IETF Logo Mail Archive

Re: [Int-dir] Intdir last call review of draft-ietf-drip-rid-26

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Wed, 25 May 2022 06:16 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: int-dir@ietfa.amsl.com
Delivered-To: int-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DE18C071D62; Tue, 24 May 2022 23:16:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.598
X-Spam-Level:
X-Spam-Status: No, score=-14.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Ba09RbtG; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=LRK+g4r7
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L8PLBIf52yqu; Tue, 24 May 2022 23:16:15 -0700 (PDT)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E46D2C071D60; Tue, 24 May 2022 23:16:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=21188; q=dns/txt; s=iport; t=1653459374; x=1654668974; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=xYlnyLkgLxWZgTPbWeov6WV4VFRkPBi0gawSjg4Xbj4=; b=Ba09RbtGeqPB/IV0RSWLit9rDsGj7WtOjP40pokkNKM9TMB/l4sYlRlw BerfSL1FZ7YfbSUtApX+3sAIpKjikiPyN0iFzG7NdRhvP7p1BD4q38VLp 8kQy1UG1Dl1oXyHQ63IJdl5PMxsDklQ5MXqgc4d4U0N7fZQ8/1eigpktu k=;
IronPort-PHdr: A9a23:XDqnKhJ/1a5PYvPVMNmcuWEyDhhOgF28FgIW659yjbVIf+zj+pn5J0XQ6L1ri0OBRoTU7f9Iyo+0+6DtUGAN+9CN5XYFdpEfWxoMk85DmQsmDYaMAlH6K/i/aSs8EYxCWVZp8mv9P1JSHZP1ZkbZpTu56jtBcig=
IronPort-Data: A9a23:9tACgayy45Bbo28UUwB6t+f+xCrEfRIJ4+MujC+fZmUNrF6WrkVWy2EaCmGCbvrYYTT1Ktkja4W3oBwP68XVzNNiTABu/lhgHilAwSbn6Xt1DatR0xt/paQvdWo/hyklQoSGfZlcokP0/E/3aOC89CckjMlke5KlYAL6EnEpLeNbYH9JZSJLw4bVs6Yw6TSLK1rlVeDa+6UzDGSYNwtcaQr43U4sRCRH55wesBtA1rA3iGsiUFX2zxH5B7pHTU29wueRf2VaIgK6b76rILCR5GjV+VImDcmo1+i9eUwRSbmUNg+L4pZUc/H92V4Z+WpjieBiaaV0hUR/011lm/h81sRLvp+9YQwoJabL3u8aVnG0FgknZfYWqO+bcCTk2SCU5wicG5f2+N1yCQQsPIEw++trDydJ7/NwADwXZx6fwuO73Lz+RvNtnoE5LcWtNYcbknBt0T+fCuwpKbjCRbmP6d5C9DY9ms4IGuzRD/f1wxIHgA/oeRZDPBIcD4gz2bnujXjkeDoeo1WQzZfbKlP7lGRZuIUB+vKPEjBSefhoow==
IronPort-HdrOrdr: A9a23:Btf2QKixwU//FSDGTlIb2nnYFXBQX6h23DAbv31ZSRFFG/FwyPrBoB1L73DJYWgqNE3IwerwRJVpQRvnhPpICRF4B8biYOCUghrWEGgE1/qj/9SAIVyxygc578ZdmsdFeaXN5DRB/KTHCUyDYqsdKbq8geOVbIXlvgxQpGhRAskKhWoYe2Wm+w9NNXN77PECZf2hD7981kOdkAMsH6KG7xc+Lo3+juyOsKijTQ8NBhYh5gXLpyiv8qTGHx+R2Qpbey9TwJ85mFK10TDR1+GGibWW2xXc32jc49B9g9360OZOA8SKl4w8NijssAC1f45sMofy+Qzd4dvfrGrCouO85SvIDP4Dsk85uVvF+ScF7jOQlwrGLUWSkmNwz0GT+/ARDwhKdfapzbgpAycxrXBQ4e2VFMlwrj2kX109N2KdoM213am6a/kh/HDE0UYKgKodiWdSXpAZb6IUpYsD/FlNGJNFBy7i7ps7edMeRv00ycwmOW9yVUqp9VWHAebcKUgbD1ODWAwPq8aV2z9ZkDRwyFYZ3tUWmjMF+IgmQ5dJ6uzYOuAw/Ys+AvM+fOZ4HqMMUMG3AmvCTVbFN3+TO03uEOUCN2jWo5D67b0p7KXzEaZ4g6caidDEShdVpGQyc0XhBYmH24BK6AnERCG4US72ws9T6pBlsvn3RabtMyeEVFcy+vHQ7sk3E4neQbK+KZhWC/jsIS/nHptIxRT3X91IJXwXQKQuy58GspK107T2w6HRx5nmmazoVcjQ+B4fKxfCPkc=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BEBgB2bIJi/51dJa1RCR4BAQsSDECBRAuBUlIHdQJYOUOEToNMA4UxhQmDAgOLFIUzinGBLBSBEQNUCwEBAQ0BATkJBAEBhQICFoUoAiU0CQ4BAgQBAQESAQEFAQEBAgEHBIEJE4VoDYZCAQEBAQIBEgsGEQwBATcBCwQCAQgRAQIBAgMCJgICAh8RFAECBggCBAEJBAUeBIJbAYJjAw0kAQ5DnyQBgT4Cih96gTGBAYIIAQEGBASFDQ0LgjgDBoEQLIMUgwKBJ4Eig06BFIEfJxyBSUSBFSccgmc+giBCAgIBgSARBAoeg1Y3gi6NVy2BLwKDToJHHTsDHDiBBRKBIXEBCAYGBwoFMgYCDBgUBAITEk0GHgITBQcKBhYOFBwSEhkMDwMSAxEBBwILEggVLAgDAgMIAwIDIwsCAxgJBwoDHQgKHBIQFAIEEx8LCAMaHy0JAgQOA0MICwoDEQQDExgLFggQBAYDCS8NKAsDBQ8PAQYDBgIFBQEDIAMUAwUnBwMhBwsmDQ0EHAcdAwMFJgMCAhsHAgIDAgYXBgICGVgKKA0IBAgEGAQeJRMFAgcxBQQvAh4EBQYRCQIWAgYEBQIEBBYCAhIIAggnGwcPBxkdGQEFXQYLCSMWBiwLBgUGFgMmJysGIgEbApI8gx0IgQ0BUhIHHREWGgwBAxgCFQISDgICAw8OJAoaFQYMBwcVGQ0EAQUHFxEDFhMPKZIBHS2DH4o8nxk8awqDTIsajXCBAwSFeQQtg3VIi3aVE4MRlmYggiqKXYNZkEMtD4R/AgQCBAUCDgEBBoEwMTyBWXAVOyoBgj1RGQ+OIAsBFoNQhRSFSnUCOQIGAQoBAQMJjlOCRwEB
X-IronPort-AV: E=Sophos;i="5.91,230,1647302400"; d="scan'208";a="1038884943"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 25 May 2022 06:16:13 +0000
Received: from mail.cisco.com (xfe-rcd-003.cisco.com [173.37.227.251]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id 24P6GDvu017703 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Wed, 25 May 2022 06:16:13 GMT
Received: from xfe-aln-005.cisco.com (173.37.135.125) by xfe-rcd-003.cisco.com (173.37.227.251) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14; Wed, 25 May 2022 01:16:12 -0500
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (173.37.151.57) by xfe-aln-005.cisco.com (173.37.135.125) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14 via Frontend Transport; Wed, 25 May 2022 01:16:12 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MieM+TCi//iJjDQxrN0t/TRgwn3CBqKi8hYu1BLcSVUfQRn8yW+5/vTAEXIV1c1Mfdm7ZCpETeNxwPuylr67RWF5NPfMYH9XvxKQd6UiKRBA6jyp+drxJLMXW/JdVLW10lnnYoX3vX9rr7D5PCx8A1K3hnZpFGQ9l2TUqCifI2TDTzItGPgaIKMzyMbDuXOIgaHydM+/lPmzmFxmzDqCPuDMV1qaQvm5DN1D6Q+4fku4PmjRzVVFSGpChYvXS6lUkmRwcNjsyzxy41Ne1ycf8IT7EXncrc+9oy2kBNBVyIdcGmleo80e8rgh9EJg7CNALRZ5b79NSvzh4UA13N09Bg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xYlnyLkgLxWZgTPbWeov6WV4VFRkPBi0gawSjg4Xbj4=; b=LeYO9s/52yvGc528Q/V8UEw2rlKFJiEro4I8QJfIFtMd2AA22V0Abxb8fYR+leexqwFswHg45CWFMxpnq1sKA9ld/r3lcHsGxEktUb386oxAAdF4tK8khuNXPaCmMnmoyyhTdFFOJ50y7waVXJnj44t7yEvWI2X5SN926m1V9D5AzZhXa3/vy7bjOHzTlpYxpg7LtZTPKA1O3VNo/pm9x6wHOp3eaY/dap7nJ4jObbubZgrXOfqno5ajr2be8KmSZukFQReZoWUOWq+idNAQHSboxvFeYRjX0hfMpPlKNHZJlLEKvrCP6SDIAnIqc5KhGknrWqdORoKP3yMwBtZ3bQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xYlnyLkgLxWZgTPbWeov6WV4VFRkPBi0gawSjg4Xbj4=; b=LRK+g4r7D4vkQsLhl67T/S2TcNALQnEbD6r+QXNAWbf2YgbO9aMxyHIy0LdC3WIRXNeOGkGKF6ymFZDhLg+4XMEAQWuyeKFN2SRSqW/kznAXrPxcYMcC/yKNvLLQ1hTE99hOjx6aXm8HXefd+RUfr/HlS2PXlnYv9vboRhCv43o=
Received: from PH0PR11MB4966.namprd11.prod.outlook.com (2603:10b6:510:42::21) by DM6PR11MB3193.namprd11.prod.outlook.com (2603:10b6:5:57::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.15; Wed, 25 May 2022 06:16:06 +0000
