Drone Remote Identification Protocol (DRIP) Architecture

The information below is for an old version of the document
Document Type Active Internet-Draft (individual)
Authors Stuart Card  , Adam Wiethuechter  , Robert Moskowitz 
Last updated 2020-03-23
Replaced by draft-ietf-drip-arch
Stream (None)
Formats pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
DRIP                                                             S. Card
Internet-Draft                                           A. Wiethuechter
Intended status: Informational                             AX Enterprize
Expires: 24 September 2020                                  R. Moskowitz
                                                          HTT Consulting
                                                           23 March 2020

        Drone Remote Identification Protocol (DRIP) Architecture


   This document defines an architecture for Drone Remote Identification
   Protocol (DRIP) Working Group protocols and services to support
   Unmanned Aircraft System Remote Identification (UAS RID), including
   its building blocks and their interfaces, all to be standardized.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 24 September 2020.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Simplified BSD License text
   as described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Simplified BSD License.

Card, et al.            Expires 24 September 2020               [Page 1]
Internet-Draft                  DRIP Arch                     March 2020

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Terms and Definitions . . . . . . . . . . . . . . . . . . . .   4
     2.1.  Requirements Terminology  . . . . . . . . . . . . . . . .   4
     2.2.  Definitions . . . . . . . . . . . . . . . . . . . . . . .   4
   3.  Entities and their Interfaces . . . . . . . . . . . . . . . .   8
     3.1.  Private Information Registry  . . . . . . . . . . . . . .   8
     3.2.  Public Information Registry . . . . . . . . . . . . . . .   9
     3.3.  CS-RID SDSP . . . . . . . . . . . . . . . . . . . . . . .   9
     3.4.  CS-RID Finder . . . . . . . . . . . . . . . . . . . . . .   9
   4.  Identifiers . . . . . . . . . . . . . . . . . . . . . . . . .  10
   5.  Transactions  . . . . . . . . . . . . . . . . . . . . . . . .  10
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  11
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .  11
   8.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .  11
   9.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  11
     9.1.  Normative References  . . . . . . . . . . . . . . . . . .  11
     9.2.  Informative References  . . . . . . . . . . . . . . . . .  12
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  13

1.  Introduction

   Many safety and other considerations dictate that UAS be remotely
   identifiable.  Civil Aviation Authorities (CAAs) worldwide are
   mandating UAS RID.  The European Union Aviation Safety Agency (EASA)
   has published [Delegated] and [Implementing] Regulations.  The United
   States (US) Federal Aviation Administration (FAA) has published a
   Notice of Proposed Rule Making ([NPRM]).  CAAs currently promulgate
   performance-based regulations that do not specify techniques, but
   rather cite industry consensus technical standards as acceptable
   means of compliance.

   ASTM International, Technical Committee F38 (UAS), Subcommittee
   F38.02 (Aircraft Operations), Work Item WK65041 (UAS Remote ID and
   Tracking), is a Proposed New Standard [WK65041].  It defines 2 means
   of UAS RID.  Network RID defines a set of information for UAS to make
   available globally indirectly via the Internet.  Broadcast RID
   defines a set of messages for Unmanned Aircraft (UA) to transmit
   locally directly one-way over Bluetooth or Wi-Fi.  Network RID
   depends upon Internet connectivity, in several segments, from the UAS
   to the observer.  Broadcast RID should need Internet (or other Wide
   Area Network) connectivity only for UAS registry information lookup
   using the directly locally received UAS ID as a key.

   [WK65041] specifies 3 UAS ID types.  Type 1 is a static, manufacturer
   assigned, hardware serial number per ANSI/CTA-2063-A "Small Unmanned
   Aerial System Serial Numbers" [CTA2063A].  Type 2 is a CAA assigned

Card, et al.            Expires 24 September 2020               [Page 2]
Internet-Draft                  DRIP Arch                     March 2020

   (presumably static) ID.  Type 3 is a UAS Traffic Management (UTM)
   system assigned UUID [RFC4122], which can but need not be dynamic.
   The EU allows only Type 1; the US allows Types 1 and 3, but requires
   Type 3 IDs (if used) each to be used only once.  [WK65041] Broadcast
   RID transmits all information in the clear as plaintext, so Type 1
   static IDs enable trivial correlation of patterns of use,
   unacceptable in many applications, e.g. package delivery routes of

   An ID is not an end in itself; it exists to enable lookups and
   provision of services complementing mere identification.

   Minimal specified information must be made available to the public;
   access to other data, e.g.  UAS operator Personally Identifiable
   Information (PII), must be limited to strongly authenticated
   personnel, properly authorized per policy.  [WK65041] specifies only
   how to get the UAS ID to the observer; how the observer can perform
   these lookups, and how the registries first can be populated with
   information, is unspecified.

