[Drip] Re: Trustworthy Air Domain Awareness Document & Paths Forwards
Adam Wiethuechter <adam.wiethuechter@axenterprize.com> Tue, 25 November 2025 00:42 UTC
Return-Path: <adam.wiethuechter@axenterprize.com>
X-Original-To: tm-rid@mail2.ietf.org
Delivered-To: tm-rid@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B30308FE18F6 for <tm-rid@mail2.ietf.org>; Mon, 24 Nov 2025 16:42:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=axenterprize.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MffWtIiqxvb8 for <tm-rid@mail2.ietf.org>; Mon, 24 Nov 2025 16:42:24 -0800 (PST)
Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11022123.outbound.protection.outlook.com [40.93.195.123]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 675678FE1869 for <tm-rid@ietf.org>; Mon, 24 Nov 2025 16:42:08 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=YQ8KB2qXDi1lDq0L0ElCudlBjWzXmJfN89XJTJGrqq+OYOsjwn82Rj7L3CAFJ79wBgR8rme8L9sRJyGnseVbOy0hQ6nlu1y5FxMmdjOt8jRRstnJnml86lP/+Krnkp9ZKBrtCMoZCuY3jLBE21Ae+Qv9ttkiOnGugLh9v5HNyxKZBkcqnOkVLbXTU4aRE85QoDi88nFVheoZCl/OExlsqviHfGLhg4TQJhLft70DkRrE1V1wFVzc6X3yV+PFgVvWiVA5uQL2ZwiP4hF0HtNCmR+D/BuPVcoGl2DDpkgeXdchWtIoVq42JcOok/cxQ6JUpbVDylMTWRr5ONtACce2xw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=cxXpkQeOmt1zZ1giDIAoQJMP2xuVg7DWau+RyueFUKI=; b=TEnJFHZPQlnuTcl162qUJSG+mU2Ts4auPm1+l6SZjGySd6mPUHgK8DJRTjqwPzbBZ1+jLlWwJDvqP8mtfMLpi6e/H3e5bIueMb0JYip2nSs29dEES7++fcmRHd3VQljXwIsOzfU/8gnUCVTvmNmaYlgHMY8AqeP/Ta6ksDJWqA4yYetd2vnG/DgEe2Z+gpInshDJcsjO6sjgWn/3xMgw73IuN1ij7wxnAfpiE7/gRkjPOWfEG8dLYFDCMkWDv0F1ajsRijAjoT/VKG69oWPzR94AKfjxu5sAcbgomL3qTzmI4FNIi5QBxzfS9IclUMvGCofs8qkeMktiJqWwtXbJdQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=axenterprize.com; dmarc=pass action=none header.from=axenterprize.com; dkim=pass header.d=axenterprize.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axenterprize.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cxXpkQeOmt1zZ1giDIAoQJMP2xuVg7DWau+RyueFUKI=; b=p8szx9q9AATaBs4yuK0D7N0jIqVzzdh+ywJXtWopx4ZT/P8GqaXudMvpxOFd/Vk9EaNSS9dRnRhbMSArRPnbUR0gNx9N77A0P7EB84ESrbqvKbnfeyULMoLirNOOaLQWmiHwo9Yrz7Srm0WIQD85TnZfxqGV7sTBGXKc4JjWa2w=
Received: from SA3PR13MB6515.namprd13.prod.outlook.com (2603:10b6:806:398::14) by SJ0PR13MB6073.namprd13.prod.outlook.com (2603:10b6:a03:4ee::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9343.17; Tue, 25 Nov 2025 00:41:58 +0000
Received: from SA3PR13MB6515.namprd13.prod.outlook.com ([fe80::67ea:c40e:769f:aac2]) by SA3PR13MB6515.namprd13.prod.outlook.com ([fe80::67ea:c40e:769f:aac2%7]) with mapi id 15.20.9343.016; Tue, 25 Nov 2025 00:41:57 +0000
From: Adam Wiethuechter <adam.wiethuechter@axenterprize.com>
To: Andrei Gurtov <andrei.gurtov=40liu.se@dmarc.ietf.org>, "tm-rid@ietf.org" <tm-rid@ietf.org>
Thread-Topic: [Drip] Re: Trustworthy Air Domain Awareness Document & Paths Forwards