Received: from PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::20ad:62bc:e61b:a92e]) by PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::20ad:62bc:e61b:a92e%5]) with mapi id 15.20.5273.023; Wed, 25 May 2022 06:16:06 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: "Pascal Thubert (pthubert)" <pthubert@cisco.com>, "int-dir@ietf.org" <int-dir@ietf.org>
CC: "draft-ietf-drip-rid.all@ietf.org" <draft-ietf-drip-rid.all@ietf.org>, "tm-rid@ietf.org" <tm-rid@ietf.org>
Thread-Topic: Intdir last call review of draft-ietf-drip-rid-26
Thread-Index: AQHYaSkoJCeKURbZz0CfRrjterR1h60utimA
Date: Wed, 25 May 2022 06:16:05 +0000
Message-ID: <D5536BD4-8F56-46E8-A79E-59334DE964E2@cisco.com>
References: <165270781174.61908.279324826477098049@ietfa.amsl.com>
In-Reply-To: <165270781174.61908.279324826477098049@ietfa.amsl.com>
Accept-Language: fr-BE, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.61.22050700
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b3306a43-97de-4895-3f46-08da3e160d4b
x-ms-traffictypediagnostic: DM6PR11MB3193:EE_
x-microsoft-antispam-prvs: <DM6PR11MB31938DE6BF3D98EEE32BCF4BA9D69@DM6PR11MB3193.namprd11.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 0waTfJcBJJSxCTqESNGqJlgennaBkNM4BpL2PBzaAQcyZaXefh2+TuIhPWlpaJqnxwO0tLByNoyRfgI/ZqlhQM3rRv5yuOLnwRKzWpHIpgvoNy2fXywJ8j5/xTCkYpOB2egqenm3TUnggjeUTF21xqp2QcY371SlIyeSTsQCTeNRaMkb1/OLzffjjd6DLF5LztrAxwMasEAbKYafidy62wJeYFzp2eSl/5ckjpSzaNJ+5vGen7eYDIPmbWIs2l743d0nmr53k1Aqj8KKZrr9yxVQm4AC/fL5xBUVE+iIFMPElp8e5g2SmsgQRfLbyNipGB1UOf8HKT8uNZzr9CRABFE81rrVqntvkjmm/ozpoNFMUkBvORrZctbdjFvFNzcu9sL5a8+s/+lpi+tZQOcX7aPjFvfp/erXdSbElFavR6pr/5GmK1FJOZUl9rCJ03/eHZaqB/2f9AO7Sk/MkDKF6hPV9cMvf1viBNvmLyVItl30npKi3dvgM0fxhfc0x6FPWPhyqmHusTA3AbX8mhBVTpN8uSeWsvIpbXNHn0sdGJmJlJniXt6o+rl5ZVH1q9bRczcNxeOns+ufjjt4f4DAqBf7QNWaMhMeVAlhP4GIJREkMf948Aa2FG6JbqaybMJOhQy8mEnjkOfpmMqroc+yG8y1rCttBhjMcHnEGv3tfVcCGj9dBpPZ/phrmTNcSOFwC+8lVO8bnS4HGvdKdr280JW+kWFnqDe3Wyaa7IPA82kYNavXLMpkwnHHGNYah+lripfGEdR5EsXroEF+0dou2SIimERcaJxNSnMdAaBCf/00hi5jhX8eosb0uj5XWbQgUonCfxU2xa8LOBLDeABL5BY6SdMtk5kWqSsgzzyFDI8=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB4966.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(110136005)(6486002)(966005)(71200400001)(316002)(508600001)(54906003)(83380400001)(66574015)(2906002)(36756003)(33656002)(66476007)(91956017)(66446008)(4326008)(76116006)(2616005)(66556008)(8676002)(450100002)(64756008)(66946007)(186003)(6506007)(30864003)(122000001)(86362001)(38070700005)(8936002)(38100700002)(5660300002)(6512007)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 2
