Return-Path: X-Original-To: tm-rid@ietfa.amsl.com Delivered-To: tm-rid@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0C8EC20724B for ; Mon, 21 Oct 2024 13:25:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.904 X-Spam-Level: X-Spam-Status: No, score=-1.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vgw_SDGu33IS for ; Mon, 21 Oct 2024 13:25:40 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D4146C21511B for ; Mon, 21 Oct 2024 13:25:40 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id CA0206291C for ; Mon, 21 Oct 2024 16:24:47 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 0K5UOjtoCOO0 for ; Mon, 21 Oct 2024 16:24:40 -0400 (EDT) Received: from [192.168.160.29] (unknown [192.168.160.29]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 6C03A62871 for ; Mon, 21 Oct 2024 16:24:40 -0400 (EDT) Content-Type: multipart/alternative; boundary="------------P0sAqelYCxc2W0PaBHvj6cKP" Message-ID: Date: Mon, 21 Oct 2024 16:25:29 -0400 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: "tm-rid@ietf.org" References: <172954206522.1991687.3133295926004651629@dt-datatracker-78dc5ccf94-w8wgc> Content-Language: en-US From: Robert Moskowitz In-Reply-To: <172954206522.1991687.3133295926004651629@dt-datatracker-78dc5ccf94-w8wgc> Message-ID-Hash: DT4JR3WP53Y6S6NLDCONXYZWLCJ5UYU6 X-Message-ID-Hash: DT4JR3WP53Y6S6NLDCONXYZWLCJ5UYU6 X-MailFrom: rgm@labs.htt-consult.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.9rc6 Precedence: list Subject: =?utf-8?q?=5BDrip=5D_Re=3A_New_Version_Notification_for_draft-ietf-drip-dki-?= =?utf-8?q?02=2Etxt?= List-Id: Drone Remote Identification Protocol Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: This is a multi-part message in MIME format. --------------P0sAqelYCxc2W0PaBHvj6cKP Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit This is an update with the new tools to make the DKI and the current test Endorsements and certs. It is a little rushed to meet the submission deadline and I may well have missed something that was REALLY needing an update and I may have not adjusted all references to drip-registries. So Enjoy!  We have orgs already testing with their own HDAs within the environment. I MAY get to review this prior to IETF what updates, but I have two other critical papers to write before end-of-month.  :( I will ONLY be at IETF from Monday noonish through Wednesday. Family stuff both weekends. On 10/21/24 16:21, internet-drafts@ietf.org wrote: > A new version of Internet-Draft draft-ietf-drip-dki-02.txt has been > successfully submitted by Robert Moskowitz and posted to the > IETF repository. > > Name: draft-ietf-drip-dki > Revision: 02 > Title: The DRIP DET public Key Infrastructure > Date: 2024-10-21 > Group: drip > Pages: 38 > URL:https://www.ietf.org/archive/id/draft-ietf-drip-dki-02.txt > Status:https://datatracker.ietf.org/doc/draft-ietf-drip-dki/ > HTML:https://www.ietf.org/archive/id/draft-ietf-drip-dki-02.html > HTMLized:https://datatracker.ietf.org/doc/html/draft-ietf-drip-dki > Diff:https://author-tools.ietf.org/iddiff?url2=draft-ietf-drip-dki-02 > > Abstract: > > The DRIP Entity Tag (DET) public Key Infrastructure (DKI) is a > specific variant of classic Public Key Infrastructures (PKI) where > the organization is around the DET, in place of X.520 Distinguished > Names. Further, the DKI uses DRIP Endorsements in place of X.509 > certificates for establishing trust within the DKI. > > There are two X.509 profiles for shadow PKI behind the DKI, with many > of their X.509 fields mirroring content in the DRIP Endorsements. > This PKI can at times be used where X.509 is expected and non- > constrained communication links are available that can handle their > larger size. > > C509 (CBOR) encoding of all X.509 certificates are also provided as > an alternative for where there are gains in reduced object size. > > > > The IETF Secretariat > > -- Standard Robert Moskowitz Owner HTT Consulting C:248-219-2059 F:248-968-2824 E:rgm@labs.htt-consult.com There's no limit to what can be accomplished if it doesn't matter who gets the credit --------------P0sAqelYCxc2W0PaBHvj6cKP Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit This is an update with the new tools to make the DKI and the current test Endorsements and certs.

It is a little rushed to meet the submission deadline and I may well have missed something that was REALLY needing an update and I may have not adjusted all references to drip-registries.

So Enjoy!  We have orgs already testing with their own HDAs within the environment.

I MAY get to review this prior to IETF what updates, but I have two other critical papers to write before end-of-month.  :(

I will ONLY be at IETF from Monday noonish through Wednesday.  Family stuff both weekends.

On 10/21/24 16:21, internet-drafts@ietf.org wrote:
A new version of Internet-Draft draft-ietf-drip-dki-02.txt has been
successfully submitted by Robert Moskowitz and posted to the
IETF repository.

Name:     draft-ietf-drip-dki
Revision: 02
Title:    The DRIP DET public Key Infrastructure
Date:     2024-10-21
Group:    drip
Pages:    38
URL:      https://www.ietf.org/archive/id/draft-ietf-drip-dki-02.txt
Status:   https://datatracker.ietf.org/doc/draft-ietf-drip-dki/
HTML:     https://www.ietf.org/archive/id/draft-ietf-drip-dki-02.html
HTMLized: https://datatracker.ietf.org/doc/html/draft-ietf-drip-dki
Diff:     https://author-tools.ietf.org/iddiff?url2=draft-ietf-drip-dki-02

Abstract:

   The DRIP Entity Tag (DET) public Key Infrastructure (DKI) is a
   specific variant of classic Public Key Infrastructures (PKI) where
   the organization is around the DET, in place of X.520 Distinguished
   Names.  Further, the DKI uses DRIP Endorsements in place of X.509
   certificates for establishing trust within the DKI.

   There are two X.509 profiles for shadow PKI behind the DKI, with many
   of their X.509 fields mirroring content in the DRIP Endorsements.
   This PKI can at times be used where X.509 is expected and non-
   constrained communication links are available that can handle their
   larger size.

   C509 (CBOR) encoding of all X.509 certificates are also provided as
   an alternative for where there are gains in reduced object size.



The IETF Secretariat

--
Standard Robert Moskowitz
Owner
HTT Consulting
C:      248-219-2059
F:      248-968-2824
E:      rgm@labs.htt-consult.com

There's no limit to what can be accomplished if it doesn't matter who gets the credit
--------------P0sAqelYCxc2W0PaBHvj6cKP--