HI (and thus DET) has been revoked.
Guidance on revocation service will be provided in <xref Guidance on revocation service will be provided in <xref
target="I-D.ietf-drip-registries" format="default"/>. target="I-D.ietf-drip-registries" format="default"/>.
</t> </t>
</section> </section>
<section anchor="DET_privacy" numbered="true" toc="default"> <name>Privacy Consi derations</name> <section anchor="DET_privacy" numbered="true" toc="default"> <name>Privacy Consi derations</name>
<t> <t>
There is no expectation of privacy for DETs; it is not part of the There is no expectation of privacy for DETs; it is not part of the
privacy normative requirements listed in, <xref target="RFC9153" normative privacy requirements listed in <xref target="RFC9153"
section="4.3.1," format="default"/>. DETs are broadcast in the section="4.3.1" format="default"/>. DETs are broadcast in the
clear over the open air via Bluetooth and Wi-Fi. They will be clear over the open air via Bluetooth and Wi-Fi. They will be
collected and collated with other public information about the UAS. collected and collated with other public information about the UAS.
This will include DET registration information and location and This will include DET registration information and location and
times of operations for a DET. A DET can be for the life of a UA times of operations for a DET. A DET can be for the life of a UA
if there is no concern about DET/UA activity harvesting. if there is no concern about DET/UA activity harvesting.
</t> </t>
<t> <t>
Further, the MAC address of the wireless interface used for Remote Further, the Media Access Control (MAC) address of the wireless interface used for Remote
ID broadcasts are a target for UA operation aggregation that may ID broadcasts are a target for UA operation aggregation that may
not be mitigated through MAC address randomization. For Bluetooth not be mitigated through MAC address randomization. For Bluetooth
4 Remote ID messaging, the MAC address is used by observers to link 4 Remote ID messaging, the MAC address is used by observers to link
the Basic ID Message that contains the RID with other Remote ID the Basic ID Message that contains the RID with other Remote ID
messages, thus must be constant for a UA operation. This message messages, thus it must be constant for a UA operation. This use of
linkage use of MAC addresses may not be needed with the Bluetooth 5 MAC addresses to link messages may not be needed with the Bluetooth 5
or Wi-Fi PHYs. These PHYs provide for a larger message payload and or Wi-Fi PHYs. These PHYs provide for a larger message payload and
can use the Message Pack (Msg Type 0xF) and the Authentication can use the Message Pack (Msg Type 0xF) and the Authentication
Message to transmit the RID with other Remote ID messages. However, Message to transmit the RID with other Remote ID messages. However,
it is not mandatory to send the RID in a Message Pack or sending the RID in a Message Pack or
Authentication Message, so allowance for using the MAC address for Authentication Message is not mandatory, so using the MAC address for
UA message linking must be maintained. That is, the MAC address UA message linking must be allowed. That is, the MAC address
should be stable for at least a UA operation. should be stable for at least a UA operation.
</t> </t>
<t> <t>
Finally, it is not adequate to simply change the DET and MAC for a Finally, it is not adequate to simply change the DET and MAC for a
UA per operation to defeat historically tracking a UA's activity. UA per operation to defeat tracking the history of the UA's activity.
</t> </t>
<t> <t>
Any changes to the UA MAC may have impacts to C2 setup and Any changes to the UA MAC may have impacts to C2 setup and
use. A constant GCS MAC may well defeat any privacy gains in UA use. A constant GCS MAC may well defeat any privacy gains in UA
MAC and RID changes. UA/GCS binding is complicated with changing MAC and RID changes. UA/GCS binding is complicated if the UA MAC address
MAC addresses; historically UAS design assumed these to be can change;
historically, UAS design assumed these to be
"forever" and made setup a one-time process. Additionally, if IP "forever" and made setup a one-time process. Additionally, if IP
is used for C2, a changing MAC may mean a changing IP address to is used for C2, a changing MAC may mean a changing IP address to
further impact the UAS bindings. Finally, an encryption wrapper's further impact the UAS bindings. Finally, an encryption wrapper's
identifier (such as ESP <xref target="RFC4303"/> SPI) would need to identifier (such as ESP <xref target="RFC4303"/> SPI) would need to
change per operation to insure operation tracking separation. change per operation to ensure operation tracking separation.
