Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt
Robert Moskowitz <rgm@labs.htt-consult.com> Thu, 21 October 2021 13:31 UTC
Return-Path: <rgm@labs.htt-consult.com>
X-Original-To: tm-rid@ietfa.amsl.com
Delivered-To: tm-rid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93B453A167D for <tm-rid@ietfa.amsl.com>; Thu, 21 Oct 2021 06:31:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9YAwzwR6uiLa for <tm-rid@ietfa.amsl.com>; Thu, 21 Oct 2021 06:31:46 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 138FD3A167A for <tm-rid@ietf.org>; Thu, 21 Oct 2021 06:31:45 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id C042462573; Thu, 21 Oct 2021 09:30:44 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id BYyLrOBQeE+6; Thu, 21 Oct 2021 09:30:30 -0400 (EDT)
Received: from lx140e.htt-consult.com (unknown [192.168.160.29]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 875286256E; Thu, 21 Oct 2021 09:30:27 -0400 (EDT)
To: mohamed.boucadair@orange.com, "tm-rid@ietf.org" <tm-rid@ietf.org>
References: <163476083017.12374.12735080713762694901@ietfa.amsl.com> <d74188f4-4713-f6de-31de-d19324157cc6@labs.htt-consult.com> <3692_1634798445_61710B6D_3692_443_1_787AE7BB302AE849A7480A190F8B93303542FB07@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <242a7c13-876c-df0b-9911-70fcb15f15d7@labs.htt-consult.com> <14061_1634822741_61716A55_14061_409_1_787AE7BB302AE849A7480A190F8B93303542FFEF@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
From: Robert Moskowitz <rgm@labs.htt-consult.com>
Message-ID: <957f0434-f02a-7eeb-9c1e-ba3d9c059daa@labs.htt-consult.com>
Date: Thu, 21 Oct 2021 09:31:17 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.1
MIME-Version: 1.0
In-Reply-To: <14061_1634822741_61716A55_14061_409_1_787AE7BB302AE849A7480A190F8B93303542FFEF@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Content-Type: multipart/alternative; boundary="------------14BBADFFC8B4A66301C33BB8"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/JDHAiwE5VElyutIK-5yfEMLwn1M>
Subject: Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Drone Remote Identification Protocol <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Oct 2021 13:31:52 -0000
On 10/21/21 9:25 AM, mohamed.boucadair@orange.com wrote: > Standard > > Re-, > > That’s better. Thank you. > > As we are in that section, there is also this nit: > > Thus, although the PROBABILITY of a collision or pre-image attack is > > low Section 11.2 > <https://datatracker.ietf.org/doc/html/draft-ietf-drip-rid-11.txt#section-11.2>in > a collection of 1,024 HHITs out of a total > > ^^^^^^^^^^^^^^^^^^^^ > Oops... Thus, although the PROBABILITY of a collision or pre-image attack is low in a collection of 1,024 HHITs out of a total population of 2^64, per Section 11.2, it is computationally and economically feasible. Thus the HHIT registration and HHIT/HI registration validation is STRONGLY recommended. > Cheers, > > Med > > *De :* Robert Moskowitz <rgm@labs.htt-consult.com> > *Envoyé :* jeudi 21 octobre 2021 14:33 > *À :* BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com>; > tm-rid@ietf.org > *Objet :* Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt > > On 10/21/21 2:40 AM, mohamed.boucadair@orange.com > <mailto:mohamed.boucadair@orange.com> wrote: > > Hi Robert, > > Thank you for addressing the comment from the cfrg, particularly this one:https://mailarchive.ietf.org/arch/msg/cfrg/tAJJq60W6TlUv7_pde5cw5TDTCU/ <https://mailarchive.ietf.org/arch/msg/cfrg/tAJJq60W6TlUv7_pde5cw5TDTCU/> > > BTW, please check the 2nd line of the third paragraph of the new text about pre-image attack as I'm not sure to parse it. > > > Is the following an improvement? > > Now it should be noted that the 2^64 attempts is for stealing a > *specific* HHIT. Consider a scenario of a street photography > company with 1,024 UAs (each with its own HHIT); you'd > be happy stealing any one of them. Then rather than needing to > satisfy a > 64-bit condition on the cSHAKE128 output, you need