x-ms-exchange-antispam-messagedata-0: i9Q7ffIBkBBtwUbd0CyO8eFL5lpDSCelMdr24Y1pwL7j/7hIRc9Lr+wgscyPvlRa3tpaRUUa+zZ4Do1qb7y6gjIFScOCvCtuesiqdl+ec936d4m07qFOhOd38rh1MKaTd5kmMhGnSsP8Nau3p8e4ZG/RcB4klf5wFBzdxCCJtMaDrSXnIWj59rdI/vmWzya03NWZaE5UMoDGDRZ6pP2i6GEtkRWPFXqFEfNi1FVh7DIPVVrOxzpANsdqZEgPww6wYgJx0v/H0bh4MJ4eoFKd+vMfv58o7zsIE+l/d1FGMwX9aE2PN+NEWXgNmAPOXKL9gZac07y9q6uhrnDy9ySWK3Xn9PDhOhVKeHoP6AeZTWS74foqkCN/zvFVFDLY0u0lGbbT6OVkTKmkMOknoYw6+6beLwAnm8cx3rS04Cq7bY/PUvolIsYdohUg2PeXw+AaWqB9r8ZTZhMb3Of/enIsE6F0AkQkf11eCRbgXEKbMpWJwjvDgVpwlpYsrqSMZaR1NkE7w7WtU29QQjP57/s3OPh1n9j5u/f0NpsqApECZuKt+hhijfpPDOwC0aoDWMlORTAa83dowkiCklbBbWOPH2pIqr2dJRFTJGEPvG9k5ff4I8YksNX/1MIDBNV+CAsNt5UXt3Vv0hVDU23enrOzazsIz7EI95uY+JGKUkTY2liWJ6k9aBUcX6TAbbYsvW0pVYIsQYdtQFdkAPzzl582qCHs33LIV1y43WroHKjWgbrNzJBxYGifNDIzu9CTEGyYaHPg3JGgBj5SDu/zx6BVx7im+6OC19KG65MEcb0qPl6pBt328LeK8zAX2UUDPyj7YCOmJY3U5T2ZuIbpohJlpOIDRWVWf+NRT2K+VcSxdE6aT6p8IP9E59szZ9I4UMdd/xVv5a7OHopqIowJaLEMp8E2OoL1mLx5H+RaFAW59k79xWdJPzCzGKlaS+q3BYLDFRvw2UWFFsPs8/DeiKflo5rJI3fTstkytVP6BXYkfeebQoS/jtBnGozcJHGt9R7ec6lkqki3/1fMUTv1S0oUnPLPA0adKCygNksuNsDxkOxFw5lop7de8UXef0bunNDA5RxE+5MDMwGiBO0AeI87Kee9xpRIktzDZAgi1cgrsmQqn0OsUdUHqxdcLBjA/IElGYMKGUF2Jubwa0wVe3KBs1ITnSYk4TT8O5xkS7g14K9i0TBAbjfAXY1fLCEjTHMMrO98lrXDaU+QdFiQoCuoC9gttk2NTrV8Yc9hnfmC2bQKJNpI29cBSrZPzGPM5/Y39bJ/mBEUvrzUOpEVtks8afsMsj9+bz/2kGf4ATYneLd6RIIJRj5yOpgvXtWVAZoLnmFgSz3cZY5E9EIRJ5Ftyfy6J/+O+0c5GhdaGXvLi0orDFmrOcueYhCuJL9uuNIQ3bDSJDAYOBHXE61YzbD6gVjmxh7HxNeDtt+Ps0ofxqfcPgJmRYBjQxAPx/B3/brYVvjfSZmmBuLOj2Z2kwehbzhO3utkLHGTVazJvW6qpzfzOo6gzcw91TLZJkdND6NGVnyRESewykypWmQeFHep3JlTdZE9XTnvmVbU7Z0h33zPVR2kEDpJSQGo+vWTBXm0zVPtq+kPMMxPwKL9W39Fx38xDuKq485nTbHo9JulEYjiqDQyBnQ/Rvf0CH6hfcJJg3dkBpGqqAa6mVcOOOVy3pElazK59W8xTyfBd6KeN+FD27KM/VJ8hoAUD/pPGslwnJe0oLEyKrSG1Kf42k9/98GAoe2Q4n+HXaLz6HebYgl96ZoIPVsf/Qyn83eb8gKYfJQyiJeg
x-ms-exchange-antispam-messagedata-1: aRJFN5lqNtENFqoxF0UbYBqJZJNB9Dd5st8=
Content-Type: text/plain; charset="utf-8"
Content-ID: <585E2092CF3CAA4AB1D8800BD8A1BCC5@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4966.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b3306a43-97de-4895-3f46-08da3e160d4b
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 May 2022 06:16:05.8959 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 5PIauwSkI6iik6F5VHwb0hVp5kiQEcwvYPiCXPDc9jJsYvtXx0Z7jNV02HV8PbQ/mRgSWmLYw+eihY8G/aL0jQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3193
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.227.251, xfe-rcd-003.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-dir/bNivIaOu8TyJzjl_7vGg8tfltKM>
Subject: Re: [Int-dir] Intdir last call review of draft-ietf-drip-rid-26
X-BeenThere: int-dir@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "This list is for discussion between the members of the Internet Area directorate." <int-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-dir>, <mailto:int-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-dir/>
List-Post: <mailto:int-dir@ietf.org>
List-Help: <mailto:int-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-dir>, <mailto:int-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 May 2022 06:16:19 -0000