</t> </t>
<t> <t>
Creating and maintaining UAS operational privacy is a multifaceted Creating and maintaining UAS operational privacy is a multifaceted
problem. Many communication pieces need to be considered to truly problem. Many communication pieces need to be considered to truly
create a separation between UA operations. Simply changing the DET create a separation between UA operations. Changing the DET
only starts the changes that need to be implemented. is only the start of the changes that need to be implemented.
</t> </t>
<t> <t>
These privacy realities may present challenges for the EU U-space These privacy realities may present challenges for the European Union (EU ) U-space
(<xref target="Uspace"/>) program. (<xref target="Uspace"/>) program.
</t> </t>
</section> </section>
<section anchor="Collision" numbered="true" toc="default"> <name>Collision Risks with DETs</name> <section anchor="Collision" numbered="true" toc="default"> <name>Collision Risks with DETs</name>
<t> <t>
The 64-bit hash size here for DETs does have an increased risk of The 64-bit hash size here for DETs does have an increased risk of
collisions over the 96-bit hash size used for the ORCHID <xref collisions over the 96-bit hash size used for the ORCHID <xref
target="RFC7343" format="default"/> construct. There is a 0.01% target="RFC7343" format="default"/> construct. There is a 0.01%
probability of a collision in a population of 66 million. The probability of a collision in a population of 66 million. The
probability goes up to 1% for a population of 663 million. See probability goes up to 1% for a population of 663 million. See
<xref target="Coll_Prob" format="default"/> for the collision <xref target="Coll_Prob" format="default"/> for the collision
probability formula. probability formula.
</t> </t>
<t> <t>
However, this risk of collision is within a single "Additional However, this risk of collision is within a single "Additional
Information" value, i.e., a RAA/HDA domain. The UAS/USS Information" value, i.e., a RAA/HDA domain. The UAS/USS
registration process should include registering the DET and MUST registration process should include registering the DET and <bcp14>MUST</ bcp14>
reject a collision, forcing the UAS to generate a new HI and thus reject a collision, forcing the UAS to generate a new HI and thus
HHIT and reapplying to the DET registration process (<xref HHIT and reapplying to the DET registration process (<xref
target="I-D.ietf-drip-registries" section="6" format="default"/>). target="I-D.ietf-drip-registries" section="6" format="default"/>).
</t> </t>
<t> <t>
Thus an adversary trying to generate a collision and 'steal' the Thus an adversary trying to generate a collision and 'steal' the
DET would run afoul of this registration process and associated DET would run afoul of this registration process and associated
validation process mentioned in <xref target="x509" validation process mentioned in <xref target="x509"
format="default"/>. format="default"/>.
</t> </t>
</section> </section>
</section> </section>
</middle> </middle>
<back> <back>
<displayreference target="I-D.ietf-drip-registries" to="drip-registries"/> <displayreference target="I-D.ietf-drip-registries" to="DRIP-REG"/>
<displayreference target="I-D.ietf-drip-arch" to="drip-architecture"/> <displayreference target="I-D.ietf-drip-arch" to="DRIP-ARCH"/>
<displayreference target="I-D.ietf-drip-auth" to="drip-authentication"/> <displayreference target="I-D.ietf-drip-auth" to="DRIP-AUTH"/>
<displayreference target="I-D.moskowitz-ipsecme-ipseckey-eddsa" to="ipseckey-edd
sa"/>
<displayreference target="DOI_10.6028_NIST.FIPS.202" to="NIST.FIPS.202"/> <displayreference target="DOI_10.6028_NIST.FIPS.202" to="NIST.FIPS.202"/>
<displayreference target="DOI_10.6028_NIST.SP.800-185" to="NIST.SP.800-185"/> <displayreference target="DOI_10.6028_NIST.SP.800-185" to="NIST.SP.800-185"/>
<references> <name>References</name> <references> <name>References</name>
<references title="Normative References"> <references title="Normative References">
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.21 19.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.21 19.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.68 90.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.68 90.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.73 43.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.73 43.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.74 01.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.74 01.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.80 05.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.80 05.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.80 32.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.80 32.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.81 26.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.81 26.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.81 74.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.81 74.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml7/reference.DOI.1 0.6028/NIST.FIPS.202.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml7/reference.DOI.1 0.6028/NIST.FIPS.202.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml7/reference.DOI.1 0.6028/NIST.SP.800-185.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml7/reference.DOI.1 0.6028/NIST.SP.800-185.xml"/>
