Re: [Drip] -auth issues/comments
Adam Wiethuechter <adam.wiethuechter@axenterprize.com> Tue, 01 August 2023 00:47 UTC
Return-Path: <adam.wiethuechter@axenterprize.com>
X-Original-To: tm-rid@ietfa.amsl.com
Delivered-To: tm-rid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A46DC1516F8; Mon, 31 Jul 2023 17:47:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=axenterprize.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xcp2kJ0Luaba; Mon, 31 Jul 2023 17:47:40 -0700 (PDT)
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2116.outbound.protection.outlook.com [40.107.94.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3C2AC14CE22; Mon, 31 Jul 2023 17:47:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hOgnAEKOFuTEkpCsS63ymdWEvk94TUeAWtEUBT+TglkujmqqkXhXgoVvj2tKTbqWh7CXxY+W/Wl5n/JYXm2qq0cTO9QpiRvrLL/+kh5pHfqWng/FTpk+SAh9CCwbCjXguP8FMUp64z9JeOnpjej22FV4n1P2U2nJxyudhd66jkPV7NLBSITLqlGt64yA/tMU4AU61giRABok78HIyXjLL6bgV3IQIuMFL+KNkaIsmNBPrJD35912QhOJhCPsavYgv2KXrgUNz5H3XJ2vxfsE1dmQVS54HOiIR4vNTxEv7fPcrDY/42NfTq5ZNuiNV5qg0kYDS+c/b3Eub4I4KErvVA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+0o04Lu4r7yJKFw8KkW7wEbEo4WEknKuBltRrENb6YI=; b=jZS0vCCdVYxEXa+fQX+O8F1ILXVPrRnePISOAJFUg4PWvRvrpC9eLocJQ1lodsg1NvaHrBPGrlc5YTTp7AIFKkZaoSMQBN3MiecojFDDH62NONyMUINX9NrDd/tXvhpajbg2d1p7th1VQ+SkfdTKg6BMkJcW3mQeR/JU9aNha7y/SHQbmUZasIO1jwAj/F3+esrBLB0Y7uMDFF5spG7TF4gzJ33c48Cy+4dl/Elg2i23wIM/GybE0hsg5TlWTIXKc9CEfOJpX8UwJER4s0odRqqzzWCfN0Kp7WLrjqhS5SFFJdoreSESJSE9NZFJTwyLwpXQG/kE6BK4ygAufF6eMg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=axenterprize.com; dmarc=pass action=none header.from=axenterprize.com; dkim=pass header.d=axenterprize.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axenterprize.onmicrosoft.com; s=selector1-axenterprize-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+0o04Lu4r7yJKFw8KkW7wEbEo4WEknKuBltRrENb6YI=; b=ZMvSfUyfBgdpJdP9acMxNk9JhbMQdoDeVRcU+T1rLZivOlCQIaZo3Ba4xcgil/GcwGrWlsvpiU2/YB7iirCY6KSJ1s1OkXn3fg6fwsWbZkYbTHM0FyFkULBTy84wkeIrL85AQe/jAyHJywvdrqclY/fv7g0wopYHewMZgRxQqN4=
Received: from DM6PR13MB2444.namprd13.prod.outlook.com (2603:10b6:5:bd::27) by SN4PR13MB6021.namprd13.prod.outlook.com (2603:10b6:806:208::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6631.29; Tue, 1 Aug 2023 00:47:37 +0000
Received: from DM6PR13MB2444.namprd13.prod.outlook.com ([fe80::6f48:1556:d0b:bf2c]) by DM6PR13MB2444.namprd13.prod.outlook.com ([fe80::6f48:1556:d0b:bf2c%7]) with mapi id 15.20.6631.026; Tue, 1 Aug 2023 00:47:36 +0000
From: Adam Wiethuechter <adam.wiethuechter@axenterprize.com>
To: Stu Card <stu.card@axenterprize.com>, "draft-ietf-drip-auth@ietf.org" <draft-ietf-drip-auth@ietf.org>
CC: "tm-rid@ietf.org" <tm-rid@ietf.org>, "Eric Vyncke (evyncke)" <evyncke@cisco.com>
Thread-Topic: -auth issues/comments
Thread-Index: AdnDsKqoXxuKJcNySfaq2EULn+5EywAW9T0m
Date: Tue, 01 Aug 2023 00:47:36 +0000
Message-ID: <DM6PR13MB24449FCA18999BF6BC76F2C3880AA@DM6PR13MB2444.namprd13.prod.outlook.com>
References: <MN2PR13MB420702588612743231D8BFD6F805A@MN2PR13MB4207.namprd13.prod.outlook.com>
In-Reply-To: <MN2PR13MB420702588612743231D8BFD6F805A@MN2PR13MB4207.namprd13.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=axenterprize.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR13MB2444:EE_|SN4PR13MB6021:EE_
x-ms-office365-filtering-correlation-id: bf3f2d3d-2608-4c79-7b0d-08db9228e6a1