Thread-Index: AQHcTsIoJI3k/1F7VUWUe5VsdSjZ8LUCT+eAgABWFFI=
Date: Tue, 25 Nov 2025 00:41:57 +0000
Message-ID: <SA3PR13MB6515F7A78E7D14B39A285E9A88D1A@SA3PR13MB6515.namprd13.prod.outlook.com>
References: <SA3PR13MB6515EA7B7B4AD0B6B2176F4A88C2A@SA3PR13MB6515.namprd13.prod.outlook.com> <0348b037-b689-44e5-b16f-1d5aa7615f54@liu.se>
In-Reply-To: <0348b037-b689-44e5-b16f-1d5aa7615f54@liu.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=axenterprize.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SA3PR13MB6515:EE_|SJ0PR13MB6073:EE_
x-ms-office365-filtering-correlation-id: 68e4f1b2-7d09-4253-525b-08de2bbb707c
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|376014|1800799024|38070700021|13003099007|7053199007|8096899003;
x-microsoft-antispam-message-info: 4cHak/HmBzc3Meq95HMjH5+FXkNfzHN0SVPT2EePtZAzDTCdfvhSxiJngyWG3c22hCc80znIVEm5kmwe1sUcqLkwMLepkICa+JVLbgQK7ZlDVcv2XKJpMnZCvZXZ7LP1sCdKTnk19fLWF8X9cjpbRvqgEvGSIbgakkfp0zsv+/jAYK6j4ALkqLVaqH8yZMQ8H6CjLj1D1nPgAKYNANxMd0KsFSmFHrWTZeOv/h6H8HRn9ii7hOUfrntB9zNVdG/ax00uNMNzaGUE35/LY6jTx7tHiLQlmTtA25ZK5/RfsSlXibDh7jGwOcaUwUKDNjkZiMWaPqiqvBYoFZkB1zSEJuRl8Pm+iQpzjsEAq9FvHLMVpndEvwYuvn02DG8eM1JUV6vDEXVHBDI4QqJIEmqesk6XuCSQFemo5pB7M3onwQuwimaox8uXw9BDZh5vRNljAhhx2LoPDorZClqd8AZqmMNvTKXYDhZlocLo6iCLTDFuuUbYvVhX87LA5lhoWsEm9oXRRZH38/WWP/wn8en2mbn5OcSaowgoZT+0utJjbc68zYnKrIFwEBgecDnjyVVZaKuGNhjV49XsD84Qrjo+P5UVGVA/AXLBoB2nZ59bfgz9JUHveLj9qDeXZvqitqKPj7iGdHdTaojFf6bdpJZjCF7/Pi+L8ZPTKw63GkPxsHbiP0kapDoYEj8veu2N8JqNP01xngjsXPe9SJ53M3IzCvHxaJhzRgfNbb3aRIPgbMZL7aPucvcZdu/6jL11HEjstUvGd/RMYd7hKrFg1/orx8rVb/aETaCsue8HE4TsRJhPglmvSgCLbC1+AK73HqIAZeWrVlM1IAFjGdqGGB2fKq/hqtGXedhkkAMeT2TOQqVmjo1T+UVPWPC9DHETgDgUEG+VcS9WFbiyEp0/u+TlurdhJFlPqmulSihoQect/3CRO1PYZkI+vYAT9rtJi7Cy31AGhnciHbfp7fYcFVQAm9LCQZmeGNdLUWPv3du+4KSG4xDPsSnhLYL2S8H9+Bd07iFEq6nPdGlkw3gU+tz9vAQ9uzAlKCiWSiKGvFhCFXwamiB7c++VuXl/HLkrvpsmeOEJDi4dZ1wTogshapYkctkS8B2OSqJ8Exbz3E9JFRXznpRmV0DDEgmIGsCfi/G5H7NBW7XSqIT/TiqCXlqan34a2bYCrO97Icjn01O35LbK1qiyQH3A21gIGjF4P9yoh//ixfsNL9+v5F++5rRDebdjq+7/acWEmLWy0W3FBl6FOUFWXVGVdl1YRyBOdulimeqphEmh6bU7CFwhzJTeSxoCF4PfjqIz2aTKamz32dfmhYpnxVnFRz/qcVFiAx06R4sjKsB4qBcNKxCl+29h3dVOg+CPHiBWU2GuoNyxJ7hX5SkAvm6M7pWuaXiMro4oeliP/KBCxcCTLQ/iI5E7GmRG7vlj39gG/79ZB5057kEWr4+X5O4s2PVYTbJITm9zE2X8dGNv3ZJKHR+jpqYtY4yKrGJlYhgX4XPn2nKpgWzXEungh8+3M8UkyQzUkBk6
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SA3PR13MB6515.namprd13.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024)(38070700021)(13003099007)(7053199007)(8096899003);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: W12k2m/kW4Z6+BL7a/UwamVzYq9QN9ILU5uY9h5p645g6c8XO2cbGVoAVyjwCNXD+lAeTYyr9QCF4uHw9mTE7WhEbuh7oO+yO/OirRM+fOV4YSZDBm4fgdFchQKOcFKE/O+wQ4JZSaQNz7bQFyFsN0KYALK664vuWXN/IZK5XmGRkUAuBQfWlDe+PPQmw8/98TSE7FKGNFUgHs9UFIxLLC6QL9HaU6bGjzS+BFycHmPL/YDqMO+uGQa8GIJJCObMhBSZKTULeIWtlJIwMhQiUZLBTdmuDFxSik1EXos2PdZnGiKJF/Qnp4vMl/RnJQDHWvYVBfbztRcJHafv+RA1R5EoSWBDtkO6pwpniP6Dq8W8MrhziA79zhUUbceKcAzeF9Or6WUo6H+xFT88dNlYiB/XdiI2cQPjA/ccgMOc8dKbyF5NwXJphIGjf+pxcPgMwtQBN5d3NKp+h0WC6ZuB9JljyWpSnyzUO4UTvkAScfPPI79jLnHq291q4Z+p90jEKk6v224IRfA3nAyg5MsClsm8W/Lg1yK5P6WBSgBNPrm6E1piBWRwqg6YXiCK7GsClL+AHfdNJGDGhkQ+UrnhOoJPo8fdYaknGEbpkijz6CBosDLIx3s9YEbnPpQ6VYmikegMFHjUBLbPlTkwwI7rklFShReKAfDWTzpYWDx4YLtFvWqOVGeV+j7+lQESqEv2DC/BUORrgOqlpWSkoEk7Oa+f/3qU47dpvNA0v5yZY1qNN66jKg8Qf+g5sbyv8mTVyqYBV6pwRssLpblRBQnHvhjTQXKZWQQ+USOCnMFYFT8YOYyrILNhC7Q5Znvsc+lOASAvqOVT4dI9wqgovSo4qGBJPM+jZzT71rC5xet+Tm1uD0akdjx1h5TmNwzuNje74yGkBQwjcphyIdf27g4AeeOjurG0hfTE3uYrHHXYbgiYKK2Ur3LIF7bsPPxhy9qqTVfUmv4gE+0oKrsKfd0FWg+vj1d9juf76U62jVnQCYrc8A4fSsMRGwc7Pnx8Ezii2XbFCK3GsvIXGlX8r3it1SW0qvr8uw5cx56piZuL8VAJKGOMTd1YijpZiyGBcFXQIDQMGcfsnKv9Yt44NuLO91l9o6GXvEc6n4pn1mRocOVFiq5ucL/So/8IUNPlG7KktSkZEo9X1TlfZEv0S/6AoOZetO3pie/Au4RdaJgF7/b3j9bRSnGe6EjYcsS/RDs+JWB2tUIpwcG9j1Va+Nze6c7oy3bUu62zGGvmQYthADn4j5chSuRjIJTIszQB5ppY4QGRWMON9o69A1ZT38xmttg4Tgtog/pXWtRwQuXZ6rlWql1/mnf3+2AFaf+4eN+FTSQyMnvtIosbYemu4grFtHZ/JCEPG1i9mqDoleWLMQEDH4tgMGCFrlt6ebF3IY5B6SaDLd3JYcdbwvEraTTXK8naP15RWp9uNOynmeRfKTwTDDhisx7hSvIFw3Cb/sLhVAc7g8JiNxnI3zOBB7X5pyvYWOH0wZC5OsytUs42lmIDlSC+o0H2SOTeGy+dbNq2QJR8KqxHObhKqyO8K9H5W7EmjKtEl5scKxLtRDgYs7CQgh5P+1WCc+28bjrzPUzPPVYMaQENp0dKhAQQhEDUgA==
Content-Type: multipart/alternative; boundary="_000_SA3PR13MB6515F7A78E7D14B39A285E9A88D1ASA3PR13MB6515namp_"
MIME-Version: 1.0
X-OriginatorOrg: axenterprize.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA3PR13MB6515.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 68e4f1b2-7d09-4253-525b-08de2bbb707c
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Nov 2025 00:41:57.8709 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 00ad0178-ead0-441e-96ff-0c72baf3a6fa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 15Bzy1+NfHId+k56xRAMlKXr7mytI7/mGJ1u61x6w/gQ5GUK98rOKGDb+2/ahh2dgfS+qYl8TvtZ41oOuLcA8ADv75mE34hhmWwsT9wW6Rykleec3nrINSEl9UyxJ/1m
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR13MB6073
Message-ID-Hash: KXBR6GRY4PCIQKFFMJXWACTTPUMEEDVB
X-Message-ID-Hash: KXBR6GRY4PCIQKFFMJXWACTTPUMEEDVB
X-MailFrom: adam.wiethuechter@axenterprize.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Drip] Re: Trustworthy Air Domain Awareness Document & Paths Forwards
List-Id: Drone Remote Identification Protocol <tm-rid.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/dbEWUPdsyZsqu4wdAElcL4Kjbqw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Owner: <mailto:tm-rid-owner@ietf.org>
List-Post: <mailto:tm-rid@ietf.org>
List-Subscribe: <mailto:tm-rid-join@ietf.org>
List-Unsubscribe: <mailto:tm-rid-leave@ietf.org>