   Although using UAS RID to facilitate related services, such as Detect
   And Avoid (DAA) and other applications of Vehicle to Vehicle or
   Vehicle to Infrastructure (V2V, V2I, collectively V2X)
   communications, is an obvious application (explicitly contemplated in
   the FAA NPRM), it has been ommitted from [WK65041] (explicitly
   declared out of scope in the ASTM working group discussions based on
   a distinction between RID as a security standard vs DAA as a safety
   application).  Although dynamic establishment of secure
   communications between the observer and the UAS pilot seems to have
   been contemplated by the FAA UAS ID and Tracking Aviation Rulemaking
   Committee (ARC) in their [Recommendations], it is not addressed in
   any of the subsequent proposed regulations or technical

   The need for near-universal deployment of UAS RID is pressing.  This
   implies the need to support use by observers of already ubiquitous
   mobile devices (smartphones and tablets).  UA onboard RID devices are
   severely constrained in Size, Weight and Power (SWaP).  Cost is a
   significant impediment to the necessary near-universal adoption of
   UAS send and observer receive RID capabilities.  To accomodate the
   most severely constrained cases, all these conspire to motivate
   system design decisions, especially for the Broadcast RID data link,
   which complicate the protocol design problem: one-way links;
   extremely short packets; and Internet-disconnected operation of UA
   onboard devices.  Internet-disconnected operation of observer devices
   has been deemed by ASTM F38.02 too infrequent to address, but for
   some users is important and presents further challenges.  Heavyweight
   security protocols are infeasible, yet trustworthiness of UAS RID

Card, et al.            Expires 24 September 2020               [Page 3]
Internet-Draft                  DRIP Arch                     March 2020

   information is essential.  Under [WK65041], even the most basic
   datum, the UAS ID string (typically number) itself can be merely an
   unsubstantiated claim.

   IETF can help by providing expertise as well as mature and evolving
   standards.  Existing Internet resources (business models,
   infrastructure and protocol standards) should be leveraged.  Host
   Identity Protocol (HIPv2) [RFC7401] and its Domain Name System (DNS)
   extensions [RFC8005], together with the Registry Data Access Protocol
   (RDAP) and the Extensible Provisioning Protocol (EPP), can complement
   emerging external standards for UAS RID.  This will facilitate
   utilization of existing and provision of enhanced network services,
   and enable verification that UAS RID information is trustworthy (to
   some extent, even in the absence of Internet connectivity at the
   receiving node).  The natural Internet architecture for DRIP
   described herein addresses requirements defined in a companion DRIP
   Requirements document.

2.  Terms and Definitions

2.1.  Requirements Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

2.2.  Definitions

      Cost, Size, Weight and Power.

      Attestation, Authentication, Authorization, Access Control,
      Accounting, Attribution, Audit.

      AirBorne DAA.  Also known as "self-separation".

      Above Ground Level.  Relative altitude, above the variously
      defined local ground level, typically of an UA, typically measured
      in feet.

      Civil Aviation Authority.  An example is the Federal Aviation
      Administration (FAA) in the United States of America.

Card, et al.            Expires 24 September 2020               [Page 4]
Internet-Draft                  DRIP Arch                     March 2020

      Command and Control.  A set of organizational and technical
      attributes and processes that employs human, physical, and
      information resources to solve problems and accomplish missions.
      Mainly used in military contexts.

      Crowd Sourced Remote Identification.  An optional DRIP WG service
      that gateways Broadcast RID to Network RID, and supports
      verification of RID positon/velocity claims with independent
      measurements (e.g. by multilateration), via a SDSP.

      Detect And Avoid, formerly Sense And Avoid (SAA).  A means of
      keeping aircraft "well clear" of each other for safety.

      End to End.

      Ground Based DAA.

      Ground Control Station.  The part of the UAS that the remote pilot
      uses to exercise C2 over the UA, whether by remotely exercising UA
      flight controls to fly the UA, by setting GPS waypoints, or
      otherwise directing its flight.

      Global Positioning System.  In this context, misused in place of
      Global Navigation Satellite System (GNSS) or more generally SATNAV
      to refer generically to satellite based timing and/or positioning.

      Host Identity.  The public key portion of an asymmetric keypair
      from HIP.  In this document it is assumed that the HI is based on
      a EdDSA25519 keypair.  This is supported by new crypto defined in

      Host Identity Protocol.  The origin of HI, HIT, and HHIT, required
      for DRIP.  Optional full use of HIP enables additional DRIP

      Hierarchical Host Identity Tag. A HIT with extra information not
      found in a standard HIT.  Defined in

Card, et al.            Expires 24 September 2020               [Page 5]
Internet-Draft                  DRIP Arch                     March 2020

      Host Identity Tag. A 128 bit handle on the HI.  Defined in HIPv2

   Limited RID
      Per the FAA NPRM, a mode of operation that must use Network RID,
      must not use Broadcast RID, and must provide pilot/GCS location
      only (not UA location).  This mode is only allowed for UA that
      neither require (due to e.g. size) nor are equipped for Standard
      RID, operated within V-LOS and within 400 feet of the pilor, below
      400 feet AGL, etc.