Thank you, Pascal, for your review and thank you, Bob, for updating the I-D based on Pascal's review.

Good work by the two of you ;-)

Based on the -28 version, this document seems ready to advance to IESG evaluation.

Regards

-éric


-----Original Message-----
From: Pascal Thubert via Datatracker <noreply@ietf.org>
Reply to: Pascal Thubert <pthubert@cisco.com>
Date: Monday, 16 May 2022 at 15:30
To: "int-dir@ietf.org" <int-dir@ietf.org>
Cc: "draft-ietf-drip-rid.all@ietf.org" <draft-ietf-drip-rid.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "tm-rid@ietf.org" <tm-rid@ietf.org>
Subject: Intdir last call review of draft-ietf-drip-rid-26
Resent from: <alias-bounces@ietf.org>
Resent to: Erik Kline <ek.ietf@gmail.com>, <rgm@labs.htt-consult.com>, <mohamed.boucadair@orange.com>, <mglt.ietf@gmail.com>, Eric Vyncke <evyncke@cisco.com>, <adam.wiethuechter@axenterprize.com>, <gurtov@acm.org>, <stu.card@axenterprize.com>
Resent date: Monday, 16 May 2022 at 15:30

    Reviewer: Pascal Thubert
    Review result: Ready with Nits


    https://www.ietf.org/id/draft-ietf-drip-rid-26.txt









    DRIP                                                        R. Moskowitz
    Internet-Draft                                            HTT Consulting
    Updates: 7401, 7343 (if approved)                                S. Card
    Intended status: Standards Track                         A. Wiethuechter
    Expires: 14 November 2022                             AX Enterprize, LLC
                                                                   A. Gurtov
                                                        Linköping University
                                                                 13 May 2022


     DRIP Entity Tag (DET) for Unmanned Aircraft System Remote ID (UAS RID)
                             draft-ietf-drip-rid-26

    Abstract

       This document describes the use of Hierarchical Host Identity Tags
       (HHITs) as self-asserting IPv6 addresses and thereby a trustable
       identifier for use as the Unmanned Aircraft System Remote
       Identification and tracking (UAS RID).