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Vr6Lw21bP683WJK5L8U0u14UOnriieLIuHbpaXL5xkjiTmPigUd6+uJ370UzVw4Y85iZewWgLbQ/cYJcbdOflIjzEPwpkEUPcl5SugFzrUMGyca+M3vHjseAoIOoZpGgBWEiG69SVUPKLjTzeB0lenRrnLOj1i1KAwJieEP3KhergsOtlNH7VHqVg7NILh1IDFbDII2H9H0l6AqegwLIefn8jbjGqowDTXWYQl2rfmOHOg7d7FCIpWY8Eapf8iwCYsf8JKSjZwk9ZntWl9a4cG0WpKyukAVH0w9cM3se96h5oykePcycDmJQNKhhqPE9O1qEa7VStFE3JFONwvKq1gBB99X4hXE9KOpGj9o72aYEkwLwovtk0qHcoJY7jCHwoRxMETzBPN7d4ldK6pjabgknedf86c0VSlcnF/tTALVej9z2dkDZ1HbD9yQlqrrxqn3b/yAw777EmR07SsHC7fuf4iTznItk9Oca0C19Qa3TWNzwK1t6apng6kXZ+xTdtk3Zf5StY4L5Ltsif8Tprc3EIG8H5bXENAlOnNotoJs6ElwsmZBpgG9Y1h6oiCCdYxxFg02qAnlpo1TLGedJQWyxiuNmNGGFjYSCBxqyxJm6BRQVbaLhw8muOlR0nIcBxfrpTt0T5Tjqz1kRRV1rkg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR13MB2444.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(136003)(366004)(39830400003)(346002)(376002)(396003)(451199021)(64756008)(316002)(53546011)(66946007)(66476007)(6506007)(26005)(66446008)(8936002)(33656002)(8676002)(55016003)(66556008)(76116006)(19627235002)(110136005)(41300700001)(122000001)(54906003)(966005)(478600001)(166002)(91956017)(9686003)(4326008)(2906002)(71200400001)(7696005)(38100700002)(38070700005)(19627405001)(83380400001)(86362001)(44832011)(52536014)(186003)(5660300002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: l7RGqrnw4iZe252CMll8RCgT1XjHFiFHMui+P6KYoKVOh3VyTwQVHNto2Hc6VE1pbJgM6Du+fbR+vGXvEZVWN2571EmvUt3VAfrpsu7JvoDcWyG9MH4uBEqjC9FRMND6EDnBJhq1Rl+uk3eYrMYjoZj6HEtVjFj8xxB0pkc+hkHhVQWCxh/Dg0Ps6Q+iKkKfw89NisXAzidO9t1HS/+7FVdu5g80LEd8Vdovxsb2Xj3JN/2rILViUBa8sHW4qeaIlwt55+IaA3f9NfoS9aSldbm3278zS6AS7ThrlwcMdYvamb33fQ7LA5LdREX5pxcKO9noEv26yhzIJCcQxsdti9Qi181n6r4//Bqr2mE/Gqbjqt0q1JDFLklGdi1HGMSuEVv8O69tpbvhQHR0db/2NHopQ7mkzy/pVFCwC+/HCNvmUHOxU73jL1dL+r/EVl5+oZQBtk8MzINPmRUbMobJT++ReSaRlflFDnn2aJKXyzs6C5QVz1VyXPtY4i+CgAzMeEMVvAPDbGZQMuD91w0c/EfQLP2/xDWBMzQIlQcwdxco2IHyzuDRyc4H0dV64dgKRTcvaSt9yPzyTKARUzEJq9P/Hwtz4h+mGWZFlVaH47S1QhjadhuKMI+hiIOJmk/aE9CEz9bJksrEkFf3qrn2d3sFk/51T+4UAVtinxetowxre1ixEJMnMtaOHhfeC7QMptnGbRsCfNZKQ+0MDuuBaAljnA1gk6RzycZZJ0bzERQfNzaBs9JuVpvggok3qfmw/4JWMQGs8jql6IhmKekogXMmCbTbbgnFlSZrZXQoEL/HyTOz2M0wUROphWyBCL6urEvg188VLsk7vOSV6/5Ihvzex1+db+Dt9ZFEeV97EZ/dvF19xnVOShihyqCfD9nTBsK/tQf55P7wYCW3SdIFrkCGpQkElCp+YtN2NVKZhY+4Z2Wju8DQS2gj7Z/wHyNPCp6yAYdpZcnsI8APmEprmGDqvcFDBXF+IO2xNYNRrvmxNC1rCjtWRyO5svDHCFh4CK1qfS/jEeTDsKFunzE1ANqzLm0CCX44z3CPU3TobACDAW1EDRYFXVpRRKz9wtifeCnD/H2XNoY9Zorr+QLI1mVRtlbhoB/SoJb1OuM076CSI5ONYSgleGWfLPAMa6rSbQ8e8TB5VnErry6frx6g7tYgS3uLzGmGVT8soRuPD6QAVKNtkymub0tcpIRNe1iIXIC2nb+oOUPNu9l/MhNu+eKdbAayQC1C/z91b0LWnOHF7hsb2rZs8J71WY3iTGDn7v7tGqsJ3M0luHePZcYA32vsHGNRm18lOqpIx2sM1xvuw58dLODQzTt8exeIXBobo2N7ShnkoKrtNrvAWUW03f0qKcUpisMdTCMWKz6E30kOGbzn0Y/I1Brkcdnhazllba4eQWIKt9gXvaMwNqS9QQSDEhLPY9ogy+pFzq7hY234MfxpgVoce8WaLRoCafMu5SUpxqIcm+kjJzR9hbMeNC/EcLcYJNL+uaNUAyyUwDYvMy6faZHqSAFk9rwS2tXpVLOA3eHqiQhvVsU42iv1gI+c4ne41NbGN25xNW6c5Voe8CzIhhWJJBfNIs0o203WhVcV4O1aAMFF8d+XpudlJQ==
Content-Type: multipart/alternative; boundary="_000_DM6PR13MB24449FCA18999BF6BC76F2C3880AADM6PR13MB2444namp_"
MIME-Version: 1.0
X-OriginatorOrg: axenterprize.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR13MB2444.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: bf3f2d3d-2608-4c79-7b0d-08db9228e6a1
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Aug 2023 00:47:36.8150 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 00ad0178-ead0-441e-96ff-0c72baf3a6fa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: W6Uceb8FWJHbeDQvePfEGvqFupLt9cBcz70OjX2xCoED8Eq+RB52AGJPMspx2LmMuQPcUTC0XGFTSrzlHsKf0J4sFBPL9tCIXglHEt6VTh/T+EHI/BMnIE4tZhJrRxmu
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN4PR13MB6021
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/zCSNb2xD5H5kS-H3Jt_jXSF4jgM>