<xi:include href="https://datatracker.ietf.org/doc/bibxml3/draft-moskowit
z-ipsecme-ipseckey-eddsa.xml"/> <reference anchor="RFC9373" target="https://www.rfc-editor.org/info/rfc9373">
<front>
<title>EdDSA Value for IPSECKEY</title>
<author initials="R." surname="Moskowitz" fullname="Robert Moskowitz">
<organization>HTT Consulting</organization>
</author>
<author initials="T." surname="Kivinen" fullname="Tero Kivinen"> </author>
<author initials="M." surname="Richardson" fullname="Michael Richardson">
<organization>Sandelman Software Works</organization>
</author>
<date month="February" year="2023"/>
</front>
<seriesInfo name="RFC" value="9373"/>
<seriesInfo name="DOI" value="10.17487/RFC9373"/>
</reference>
</references> </references>
<references title="Informative References"> <references title="Informative References">
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.39 72.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.39 72.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.40 25.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.40 25.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.40 34.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.40 34.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.41 22.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.41 22.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.43 03.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.43 03.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.52 80.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.52 80.xml"/>
<!-- <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refere nce.RFC.5730.xml"/> --> <!-- <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refere nce.RFC.5730.xml"/> -->
<!-- <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refere nce.RFC.7858.xml"/> --> <!-- <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refere nce.RFC.7858.xml"/> -->
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.80 04.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.80 04.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.82 00.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.82 00.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.90 63.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.90 63.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.91 53.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.91 53.xml"/>
<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.92 24.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.92 24.xml"/>
<xi:include href="https://datatracker.ietf.org/doc/bibxml3/draft-ietf-dri p-arch.xml"/> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/draft-ietf-dri p-arch.xml"/>
<xi:include href="https://datatracker.ietf.org/doc/bibxml3/draft-ietf-dri p-auth.xml"/> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/draft-ietf-dri p-auth.xml"/>
<xi:include href="https://datatracker.ietf.org/doc/bibxml3/draft-ietf-dri p-registries.xml"/> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/draft-ietf-dri p-registries.xml"/>
<reference anchor="IANA-CGA" target="https://www.iana.org/assignments/cg a-message-types/cga-message-types.xhtml"> <reference anchor="IANA-CGA" target="https://www.iana.org/assignments/cg a-message-types">
<front> <front>
<title>Cryptographically Generated Addresses (CGA) Messag e Type Name Space</title> <title>Cryptographically Generated Addresses (CGA) Messag e Type Name Space</title>
<author><organization>IANA</organization></author> <author><organization>IANA</organization></author>
</front> </front>
</reference> </reference>
<reference anchor="IANA-HIP" target="https://www.iana.org/assignments/hi <reference anchor="HHSI" target="https://www.iana.org/assignments/drip">
p-parameters/hip-parameters.xhtml">
<front>
<title>Hierarchical HIT (HHIT) Suite IDs</title>
<author initials="" surname="" fullname="">
<organization>IANA</organization>
</author>
</front>
</reference>
<reference anchor="IANA-HIP" target="https://www.iana.org/assignments/hi
p-parameters">
<front> <front>
<title>Host Identity Protocol (HIP) Parameters</title> <title>Host Identity Protocol (HIP) Parameters</title>
<author><organization>IANA</organization></author> <author><organization>IANA</organization></author>