       This document updates RFC7401 and RFC7343.

       Within the context of RID, HHITs will be called DRIP Entity Tags
       (DETs).  HHITs self-attest to the included explicit hierarchy that
       provides registry (via, e.g., DNS, EPP) discovery for 3rd-party
       identifier attestation.

    Status of This Memo

       This Internet-Draft is submitted in full conformance with the
       provisions of BCP 78 and BCP 79.

       Internet-Drafts are working documents of the Internet Engineering
       Task Force (IETF).  Note that other groups may also distribute
       working documents as Internet-Drafts.  The list of current Internet-
       Drafts is at https://datatracker.ietf.org/drafts/current/.

       Internet-Drafts are draft documents valid for a maximum of six months
       and may be updated, replaced, or obsoleted by other documents at any
       time.  It is inappropriate to use Internet-Drafts as reference
       material or to cite them other than as "work in progress."

       This Internet-Draft will expire on 14 November 2022.

    Copyright Notice

       Copyright (c) 2022 IETF Trust and the persons identified as the
       document authors.  All rights reserved.



    Moskowitz, et al.       Expires 14 November 2022                [Page 1]
    ?
    Internet-Draft            DRIP Entity Tag (DET)                 May 2022


       This document is subject to BCP 78 and the IETF Trust's Legal
       Provisions Relating to IETF Documents (https://trustee.ietf.org/
       license-info) in effect on the date of publication of this document.
       Please review these documents carefully, as they describe your rights
       and restrictions with respect to this document.  Code Components
       extracted from this document must include Revised BSD License text as
       described in Section 4.e of the Trust Legal Provisions and are
       provided without warranty as described in the Revised BSD License.

    Table of Contents

       1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
         1.1.  HHIT Statistical Uniqueness different from UUID or X.509
               Subject . . . . . . . . . . . . . . . . . . . . . . . . .   4
       2.  Terms and Definitions . . . . . . . . . . . . . . . . . . . .   4
         2.1.  Requirements Terminology  . . . . . . . . . . . . . . . .   4
         2.2.  Notations . . . . . . . . . . . . . . . . . . . . . . . .   4
         2.3.  Definitions . . . . . . . . . . . . . . . . . . . . . . .   4
       3.  The Hierarchical Host Identity Tag (HHIT) . . . . . . . . . .   6
         3.1.  HHIT Prefix for RID Purposes  . . . . . . . . . . . . . .   7
         3.2.  HHIT Suite IDs  . . . . . . . . . . . . . . . . . . . . .   7
           3.2.1.  HDA custom HIT Suite IDs  . . . . . . . . . . . . . .   8
         3.3.  The Hierarchy ID (HID)  . . . . . . . . . . . . . . . . .   8
           3.3.1.  The Registered Assigning Authority (RAA)  . . . . . .   8
           3.3.2.  The Hierarchical HIT Domain Authority (HDA) . . . . .   9
         3.4.  Edward-Curve Digital Signature Algorithm for HHITs  . . .   9
           3.4.1.  HOST_ID . . . . . . . . . . . . . . . . . . . . . . .  10
           3.4.2.  HIT_SUITE_LIST  . . . . . . . . . . . . . . . . . . .  11
         3.5.  ORCHIDs for Hierarchical HITs . . . . . . . . . . . . . .  11
           3.5.1.  Adding Additional Information to the ORCHID . . . . .  12
           3.5.2.  ORCHID Encoding . . . . . . . . . . . . . . . . . . .  13
           3.5.3.  ORCHID Decoding . . . . . . . . . . . . . . . . . . .  15
           3.5.4.  Decoding ORCHIDs for HIPv2  . . . . . . . . . . . . .  15
       4.  Hierarchical HITs as DRIP Entity Tags . . . . . . . . . . . .  15
         4.1.  Nontransferablity of DETs . . . . . . . . . . . . . . . .  16
         4.2.  Encoding HHITs in CTA 2063-A Serial Numbers . . . . . . .  16
         4.3.  Remote ID DET as one Class of Hierarchical HITs . . . . .  17
         4.4.  Hierarchy in ORCHID Generation  . . . . . . . . . . . . .  17
         4.5.  DRIP Entity Tag (DET) Registry  . . . . . . . . . . . . .  18
         4.6.  Remote ID Authentication using DETs . . . . . . . . . . .  18
       5.  DRIP Entity Tags (DETs) in DNS  . . . . . . . . . . . . . . .  18
       6.  Other UTM Uses of HHITs Beyond DET  . . . . . . . . . . . . .  20
       7.  Summary of Addressed DRIP Requirements  . . . . . . . . . . .  20
       8.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  20
         8.1.  New Well-Known IPv6 prefix for DETs . . . . . . . . . . .  20
         8.2.  New IANA DRIP Registry  . . . . . . . . . . . . . . . . .  21
         8.3.  IANA CGA Registry Update  . . . . . . . . . . . . . . . .  22
         8.4.  IANA HIP Registry Updates . . . . . . . . . . . . . . . .  22