only satisfy > what is equivalent to a 54-bit condition (since you have 2^10 more > opportunities for success). > > > > > Also, it could be great if you can motivate the change in the normative language in Section 4.2. Thank you. > > All: please review and share your comments. This is highly appreciated. > > Cheers, > > Med > > -----Message d'origine----- > > De : Tm-rid<tm-rid-bounces@ietf.org> <mailto:tm-rid-bounces@ietf.org> De la part de Robert Moskowitz > > Envoyé : mercredi 20 octobre 2021 22:19 > > À :tm-rid@ietf.org <mailto:tm-rid@ietf.org> > > Objet : Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt > > Changes in sec 4.2 and 11. Please review. > > Adam and I are discussing sec 5, as he actually has done some > > implementation demos and I may make adjusts along what he has done. > > Also Adam and I need to work out App B and drip-auth. > > So there may be yet an update before the cutoff. Of course comments are > > welcome and I will make adjusts as needed. > > On 10/20/21 4:13 PM,internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > > directories. > > This draft is a work item of the Drone Remote ID Protocol WG of the > > IETF. > > Title : DRIP Entity Tag (DET) for Unmanned Aircraft > > System Remote Identification (UAS RID) > > Authors : Robert Moskowitz > > Stuart W. Card > > Adam Wiethuechter > > Andrei Gurtov > > Filename : draft-ietf-drip-rid-11.txt > > Pages : 29 > > Date : 2021-10-20 > > Abstract: > > This document describes the use of Hierarchical Host Identity Tags > > (HHITs) as self-asserting IPv6 addresses and thereby a trustable > > identifier for use as the Unmanned Aircraft System Remote > > Identification and tracking (UAS RID). Within the context of RID, > > HHITs will be called DRIP Entity Tags (DET). HHITs self-attest to > > the included explicit hierarchy that provides Registrar discovery > > for > > 3rd-party identifier attestation. > > The IETF datatracker status page for this draft is: > > https://datatracker.ietf.org/doc/draft-ietf-drip-rid/ <https://datatracker.ietf.org/doc/draft-ietf-drip-rid/> > > There is also an HTML version available at: > > https://www.ietf.org/archive/id/draft-ietf-drip-rid-11.html <https://www.ietf.org/archive/id/draft-ietf-drip-rid-11.html> > > A diff from the previous version is available at: > > https://www.ietf.org/rfcdiff?url2=draft-ietf-drip-rid-11 <https://www.ietf.org/rfcdiff?url2=draft-ietf-drip-rid-11> > > Internet-Drafts are also available by anonymous FTP at: > > ftp://ftp.ietf.org/internet-drafts/ <ftp://ftp.ietf.org/internet-drafts/> > > -- > > Tm-rid mailing list > > Tm-rid@ietf.org <mailto:Tm-rid@ietf.org> > > https://www.ietf.org/mailman/listinfo/tm-rid <https://www.ietf.org/mailman/listinfo/tm-rid> > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > > they should not be distributed, used or copied without authorisation. > > If you have received this email in error, please notify the sender and delete this message and its attachments. > > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > > Thank you. > > -- > Robert Moskowitz > Owner > HTT Consulting > C: 248-219-2059 > F: 248-968-2824 > E: rgm@labs.htt-consult.com <mailto:rgm@labs.htt-consult.com> > > There's no limit to what can be accomplished if it doesn't matter who > gets the credit > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. >
- Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt Adam Wiethuechter
- [Drip] I-D Action: draft-ietf-drip-rid-11.txt internet-drafts
- Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt Robert Moskowitz
- Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt mohamed.boucadair
- Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt Robert Moskowitz
- Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt Robert Moskowitz
- Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt mohamed.boucadair
- Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt Robert Moskowitz
- Re: [Drip] I-D Action: draft-ietf-drip-rid-11.txt Robert Moskowitz