Hi Andrei, The Endorsement structure defined in Section 4.2 of RFC9575 is a generalized form, meant to have the Evidence (i.e. "child") and Endorser (i.e. "parent") filled in. In a typical deployment there will be at least four of these "Links" to be broadcast. Appendix B goes into detail with an example on including broadcast of all the Links. Child (DET + HI) = Evidence Parent (DET) = Endorser RAA Authorizer RAA Authorizer HDA Authorizer RAA Authorizer HDA Issuer HDA Authorizer UA HDA Issuer Note that this is following the model proposed by Bob in the DKI [2] where there are the roles of "Authorizer" and "Issuer" that are added. It might be wise for the DKI to add to its content the explicit Endorsement contents being issued as a given role. This should be reinforced in both the Interfaces (where DKI is referenced) and CONOPS (where both Interfaces and DKI are referenced at a high level for aviation use) documents being proposed as the breakdown of the TADA document. -------- 73, Adam T. Wiethuechter Trustworthy Systems Engineer // AX Enterprize, LLC ________________________________ From: Andrei Gurtov <andrei.gurtov=40liu.se@dmarc.ietf.org> Sent: Monday, November 24, 2025 2:15 PM To: tm-rid@ietf.org <tm-rid@ietf.org> Subject: [Drip] Re: Trustworthy Air Domain Awareness Document & Paths Forwards Hi, Adam My students implementing Auth draft were confused what means Parent or Child DET in auth messages. Could not find any references to child in TADA document? br Andrei On 11/6/2025 4:33 AM, Adam Wiethuechter wrote: All, [1] is the TADA document mentioned during IETF 124 meeting during my presentation. It covers a wide scope broken into four major areas in the following order: * UAS-specific ecosystem players and their responsibilities * Registration (Web Token/HTTPS) * Query (RDAP) * DKIX (extracted and reformatted from DKI [2]) What I propose to the WG, and solicit comments and feedback on is if this document should be broken apart as follows. "Registration & Query Interfaces for a DRIP Identity Management Entity (DIME)" — an extraction and reorganization of Section 4 of TADA, this is standards track document. I have attached a working copy of this document that I believe is fairly mature but needs feedback, another author (I have a potential candidate that I will query tomorrow at IETF) and needs to be properly implemented and interop tested. The DKIX appendix would be removed once decision on DKI is made. "CONOPS for using a DRIP Entity Tag (DET) in an [Aviation/]UAS Ecosystem" — an extraction and expansion, to maybe include AAM/UAM concepts, of Section 3 of TADA, maybe some DKI (?). This is most likely a standards track, informational document instead of a BCP as discussed in the meeting - will continue to solicit feedback at IETF the rest of the week on this as well as here on the list. This document would be reworked to include relevant DronesQuad criteria and submitted to them once a mature draft is reached to solicit their feedback on if the document when publish would be endorsed