IETF Logo Mail Archive

[Drip] Discussion on Registries using RATS, SUIT and ACE

Adam Wiethuechter <adam.wiethuechter@axenterprize.com> Thu, 11 November 2021 16:56 UTC

Return-Path: <adam.wiethuechter@axenterprize.com>
X-Original-To: tm-rid@ietfa.amsl.com
Delivered-To: tm-rid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B58B3A0CCB for <tm-rid@ietfa.amsl.com>; Thu, 11 Nov 2021 08:56:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=axenterprize.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8ILmvowWRGXv for <tm-rid@ietfa.amsl.com>; Thu, 11 Nov 2021 08:55:56 -0800 (PST)
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2128.outbound.protection.outlook.com [40.107.220.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 425FC3A0D8E for <tm-rid@ietf.org>; Thu, 11 Nov 2021 08:55:56 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JblpvCdpfVYhi0udUwLtc+VY8ISwTw57pFqMiFoz1DG3+jPCoVJoRfaq+1hnm7NBciOTTbM+2ToEMRhkuzVq3+Oq52t5ksuoq+YAkLoq27R4JivvvpPUHKXD9/8uTfgqyO9HcemL+orntaInpUPHZx9cTeIZRcMwt3P1S9yICGPBYsp8otSA5XNOJBn0lQBPMKxQIxOBIK+xyNH+8w/3bzdq+iy0lD1pup5kwEIgYqeIKCoEcT0kjuspoQGYEYMkCrURoqYfWG1cB1XfOA+fuu0m9ShJ5sgHnwNOwVnmvRKVPwNhUAU/1gVVBQelo/U7bpdrDzNC/BIj8boHp98+EA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5oJkLDmWXb4Km0JYTls/Sau97Y1CBzhuFN7AD9qvC7I=; b=AXff9lGDug/X2fzFbAZLetuON+amw302cyZbv+hiSvuRta8lu+Q0DTq0CzIFbLzZFES/UEdpgGwWnkVnXPqXXZMob0YEu6qcfS4mmXP6RdUqlfU82nksf8HbRJtJeCXS8fR8c093AefKw4MrAy9cemnZee0Eai736sWUGPPzUWg2hjfOjuMNsP6TIckcoC12KYUj0oyLBbnVra4UdRKc2VuxTsuHWS83IyovHTUJXG2c7OGGMgwf7IRYB/bWB0IFspJBtcMiET7sqPxJr83SoVLNlsJK71dfVdN9ozQ3+4dZx/+r8sil0rgBhxPCz/YjJXgRDYfHQ3cUKghrSi4pDw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=axenterprize.com; dmarc=pass action=none header.from=axenterprize.com; dkim=pass header.d=axenterprize.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axenterprize.onmicrosoft.com; s=selector1-axenterprize-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5oJkLDmWXb4Km0JYTls/Sau97Y1CBzhuFN7AD9qvC7I=; b=FiPcJM0O5TG5IRhHjkivspYIiFPR6rbfl4W9YYmOqEM9/Ek8ZhPWE0FO7yNZSv6m12WrcUglxyl/clHVaPjkIT13AkizgXJd/F80WiCasDFzZsvrQ6nLGHLFVEkyfPgLY4pkz/hujKNME9Bin1C2nA15bnS8qPLwUKgwWeqcNzA=
Received: from SN6PR13MB2446.namprd13.prod.outlook.com (2603:10b6:805:5f::26) by SN6PR13MB2446.namprd13.prod.outlook.com (2603:10b6:805:5f::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4690.9; Thu, 11 Nov 2021 16:55:54 +0000
Received: from SN6PR13MB2446.namprd13.prod.outlook.com ([fe80::c0de:7b61:1df3:ee2b]) by SN6PR13MB2446.namprd13.prod.outlook.com ([fe80::c0de:7b61:1df3:ee2b%7]) with mapi id 15.20.4690.018; Thu, 11 Nov 2021 16:55:54 +0000
From: Adam Wiethuechter <adam.wiethuechter@axenterprize.com>
To: "tm-rid@ietf.org" <tm-rid@ietf.org>
Thread-Topic: Discussion on Registries using RATS, SUIT and ACE
Thread-Index: AQHX1xk6jcJYMvEQr0O2R6gzcgL2BA==
Date: Thu, 11 Nov 2021 16:55:53 +0000
Message-ID: <SN6PR13MB2446B7D3044CAA7BD19F0B5388949@SN6PR13MB2446.namprd13.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
suggested_attachment_session_id: cf813ec2-3177-5845-06b2-669ba7b8d1f0
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=axenterprize.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2144c00f-b714-450b-ec91-08d9a5341fea
x-ms-traffictypediagnostic: SN6PR13MB2446:
x-microsoft-antispam-prvs: <SN6PR13MB2446D309BF7DAB75E14A434188949@SN6PR13MB2446.namprd13.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: cqIl1OEQxZIEq165LjE65NfeyM5JWL+xxZ0m/28Q9cktj2mbcfRtoQ0uv2HNZZCC93v2RnspB6xbisG/q+vIW1mLAuS72jFDN9/dGMqMN8iAHNtD6OJBLNOuzhV99AZG2u7BZuRFAfrO7bWUJyzG54d9D0FDZAoUF71MCk1GVEUC60jGDFwtaVaG2sLMXQMRfjpFg/TCaWJ6m9YyMZTuJmsFpw/WrU9XK4lVxNQXU+VKCkhCZpHBPlDvAuwhJIx/NigASkd6pG7T3MElCmMotJFZ231cktRVo2DUIlF+giLhmTmarm69Nq6Lu63ZdUdv5/7LIzz5OoC+62Wd9jyGh47I3fehxkQoRdLXm0/Vc5QfdW4FHriJoApLNX/fLpvtXF0KOTE/2bnV0RU3/HKhsKMy0jPBgP/OqlTSHggIatRUg0BcRV5UcOT2IFlHZUL5fKI+SqmVukNkwY+lLT/lIFn0xqQjOUpT6dXIeSBwkcUoVNELUuZBni6HqiyzqWvoXVsk3VXNT0bWK0yD7Nnxo3jvxtaTl9/+eB0aMS3fpC8gmEBKObn5sInhAOV3ADv8T6j+eElLS6Jl2ZugpO7vZWidrel4s8UX1IkPDPnbiOoh7EoGyO2gNmD0rlCrV6snQuRq+bqgWxzR5IGozxX/Rka8HJndjct6NlXS85cYV9sFF5AAuU3R+BNU0CuWXAWi5Psetuq2OP5nrwGli4dezw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR13MB2446.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(39830400003)(366004)(376002)(346002)(396003)(136003)(6916009)(83380400001)(44832011)(122000001)(5660300002)(38070700005)(9686003)(55016002)(316002)(38100700002)(2906002)(86362001)(19627405001)(71200400001)(52536014)(186003)(66556008)(66476007)(6506007)(66446008)(64756008)(8676002)(26005)(8936002)(33656002)(7696005)(76116006)(508600001)(66946007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: cG5fi2PT1IzTwkXBipuUqJgNqrt+HgG3czStBcm4YsKqQtnxaatfWv3uMB/ZChdF6sv7uRN2z77Ise83vHjR/OlpaPD9yxUUEmAE6FE/HHCeRCiulwVNxgZvWDEVaRzM0eIyFkIkebDSZ+pgMu3LM3q3BInm8AOP/GN26wqokwM9w65KvP1xGnHX85im/Hu+YmemBuQGo8+z39y1M88r6T5plSlc8qrRLcDZqV+L1NCjcMcs9ZHqJRrLLxVUrT4MZ92sQgy8GNsD76J1Rpdwj2nDz71tAwtESCZ4MQgcfF/bNC1wljB6oW8H9VdogCpjGLZb/7F2cOi0JWLBee6/ajIMPEw5kE1SxnxEvV8yXUp1N24HHNA6KV53AIzXCjKmU9sehr8wtQ7SphpRJyPKbuAM2aXcLnB5qlmIqk0dwG43qWH6+hP8oHEdMs/sDYWVsVGT5Yf6rqCqHLpkr3jeCuGJwL8O4AVcUOlIWLvW5GUV2TthLkjWUFE6BTgxbvA7cyd2isH937NlsR7Xm6cg4hI7LAzi1o8NWf90q0vg+mftqms+f3WgMp/LgZ/FW0JpcFLms5IIkOgYrmYmmzzgLYIMPS77SX0NLRdt3ZUqCXw/40vL4OY852BTdrQDlK06MPMNGPpYDK5TskgE8/LKcSTMMS7Fr46rJDfgNGmT1nVC/ORcyxwMb55yhwXI5GwGu1OYDUa9rq5o5McoyVLeuS44bYwMuzF+5y92CoAcvNKQ0uGfexBxAte1NegbFPkuyRqchr2FsQiY00TLfwAcK2+n8KWeJeGrtAo9Dlsowv9cjIfbjRYhY4/UhTK8HKm0TmXKpR3lweGkNzm8x4I1/5Tmqpo8gdm4Vqjdj7ccF0DIOsAPfMDdQ6MrIO/QD3sa3Bcfg8zseKcQPM5g8NCxIamH/+O2Eqq6pJUXBGexw6gAAizYNNRYqJsmpGJMjXA7znCO9quaR+rvqaAScSPaLLPjSxtPeheToAjtrfP0wD2OIeAyfZ1/mpt8/V/u/tX8NzzL/PUv4BVOT6tRglYGylnvntvKc47Fog/bVoKri3m9eEolv0zi3sFA0Un/IGxVW6XICA0dNgczEuVY3rckeg6uYcVhUMZ7rmfzXoubASsw9XztJ01c6pR2AyfRHUPNHkxK6/Lxfsy8rRlzZTksZdh6bYqimYuJNbE/qw/NPyQvCaLziJbtwovGSC3Sq5b1YASSSGQZ0F7UxYyEg16vy/7WbMmpZefmTLGn+Y+mu/uwdzdfX3yT9j3s17gdRPsTP+YS+2ERKYWQI6zzXqKu1imAbA6r9L+TaH3xF5Sy4H1ZMhIGDfboDFdehuJoE1TJWLSHBa2rL2JxgRXvNDigJyvPWhWeGvbFPO2mrK2imnt0EFe5RU4RIwXWgGORobep+WZK/9MfOoVcEFvBkSn+8myNqJgz9IV8YBxOW4aELQIqlPrU1BPsKEkQTSiPFNJWCR5SbocDslq3TYJ2kF3ymToCzI8+WaHmc/3b+DbJvaRIyh9IwfxYvhcuj+2HpCn9DuW2gpbRgegnO/4SsBuOAxXarICB8gBJ3gLjefCncfCdCjNJ5U0UtEIc0MT1XRjhQ5KAHRChXpsUr6tva5c3o/Wc/RMwJoE67+VdCr5XLzkPP+wQGwaynP1lQb4eQtd8UWUwtq2jCxSbJZ7gzSkGgJ+gA0nxVPgX+UGz/AREjTFrPzRuslylkyEQz5Omjdcd
Content-Type: multipart/alternative; boundary="_000_SN6PR13MB2446B7D3044CAA7BD19F0B5388949SN6PR13MB2446namp_"
MIME-Version: 1.0
X-OriginatorOrg: axenterprize.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SN6PR13MB2446.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2144c00f-b714-450b-ec91-08d9a5341fea
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Nov 2021 16:55:54.0039 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 00ad0178-ead0-441e-96ff-0c72baf3a6fa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Cvp2ix4j9md7C0K3GDDcpU3WDYyCjcdImIzd3PJbuO2F9GYAq9KyDH20VlHrFqg5TqOMWvEXwJNcpngvQxT1bJqIFIlnFp3memTNIqCip01m/sLTPndzChnh4HprMjV/
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR13MB2446
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/tJ2C-R01h8WqbcDlZ2p9x8PaEIM>
Subject: [Drip] Discussion on Registries using RATS, SUIT and ACE
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Drone Remote Identification Protocol <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Nov 2021 16:56:01 -0000