</front> </front>
</reference> </reference>
<reference anchor="F3411-22a" target="https://www.astm.org/f3411-22a.htm l"> <reference anchor="F3411-22a" target="https://www.astm.org/f3411-22a.htm l">
<front> <front>
<title>Standard Specification for Remote ID and Tracking - F3411−22a</title> <title>Standard Specification for Remote ID and Tracking - F3411−22a</title>
<author><organization>ASTM International</organization></ author> <author><organization>ASTM International</organization></ author>
<date month="07" year="2022" /> <date month="07" year="2022" />
</front> </front>
</reference> </reference>
<reference anchor="cfrg-comment" target="https://mailarchive.ietf.org/arc
h/msg/cfrg/tAJJq60W6TlUv7_pde5cw5TDTCU/"> <reference anchor="IPv6-SPECIAL" target="https://www.iana.org/assignments/ian
a-ipv6-special-registry/">
<front>
<title>IANA IPv6 Special-Purpose Address Registry</title>
<author initials="" surname="" fullname="">
<organization>IANA</organization>
</author>
</front>
</reference>
<reference anchor="CFRG-COMMENT" target="https://mailarchive.ietf.org/arc
h/msg/cfrg/tAJJq60W6TlUv7_pde5cw5TDTCU/">
<front> <front>
<title>A CFRG review of draft-ietf-drip-rid</title> <title>Please review draft-ietf-drip-rid</title>
<author/> <author initials="N" surname="Gajcowski" fullname="Nicholas H Gajcowski"/>
<date month="9" year="2021"/> <date day="23" month="9" year="2021"/>
</front> </front>
<refcontent>message to the CFRG mailing list</refcontent>
</reference> </reference>
<reference anchor="CTA2063A" target="https://shop.cta.tech/products/small -unmanned-aerial-systems-serial-numbers"> <reference anchor="CTA2063A" target="https://shop.cta.tech/products/small -unmanned-aerial-systems-serial-numbers">
<front> <front>
<title>Small Unmanned Aerial Systems Serial Numbers</title> <title>Small Unmanned Aerial Systems Serial Numbers</title>
<author> <author>
<organization>ANSI/CTA</organization> <organization>ANSI/CTA</organization>
</author> </author>
<date month="09" year="2019"/> <date month="09" year="2019"/>
</front> </front>
</reference> </reference>
<reference anchor="corus" target="https://www.sesarju.eu/node/3411"> <reference anchor="CORUS" target="https://www.sesarju.eu/node/3411">
<front> <front>
<title>U-space Concept of Operations</title> <title>SESAR Concept of Operations for U-space</title>
<author> <author>
<organization>CORUS</organization> <organization>CORUS</organization>
</author> </author>
<date month="09" year="2019" /> <date day="9" month="09" year="2019" />
</front> </front>
</reference> </reference>
<reference anchor="Keccak" target="https://keccak.team/index.html"> <reference anchor="Keccak" target="https://keccak.team/index.html">
<front> <front>
<title>The Keccak Function</title> <title>Keccak Team</title>
<author fullname="Guido Bertoni" initials="G." surname="Bertoni"> <author fullname="Guido Bertoni" initials="G." surname="Bertoni">
<address/> <address/>
</author> </author>
<author fullname="Joan Daemen" initials="J." surname="Daemen"> <author fullname="Joan Daemen" initials="J." surname="Daemen">
<organization>Radboud University</organization> <organization>Radboud University</organization>
<address/> <address/>
</author> </author>
<author fullname="Michaël Peeters" initials="M." surname="Peeters"> <author fullname="Michaël Peeters" initials="M." surname="Peeters">
<organization>STMicroelectronics</organization> <organization>STMicroelectronics</organization>
<address/> <address/>
skipping to change at line 1868 skipping to change at line 2058
</author> </author>
<date/> <date/>
</front> </front>
</reference> </reference>
<reference anchor="FAA_RID" target="https://www.govinfo.gov/content/pkg/ FR-2021-01-15/pdf/2020-28948.pdf"> <reference anchor="FAA_RID" target="https://www.govinfo.gov/content/pkg/ FR-2021-01-15/pdf/2020-28948.pdf">
<front> <front>
<title>Remote Identification of Unmanned Aircraft</title> <title>Remote Identification of Unmanned Aircraft</title>
<author > <author >
<organization>United States Federal Aviation Admi nistration (FAA)</organization> <organization>United States Federal Aviation Admi nistration (FAA)</organization>
</author> </author>
<date year="2021"/> <date day="15" month="1" year="2021"/>
</front> </front>
</reference> </reference>
</references> </references>
</references> </references>
<section anchor="Uspace" numbered="true" toc="default"> <name>EU U-Space RID Pri vacy Considerations</name> <section anchor="Uspace" numbered="true" toc="default"> <name>EU U-Space RID Pri vacy Considerations</name>
<t> <t>
The EU is defining a future of airspace management known as U-space The EU is defining a future of airspace management known as U-space
within the Single European Sky ATM Research (SESAR) undertaking. within the Single European Sky ATM Research (SESAR) undertaking.