or not. I have attached my working copy of this document after the sections were extracted from TADA to make it standalone. I have at least another author in mind (will be discussing that this week in person), but solicit input and invitation for more contributors. "DRIP Key Infrastructure (DKI) & [Aviation] X.509 Profiles (DKIX)" — Bob's existing DKI document, Appendix D of TADA re-added as is to replace Section 4 of DKI [3]. I have largely stayed out of Bob's way on this document as PKI is not exactly my expertise but did lend Bob a hand in building an implementation [4] to create the X.509s (and C509 validation test). As a slight variation of above, the group could merge the CONOPS and DKI into a single document. I would think it be wise to keep the X.509 profiles out of the CONOPS and just be a reference, as a lot of the DKIX requires context of the DKI to understand the profiles, while DKI gets very specific about Certificate Authority (CA) operation and requirements to run the variant of PKIX in an aviation envirornment. So the above layout is my suggestion to the group. This also explains my "[Aviation]" notation as the DKIX profiles are not just for UAS but built for general avaiation use for ICAO as referrenced in the Doc 10169. Most, if not all of the DKI work is done IMO and just needs review under the IETF. The majority of the Interfaces document is complete and needs to be sanity checked and reviewed/implemented to find any holes or issues. The basic design of the registration is IMO sound. The data models should be looked at carefully and aviation/UAS specific keys should be identified and added as an appendix. CONOPS is probably the least mature document of these three proposed but also probably the most susceptible to outside influence due to its intended scope and use. The test present in the CONOPS has gone through numerous private rewrites over the months as I struggled with trying to find the best path to scope and be useful. I hope this gives some better context than my presentation on what is currently being worked on that is most needed to be considered for adoption and continued work. [1] https://datatracker.ietf.org/doc/draft-wiethuechter-drip-det-tada/ [2] https://datatracker.ietf.org/doc/draft-ietf-drip-dki/ [3] with this merge I would request that the formatting of sections (and their ordering) from TADA of the DKIX appendix be kept as for me personally it felt easier to follow. Review of Bob's draft and direct comparison would be good for this. [4] https://github.com/ietf-wg-drip/drip-scripts -------- 73, Adam T. Wiethuechter Software Engineer; AX Enterprize, LLC
- [Drip] Trustworthy Air Domain Awareness Document … Adam Wiethuechter
- [Drip] Re: Trustworthy Air Domain Awareness Docum… Andrei Gurtov
- [Drip] Re: Trustworthy Air Domain Awareness Docum… Adam Wiethuechter