All,

This was brought up during IETF112 session by Robin Wilton (?) as it may have some good synergy.

I personally think this is a good insight. Previously I had considered it but without a strong sense of the interactions/parties at the time decided to shelve the question until it was clearer. When Daniel asked the specific question of which entity in RATS it would be mapped to (Relying Party or Verifier) the collective answer between me and Rob was "uhhh".

Here are my current thoughts:

I am more familiar with RATS and SUIT than ACE so I will discuss on those points more specifically.

RATS is mostly likely too heavy for small UAS (sUAS). They most likely won't have such ability to perform attestation anyways and the manufacturers would be reluctant to add such ability into their low-end/low-cost sUAS - in fear of increase the cost of the product. The only thing I foresee is maybe SUIT being used to perform firmware updates - but this area I am unfamiliar with what is current anyway. This is speculation of course but I tread cautiously being unfamiliar with what is available and how fragmented/diverse the drone hardware/software space is.

Now for larger UAS the likelihood of such capabilities, to perform RATS and use SUIT regularly, becomes a bit more obvious and practical. UAS like this are custom built for a task and cost significantly more. Those customers are more likely organization that have the infrastructure to support such things - where sUAS owners are a typical citizen so the infrastructure would have to be provided (for free or at cost) to them by some other party. This means that the provider would need to support the many different methods manufacturers implement - most of which will be low-cost drones without such capabilities.

So, a potential way forward to me is as follows:

The current draft-wiethuechter-drip-registries should stay somewhat generic and define a baseline standard to perform registration. I propose that the standard moethod is using EPP/RDAP - which mostly uses HTTP and other well defined and non-intrusive methods. The draft also outlines the overall registry architecture. A new draft specifying how RATS/SUIT/ACE can be used. It would be more of an extension to the first document - allowing a different interface that gives more trust (always a good thing!).

We could in theory tool the current draft-wiethuechter-drip-registries to be more Registry Architecture specific (perhaps rename when we adopt?) and have two "implementation" drafts: an EPP/RDAP one that is required to be implemented (in the Registry Architecture) for DRIP and a RATS/SUIT/ACE one that is optional.

Overall, I see the value in have RATS and SUIT in the registry discussion - the question is how and where we bring it into play.
Thoughts?

--------
73,
Adam T. Wiethuechter
Software Engineer; AX Enterprize, LLC

v2.23.0 | Report a Bug | By Email