Concept of Operation for EuRopean UTM Systems (CORUS) project The Concept of Operation for EuRopean UTM Systems (CORUS) project
proposed low-level <xref target="corus" format="default">Concept of proposed low-level <xref target="CORUS" format="default">Concept of
Operations</xref> for UAS in the EU. It introduces strong Operations</xref> for UAS in the EU. It introduces strong
requirements for UAS privacy based on European GDPR regulations. requirements for UAS privacy based on European General Data Protection Re gulation (GDPR) regulations.
It suggests that UAs are identified with agnostic IDs, with no It suggests that UAs are identified with agnostic IDs, with no
information about UA type, the operators or flight trajectory. information about UA type, the operators, or flight trajectory.
Only authorized persons should be able to query the details of the Only authorized persons should be able to query the details of the
flight with a record of access. flight with a record of access.
</t> </t>
<t> <t>
Due to the high privacy requirements, a casual observer can only Due to the high privacy requirements, a casual observer can only
query U-space if it is aware of a UA seen in a certain area. A query U-space if it is aware of a UA seen in a certain area. A
general observer can use a public U-space portal to query UA general observer can use a public U-space portal to query UA
details based on the UA transmitted "Remote identification" signal. details based on the UA transmitted "Remote identification" signal.
Direct remote identification (DRID) is based on a signal Direct remote identification (DRID) is based on a signal
transmitted by the UA directly. Network remote identification transmitted by the UA directly. Network remote identification
skipping to change at line 1912 skipping to change at line 2102
</t> </t>
<t> <t>
The project lists "E-Identification" and "E-Registrations" services The project lists "E-Identification" and "E-Registrations" services
as to be developed. These services can use DETs and follow the privacy as to be developed. These services can use DETs and follow the privacy
considerations outlined in this document for DETs. considerations outlined in this document for DETs.
</t> </t>
<t> <t>
If an "agnostic ID" above refers to a completely random identifier, If an "agnostic ID" above refers to a completely random identifier,
it creates a problem with identity resolution and detection of it creates a problem with identity resolution and detection of
misuse. On the other hand, a classical HIT has a flat structure misuse. On the other hand, a classical HIT has a flat structure
which makes its resolution difficult. The DET (Hierarchical HIT) which makes its resolution difficult. The DET (HHIT)
provides a balanced solution by associating a registry with the UA provides a balanced solution by associating a registry with the UA
identifier. This is not likely to cause a major conflict with identifier. This is not likely to cause a major conflict with
U-space privacy requirements, as the registries are typically few U-space privacy requirements, as the registries are typically few
at a country level (e.g., civil personal, military, law at a country level (e.g., civil personal, military, law
enforcement, or commercial). enforcement, or commercial).
</t> </t>
</section> </section>
<section anchor="HID_Split" numbered="true" toc="default"> <name>The 14/14 HID s plit</name> <section anchor="HID_Split" numbered="true" toc="default"> <name>The 14/14 HID s plit</name>
<t> <t>
The following explains the logic behind selecting to divide the 28 The following explains the logic for dividing the 28
bits of the HID into 2 14-bit components. bits of the HID into two 14-bit components.
</t> </t>
<t> <t>
At this writing ICAO has 273 member "States", each may want to At this writing, the International Civil Aviation Organization (ICAO) has 193 member "States", and each may want to
control RID assignment within its National Air Space (NAS). Some control RID assignment within its National Air Space (NAS). Some
members may want separate RAAs to use for Civil, general members may want separate RAAs to use for Civil, general
Government, and Military use. They may also want allowances for Government, and Military use. They may also want allowances for
competing Civil RAA operations. It is reasonable to plan for 8 competing Civil RAA operations. It is reasonable to plan for eight
RAAs per ICAO member (plus regional aviation organizations like in RAAs per ICAO member (plus regional aviation organizations like in
the European Union). Thus at a start a 4,096 RAA space is advised. the EU). Thus, as a start, a space of 4,096 RAAs is advised.