Subject: Re: [Drip] -auth issues/comments
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Drone Remote Identification Protocol <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Aug 2023 00:47:44 -0000
I already posted the 5 issues to the list for comments [1] with only a single response from Stu. Thanks for bring this back up to the top of the stack. Bob has commented on Issue #35 (on GitHub itself) saying what is there is fine, perhaps a bit string or hex representation can be added to avoid any errors. Also, a comment from Bob on the informational note to be clearer. I got a response for Issue #38 [2] from ODID. [1] https://mailarchive.ietf.org/arch/msg/tm-rid/ct1i7y0RxMg2axhsCMXkxMMOh_0/ [2] https://github.com/opendroneid/opendroneid-core-c/issues/71 -------- 73, Adam T. Wiethuechter Software Engineer; AX Enterprize, LLC ________________________________ From: Stu Card <stu.card@axenterprize.com> Sent: Monday, July 31, 2023 11:19 AM To: draft-ietf-drip-auth@ietf.org <draft-ietf-drip-auth@ietf.org> Cc: tm-rid@ietf.org <tm-rid@ietf.org>; Eric Vyncke (evyncke) <evyncke@cisco.com> Subject: -auth issues/comments There are 5 GitHub issues still open. Most don’t even have any comments from anyone other than primary author Adam. Issue #35 is the cSHAKE string. Bob? Issue #36 is 1st manifest’s “previous” hash value. Choice 5, random nonce, makes the start of the sequence unpredictable, giving attackers less time to brute force a forged signature on a bogus manifest forking the chain. Bob? Issue #38 is duplicating or updating messages when transmitting at a higher rate than required by the rules. My preference is to avoid duplicate transmissions of the same data, as such would require filtering on the receive end to avoid confusing tracking algorithms: just processing dots would make it look like a moving aircraft was hovering for a second, then teleporting to the next location, then hovering for a second, then teleporting. Of course, the filtering would be trivial, as Location/Vector messages have time stamps. Tracking would still be improved by more frequently updated data. I don’t remember what the implementation difficulties might be. Adam? Issue #39 is the SAM code points. We believe we are getting 1 through 4 inclusive, but do not have official confirmation. Bob says Eric says he is hopeful for August. Issue #41, Adam has reported as fixed in a commit to -auth-31, which will not be uploaded to the Datatracker until more (hopefully all) of the above are resolved. We should ensure that this draft is otherwise 100% ready to go now, before we receive official confirmation of our SAM codes, so… I strongly encourage everyone to review the 2 area director reviews in the Datatracker (which were of a much earlier version) and current version -30. Thanks! -- Stu
- [Drip] -auth issues/comments Stu Card
- Re: [Drip] -auth issues/comments Stu Card
- Re: [Drip] -auth issues/comments Adam Wiethuechter
- Re: [Drip] -auth issues/comments Stu Card
- Re: [Drip] -auth issues/comments Robert Moskowitz
- Re: [Drip] -auth issues/comments Robert Moskowitz
- Re: [Drip] -auth issues/comments Stu Card
- Re: [Drip] -auth issues/comments Robert Moskowitz
- Re: [Drip] -auth issues/comments Eric Vyncke (evyncke)
- Re: [Drip] -auth issues/comments Robert Moskowitz
- Re: [Drip] -auth issues/comments Stu Card
- Re: [Drip] -auth issues/comments Robert Moskowitz
- Re: [Drip] -auth issues/comments Adam Wiethuechter
- Re: [Drip] -auth issues/comments Eric Vyncke (evyncke)
- Re: [Drip] -auth issues/comments Stu Card