    Moskowitz, et al.       Expires 14 November 2022                [Page 2]
    ?
    Internet-Draft            DRIP Entity Tag (DET)                 May 2022


         8.5.  IANA IPSECKEY Registry Update . . . . . . . . . . . . . .  23
       9.  Security Considerations . . . . . . . . . . . . . . . . . . .  23
         9.1.  DET Trust in ASTM messaging . . . . . . . . . . . . . . .  25
         9.2.  DET Revocation  . . . . . . . . . . . . . . . . . . . . .  25
         9.3.  Privacy Considerations  . . . . . . . . . . . . . . . . .  26
         9.4.  Collision Risks with DETs . . . . . . . . . . . . . . . .  27
       10. References  . . . . . . . . . . . . . . . . . . . . . . . . .  27
         10.1.  Normative References . . . . . . . . . . . . . . . . . .  27
         10.2.  Informative References . . . . . . . . . . . . . . . . .  28
       Appendix A.  EU U-Space RID Privacy Considerations  . . . . . . .  31
       Appendix B.  The 14/14 HID split  . . . . . . . . . . . . . . . .  31
       Appendix C.  Calculating Collision Probabilities  . . . . . . . .  33
       Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . .  33
       Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  34





    > 1.  Introduction

    >   DRIP Requirements [RFC9153] describe an Unmanned Aircraft System

    Maybe expand DRIP on first use?


    >  asserting IPv6 addresses and thereby a trustable identifier for use
    >  as the UAS Remote ID.

    Architecturally speaking, people hate using IPv6 addresses as ID. I foresee
    discussions about address renewal, device replacement (same address?), and
    privacy. We'll see further down the draft but I expect that a dedicated section
    on why this is desirable (and OK) so we do not get endless pushback at IESG.
    https://www.rfc-editor.org/rfc/rfc9153.html#name-identifier does not seem to
    enforce that IP is used. Also, interesting to figure if the model is portable
    to vitually anything, e.g., in IoT.


    >  Hierarchical HITs provide self-attestation of the HHIT registry.  A
    >  HHIT can only be in a single registry within a registry system (e.g.,
    >  EPP and DNS).


    Could we imagine a distributed ledger?

    >   HHITs are statistically unique through the cryptographic hash feature
    >  of second-preimage resistance.

    Good thing that the HHITs are Hierarchical as opposed to only Statistical ;)


    >                           The cryptographically-bound addition
    >  of the hierarchy and a HHIT registration process [drip-registries]
    >  provide complete, global HHIT uniqueness.



    Coudl issues arise when the global registry is unreachable when the ID is
    formed? Is the HHIT "tentative" till then?


    > 2.  Terms and Definitions

    A forward ref to fig 1 woudl help with all the bit fields.


    >  Keccak (KECCAK Message Authentication Code):

    I guess the expansion in () is a CC from the next definition.


    > 3.  The Hierarchical Host Identity Tag (HHIT)


    >  *  ORCHID hash (96 - prefix length - 8 for HHIT Suite ID, e.g., 64)
    >     See Section 3.5 for more details.

    If P is 28 bits then the hash is 60, which is less than CGA; also this fails to
    align to the usual /64, though whether that's important is debatable. Is there a
    reason to allow P to reach 28 as opposed to 24? Will it be harder to allocate?



    > 3.1.  HHIT Prefix for RID Purposes

    >  Initially, for DET use, one 28-bit prefix should be assigned out of
    >  the IANA IPv6 Special Purpose Address Block ([RFC6890]).

    Same as above, are we reducing the security properties by having a /28?