</t> </t>
<t> <t>
There will be requests by commercial entities for their own, RAA There will be requests by commercial entities for their own RAA
allotments. Examples could include international organizations allotments. Examples could include international organizations
that will be using UAS and international delivery service that will be using UAS and international delivery service
associations. These may be smaller than the RAA space needed by associations. These may be smaller than the RAA space needed by
ICAO member States and could be met with a 2,048 space allotment, ICAO member States and could be met with a 2,048 space allotment;
but as will be seen, might as well be 4,096 as well. however, as will be seen, these might as well be 4,096 as well.
</t> </t>
<t> <t>
This may well cover currently understood RAA entities. There will This may well cover currently understood RAA entities. In the future, th
be future new applications, branching off into new areas. So yet ere will
be new applications, branching off into new areas, so yet
another space allocation should be set aside. If this is equal to another space allocation should be set aside. If this is equal to
all that has been reserved, we should allow for 16,384 (2^14) RAAs. all that has been reserved, we should allow for 16,384 (2<sup>14</sup>) R AAs.
</t> </t>
<t> <t>
The HDA allocation follows a different logic from that of RAAs. Per The HDA allocation follows a different logic from that of RAAs. Per
<xref target="Coll_Prob" format="default"/>, an HDA should be able <xref target="Coll_Prob" format="default"/>, an HDA should be able
to easily assign 63M RIDs and even manage 663M with a "first come, to easily assign 63M RIDs and even manage 663M with a "first come,
first assigned" registration process. For most HDAs this is more first assigned" registration process. For most HDAs, this is more
than enough, and a single HDA assignment within their RAA will than enough, and a single HDA assignment within their RAA will
suffice. Most RAAs will only delegate to a couple HDAs for their suffice. Most RAAs will only delegate to a couple of HDAs for their
operational needs. But there are major exceptions that point to operational needs. But there are major exceptions that point to
some RAAs needing large numbers of HDA assignments. some RAAs needing large numbers of HDA assignments.
</t> </t>
<t> <t>
Delivery service operators like Amazon (est. 30K delivery vans) and Delivery service operators like Amazon (est.&nbsp;30K delivery vans) and
UPS (est. 500K delivery vans) may choose, for anti-tracking UPS (est.&nbsp;500K delivery vans) may choose, for anti-tracking
reasons, to use unique RIDs per day or even per operation. 30K reasons, to use unique RIDs per day or even per operation. 30K
delivery UA could need 11M upwards to 44M RIDs. Anti-tracking delivery UAs could need between 11M and 44M RIDs. Anti-tracking
would be hard to provide if the HID were the same for a delivery would be hard to provide if the HID were the same for a delivery
service fleet, so such a company may turn to an HDA that provides service fleet, so such a company may turn to an HDA that provides
this service to multiple companies so that who's UA is who's is not this service to multiple companies so that who's UA is who's is not
evident in the HID. A USS providing this service could well use evident in the HID. A USS providing this service could well use
multiple HDA assignments per year, depending on strategy. multiple HDA assignments per year, depending on strategy.
</t> </t>
<t> <t>
Perhaps a single RAA providing HDAs for delivery service (or Perhaps a single RAA providing HDAs for delivery service (or a similar
similar behaving) UAS could 'get by' with a 2048 HDA space purpose) UAS could 'get by' with a 2048 HDA space (11-bits).
(11-bits). So the HDA space could well be served with only 12 bits So the HDA space could well be served with only 12 bits
allocated out of the 28-bit HID space. But as this is speculation, allocated out of the 28-bit HID space.
and it will take years of deployment experience, a 14-bit HDA space However, as this is speculation and deployment experience will take years,
has been selected. a 14-bit HDA space has been selected.
