IETF Logo Mail Archive

Re: [Tm-rid] Proposed WG Charter v2

Michael Richardson <mcr+ietf@sandelman.ca> Mon, 02 December 2019 14:04 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: tm-rid@ietfa.amsl.com
Delivered-To: tm-rid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E39D1202DD for <tm-rid@ietfa.amsl.com>; Mon, 2 Dec 2019 06:04:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w7JRV4TCnHhP for <tm-rid@ietfa.amsl.com>; Mon, 2 Dec 2019 06:04:40 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA5BD120073 for <tm-rid@ietf.org>; Mon, 2 Dec 2019 06:04:39 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id F02243818F for <tm-rid@ietf.org>; Mon, 2 Dec 2019 09:01:02 -0500 (EST)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 08214784 for <tm-rid@ietf.org>; Mon, 2 Dec 2019 09:04:37 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: "tm-rid@ietf.org" <tm-rid@ietf.org>
In-Reply-To: <5feb3288-b366-3580-0b1d-1134769bb305@labs.htt-consult.com>
References: <579d29aa-e3d7-9886-91b6-46641eb1f944@labs.htt-consult.com> <5feb3288-b366-3580-0b1d-1134769bb305@labs.htt-consult.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Mon, 02 Dec 2019 09:04:37 -0500
Message-ID: <22730.1575295477@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/OnUzMH73W_hcAmZSrhA-TsEA_Lo>
Subject: Re: [Tm-rid] Proposed WG Charter v2
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Trustworthy Multipurpose RemoteID <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Dec 2019 14:04:45 -0000

I am enthusiatic about this work, although I don't anticipate being able to
be more than a bystandard on this.

Robert Moskowitz <rgm@labs.htt-consult.com> wrote:
    > TM-RID will build upon the Host Identity Tag (HIT) from the Host Identity
    > Protocol (HIP) as an RID and augment it and supporting HIP and other IETF
    > technologies to add trustworthiness to the ASTM messaging suite. 

I think that this sentence needs editing.  Too many ".. and"

    > The goal is
    > to provide trustworthiness both in an Internet connected environment and
    > emergency, unconnected situations within the highly constrained environment
    > of UAS.

I think that a reference for the nature of the constrained environment might
be in order.

    > The Host Identity Tag (HIT) is ideally, in fact uniquely, suited to work
    > within this RID effort.  The Host Identity (HI) behind the HIT can be used to
    > sign Broadcast Authentication Messages, thus proving ownership of the RID
    > (HIT) and signed messages.  HITs provide significantly superior privacy
    > compared to other allowed RID types while providing greater assurance to
    > authorized observers that they are accessing the proper PII for the UA.

This wanders into solution space, and I think it would be better to omit this.

    > TM-RID will create specifications for HIP-augmented ASTM RID messages. 
    > Initially this will consist of additional RID Authentication Messages that
    > use the HI in public key signing operations: to prove UAS ownership of a
    > Hierarchical HIT (HHIT); to authenticate other claims made via RID, such as
    > position and velocity, as having been made by the owner of that HHIT; and to
    > provide observers lacking current Internet connectivity with locally
    > verifiable UAS proof-of-registration objects.

removing some of the solutions, leaving the requirements:

TM-RID will create specifications to prove UAS ownership of a
Hierarchical HIT (HHIT); providing a framework to authenticate other claims, such as
position and velocity, as having been made by the owner of that HHIT; and to
provide observers lacking current Internet connectivity with locally
verifiable UAS proof-of-registration objects.

I would have written this as numbered points.

    > For this, HIP would be amended to be used effectively in this environment:

I think you could put a period instead of : and omit the next three paragraphs.

    > HHITs are envisioned to identify all components in the UAS/UTM (UAS Traffic
    > Management) environment: UA, Command Consoles, Observer devices, and
    > Registries.  This will entail further work as experience is gained in using
    > HIP for UAS RID.  For example, some (UTM) systems envision using OAuth for
    > Ground Control Systems (GCS) and authorized safety personnel.  HIP as an
    > OAuth method may help in merging HIP into these systems.

    > The workgroup will need to liaison with the various SDOs working in the UAS
    > regulation space.

Please if you could list those SDOs?
Do we need to do liason agreements with them?  I would be happier if that was
part of the plan.

How will we engage with implementers?  I.e. how are we going to get running-code?



--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email