    3.2.  HHIT Suite IDs


    >   The following HHIT Suite IDs are defined:
    >
    >       HHIT Suite          Value
    >       RESERVED            0
    >       RSA,DSA/SHA-256     1    [RFC7401]
    >       ECDSA/SHA-384       2    [RFC7401]
    >       ECDSA_LOW/SHA-1     3    [RFC7401]
    >       EdDSA/cSHAKE128     TBD3 (suggested value 5)   (RECOMMENDED)
    >

    I checked the IANA section. It's there though
    - missing references
    - duplicating other efforts for similar registries

    e.g., https://www.rfc-editor.org/rfc/rfc8928.html#name-crypto-type-subregistry
    Could you reuse that registry and extend it for the new suite IDs / hash / KMAC?

    Adding Keccak capabilities to the previous RFCs is a win/win.




    > 3.5.2.  ORCHID Encoding


    >  The cSHAKE function call for this update is:

    >      cSHAKE128(Input, L, "", Context ID)

    Is there a way to add a "salt" so that the node may generate more than one ID
    for privacy?




    > 4.1.  Nontransferablity of DETs

    >   A HI and its HHIT SHOULD NOT be transferable between UA or even
    >   between replacement electronics

    Pro: This answers one question above.
    Con: this bars very interesting IoT use cases I have in mind for spare parts
    and sensory devices. e.g., ISA100.11a uses IPv6 addresses as IDs and would
    benefit from this.

    Is the non-transferability a requirement? Could you reword as to say that when
    it is a requirement then the keys must be safeguarded in the store but leave it
    open for other scenarios?





    > 4.3.  Remote ID DET as one Class of Hierarchical HITs

    >  UAS Remote ID DET may be one of a number of uses of HHITs.  However,
    >  it is out of the scope of the document to elaborate on other uses of
    >  HHITs.  As such these follow-on uses need to be considered in
    >  allocating the RAAs (Section 3.3.1) or HHIT prefix assignments
    >  (Section 8).

    This answers another of my questions, but then please limit your MUST to the
    supported use case of DETs not for HHITs in general, to my point right above.




    > 6.  Other UTM Uses of HHITs Beyond DET

    > Please expand UTM (and add to terminology?)


    8.2.  New IANA DRIP Registry


     >   Hierarchical HIT (HHIT) Suite ID:

     >      HHIT Suite          Value

     You probably want an  additional column with ref to the algorithms, or maybe
     reuse either the format or registry  of RFC 8928, more below.




    > 8.4.  IANA HIP Registry Updates

    >  EdDSA Curve Label:

    Any way to use / extend
    https://www.rfc-editor.org/rfc/rfc8928.html#name-crypto-type-subregistry
    ?

    > 9.  Security Considerations

    >  The 64-bit hash in HHITs presents a real risk of second pre-image
    >  cryptographic hash attack Section 9.4.

    This partially addresses another of my earlier questions.

    >  However, with today's computing power, producing 2^64 EdDSA keypairs
    >  and then generating the corresponding HHIT is economically feasible.

    That would be 2^60, unless I miss something? and then maybe there'd be a way to
    variate other fileds of the hash with the same key.
    Then there's the post Quantum thingy. I guess it's safe to say that this model
    is not post-Q resilent right?


    >  The Registry service [drip-registries], through its HHIT
    >  uniqueness enforcement, provides against forced or accidental HHIT
    >  hash collisions.
    When it's reachable. When it's not, there can be both impersonation and DOS
    attacks based on the false ID.



    > 9.3.  Privacy Considerations

    >  There is no expectation of privacy for DETs; it is not part of the
    >  privacy normative requirements listed in, Section 4.3.1, of
    >  [RFC9153].

    This addresses another of my initial questions.


    >  DETs are broadcast in the clear over the open air via
    >  Bluetooth and Wi-Fi.

    So L2 security when present still protects the ID but not MAC, correct?


    > 9.4.  Collision Risks with DETs

    >   The 64-bit hash size does have an increased risk of collisions over
    >   the 96-bit hash size used for the other HIT Suites.

    Is that true also for voluntary collisions (brute force) ?



    > 10.2.  Informative References

                  unmanned-aerial-systems-serial-numbers>.

    >  [drip-architecture]

    Shouldn't be normative?

    >  [drip-authentication]

    Same, and then for registries?

v2.23.0 | Report a Bug | By Email