</t> </t>
<t> <t>
There may also be 'small' ICAO member States that opt for a single There may also be 'small' ICAO member States that opt for a single
RAA and allocate their HDAs for all UA that are permitted in their RAA and allocate their HDAs for all UAs that are permitted in their
NAS. The HDA space is large enough that some to use part for NAS. The HDA space is large enough that a portion may be used for
government needs as stated above and for small commercial needs. government needs as stated above and small commercial needs. Alternatively,
Or the State may use a separate, consecutive RAA for commercial the State may use a separate, consecutive RAA for commercial users.
users. Thus it would be 'easy' to recognize State-approved UA by Thus it would be 'easy' to recognize State-approved UA by
HID high-order bits. HID high-order bits.
</t> </t>
<section anchor="DET_Encoding" numbered="true" toc="default"> <name>DET Encoding Example</name> <section anchor="DET_Encoding" numbered="true" toc="default"> <name>DET Encoding Example</name>
<t> <t>
The DET upper 64 bits appear to be oddly constructed from nibbled The upper 64 bits of DET appear to be oddly constructed from nibbled
fields, when typically seen in 8-bit representations. The fields, when typically seen in 8-bit representations. The
following works out the construction of the example in <xref following works out the construction of the example in <xref
target="HHIT_DNS" format="default"/>. target="HHIT_DNS" format="default"/>.
</t> </t>
<t> <t>
In that example the prefix is 2001:30::/28, the RAA is decimal 10 In that example, the prefix is 2001:30::/28, the RAA is decimal 10,
and the HDA is decimal 20. Below is the RAA and HDA in 14-bit and the HDA is decimal 20. Below is the RAA and HDA in 14-bit
format: format:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
RAA 10 = 00000000001010 RAA 10 = 00000000001010
HDA 20 = 00000000010100 HDA 20 = 00000000010100
]]></artwork> ]]></artwork>
<t> <t>
The left most 4 bits of the RAA, all zeros, combine with the prefix The leftmost 4 bits of the RAA, all zeros, combine with the prefix
to form 2001:0030:, leaving remaining RAA and HDA combined to: to form 2001:0030:, which leaves the remaining RAA
and HDA to combine to:
</t> </t>
<artwork name="" type="" align="left" alt=""> <artwork name="" type="" align="left" alt="">
<![CDATA[ <![CDATA[
0000|0010|1000|0000|0001|0100| 0000|0010|1000|0000|0001|0100|
]]> ]]>
</artwork> </artwork>
<t> <t>
Which, combined with the OGA of x05 is: 0280:1405, thus the whole Which when combined with the OGA of x05 is 0280:1405, thus the whole
upper 64 bits are 2001:0030:0280:1405. upper 64 bits are 2001:0030:0280:1405.
</t> </t>
</section> </section>
</section> </section>
<section anchor="Base32" numbered="true" toc="default"> <name>Base32 Alphabet</n ame> <section anchor="Base32" numbered="true" toc="default"> <name>Base32 Alphabet</n ame>
<t> <t>
The alphabet used in CTA 2063-A Serial Number does not lend to The alphabet used in CTA 2063-A Serial Number does not map to
using any published Base32 encoding scheme. Thus the following any published Base32 encoding scheme. Therefore, the following
Base32 Alphabet is used. Base32 Alphabet is used.
</t> </t>
<t> <t>
Each 5-bit group is used as an index into an array of 32 printable Each 5-bit group is used as an index into an array of 32 printable
characters. The character referenced by the index is placed in the characters. The character referenced by the index is placed in the
output string. These characters, identified below, are selected output string. These characters, identified below, are selected
from US-ASCII digits and uppercase letters. from US-ASCII digits and uppercase letters.
</t> </t>
<table anchor="table_Base32" align="center"> <name>The Base 32 Alphabet</name> <table anchor="table_Base32" align="center"> <name>The Base 32 Alphabet</name>
<thead> <thead>
skipping to change at line 2137 skipping to change at line 2329
<td align="left">Y</td> <td align="left">Y</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</section> </section>
<section anchor="Coll_Prob" numbered="true" toc="default"> <name>Calculating Col lision Probabilities</name> <section anchor="Coll_Prob" numbered="true" toc="default"> <name>Calculating Col lision Probabilities</name>
<t> <t>
The accepted formula for calculating the probability of a collision The accepted formula for calculating the probability of a collision
is: is:
</t> </t>
<artwork name="" type="" align="left" alt=""> <t>p = 1 - e<sup>{-k<sup>2</sup>/(2n)}</sup></t>
<![CDATA[
p = 1 - e^{-k^2/(2n)}
P Collision Probability
n Total possible population
k Actual population
]]></artwork> <dl>
<dt>P:</dt><dd>Collision Probability</dd>
<dt>n:</dt><dd>Total possible population</dd>
<dt>k:</dt><dd>Actual population</dd>
</dl>
<t> <t>
The following table provides the approximate population size for a The following table provides the approximate population size for a
collision for a given total population. collision for a given total population.
</t> </t>
<artwork name="" type="" align="left" alt=""> <table>
<![CDATA[ <name>Approximate Population Size With Collision Risk</name>
Deployed Population <thead>
Total With Collision Risk of <tr>
Population .01% 1%
<th rowspan="2">Total
Population</th>
<th rowspan="1" colspan="2">Deployed Population With Collision Risk of</th>
</tr>
<tr>
<th>.01%</th>
<th>1%</th>
</tr>
</thead>
<tbody>
<tr>
<td>2<sup>96</sup></td>
<td>4T</td>
<td>42T</td>
</tr>
<tr>
<td>2<sup>72</sup></td>
<td>1B</td>
<td>10B</td>
</tr>
<tr>
<td>2<sup>68</sup></td>
<td>250M</td>
<td>2.5B</td>
</tr>
<tr>
<td>2<sup>64</sup></td>
<td>66M</td>
<td>663M</td>
</tr>
<tr>
<td>2<sup>60</sup></td>
<td>16M</td>
<td>160M</td>
</tr>
</tbody>
</table>
2^96 4T 42T
2^72 1B 10B
2^68 250M 2.5B
2^64 66M 663M
2^60 16M 160M
]]>
</artwork>
</section> </section>
<section numbered="false" toc="default"> <name>Acknowledgments</name> <section numbered="false" toc="default"> <name>Acknowledgments</name>
<t> <t>
Dr. Gurtov is an adviser on Cybersecurity to the Swedish Civil Dr. Gurtov is an adviser on Cybersecurity to the Swedish Civil
Aviation Administration. Aviation Administration.
</t> </t>
<t> <t>
Quynh Dang of NIST gave considerable guidance on using Keccak and Quynh Dang of NIST gave considerable guidance on using Keccak and
the NIST supporting documents. Joan Deamen of the Keccak team was the supporting NIST documents. Joan Deamen of the Keccak team was
especially helpful in many aspects of using Keccak. Nicholas especially helpful in many aspects of using Keccak. Nicholas
Gajcowski <xref target="cfrg-comment" format="default"/> provided a Gajcowski <xref target="CFRG-COMMENT" format="default"/> provided a
concise hash pre-image security assessment via the CFRG list. concise hash pre-image security assessment via the CFRG list.
</t> </t>
<t> <t>
Many thanks to Michael Richardson and Brian Haberman for the iotdir Many thanks to Michael Richardson and Brian Haberman for the iotdir
review, Magnus Nystrom for the secdir review, Elwyn Davies for review, Magnus Nystrom for the secdir review, Elwyn Davies for the
genart review and DRIP co-chair and draft shepherd, Mohamed genart review, and the DRIP co-chair and document shepherd, Mohamed
Boucadair for his extensive comments and help on document clarity. Boucadair for his extensive comments and help on document clarity.
And finally, many thanks to area directors: Roman Danyliw, Erik And finally, many thanks to the Area Directors: Roman Danyliw, Erik
Kline, Murray Kucherawy, Warren Kumari, John Scudder, Paul Wouters, Kline, Murray Kucherawy, Warren Kumari, John Scudder, Paul Wouters,
and Sarker Zaheduzzaman, for the IESG review. and Sarker Zaheduzzaman, for the IESG review.
</t> </t>
</section> </section>
</back> </back>
</rfc> </rfc>
 End of changes. 280 change blocks. 
642 lines changed or deleted 887 lines changed or added

This html diff was produced by rfcdiff 1.48.