      Line Of Sight.  An adjectival phrase describing any information
      transfer that travels in a nearly straight line (e.g.
      electromagnetic energy, whether in the visual light, RF or other
      frequency range) and is subject to blockage.  A term to be avoided
      due to ambiguity, in this context, between RF-LOS and V-LOS.

      Mean Sea Level.  Relative altitude, above the variously defined
      mean sea level, typically of an UA (but in FAA NPRM Limited RID
      for a GCS), typically measured in feet.

      UAS RID Display Provider.  System component that requests data
      from one or more NETSP and aggregates them to display to a user
      application on a device.  Often an USS.

      UAS RID Service Provider.  System component that compiles
      information from various sources (and methods) in its given
      service area.  Usually an USS.

      Referred to in other UAS RID documents as a "user", but there are
      also other classes of UAS RID users, so we prefer "observer" to
      denote an individual who has observed an UA and wishes to know
      something about it, starting with its ID.

      Personally Identifiable Information.  In this context, typically
      of the UAS operator, Pilot In Command (PIC) or remote pilot, but
      possibly of an observer or other party.

      Radio Frequency.  May be used as an adjective or as a noun; in the
      latter case, typically means Radio Frequency energy.

Card, et al.            Expires 24 September 2020               [Page 6]
Internet-Draft                  DRIP Arch                     March 2020

      RF LOS.  Typically used in describing operation of a direct radio
      link between a GCS and the UA under its control, potentially
      subject to blockage by foliage, structures, terrain or other
      vehicles, but less so than V-LOS.

      Supplemental Data Service Provider.  Entity that provides data
      allowed and presumed useful but neither required nor standardized
      as an option in UTM, such as weather.  Here used to enable CS-RID.

   Standard RID
      Per the FAA NPRM, a mode of operation that must use both Network
      RID (if Internet connectivity is available at the time in the
      operating area) and Broadcast RID (always and everywhere), and
      must provide both pilot/GCS location and UA location.  This mode
      is required for UAS that exceed the allowed envelope (e.g. size,
      range) of Limited RID and for all UAS equipped for Standard RID
      (even if operated within parameters that would otherwise permit
      Limited RID).

      Unmanned Aircraft.  Typically a military or commercial "drone" but
      can include any and all aircraft that are unmanned.

      Unmanned Aircraft System.  Composed of UA, all required on-board
      subsystems, payload, control station, other required off-board
      subsystems, any required launch and recovery equipment, all
      required crew members, and C2 links between UA and control

      Unique UAS identifier.  Per [WK65041], maximum length of 20 bytes.

   UAS ID Type
      Identifier type index.  Per [WK65041], 4 bits, values 0-3 already

      UAS Remote Identification.  System for identifying UA during
      flight by other parties.

   UAS RID Verification Service
      System component designed to handle the authentication
      requirements of RID by offloading verification to a web hosted

Card, et al.            Expires 24 September 2020               [Page 7]
Internet-Draft                  DRIP Arch                     March 2020

      UAS Service Supplier.  Provide UTM services to support the UAS
      community, to connect Operators and other entities to enable
      information flow across the USS network, and to promote shared
      situational awareness among UTM participants.  (From FAA UTM
      ConOps V1, May 2018).

      UAS Traffic Management.  A "traffic management" ecosystem for
      "uncontrolled" UAS operations separate from, but complementary to,
      the FAA's Air Traffic Management (ATM) system for "controlled"
      operations of manned aircraft.

      Visual LOS.  Typically used in describing operation of an UA by a
      "remote" pilot who can clearly directly (without video cameras or
      any other aids other than glasses or under some rules binoculars)
      see the UA and its immediate flight environment.  Potentially
      subject to blockage by foliage, structures, terrain or other
      vehicles, more so than RF-LOS.

3.  Entities and their Interfaces

   Any DRIP WG solutions for UAS RID must fit into the UTM system.  This
   implies interaction with entities including UA, GCS, USS, NETSP,
   NETDP, Observers, Operators, Pilots In Command, Remote Pilots, etc.
   The only additional entities introduced by DRIP WG are registries,
   required but not specified by the regulations and [RFC7401], and
   optionally CS-RID SDSP and Finder nodes.

   UAS RID registries hold both public and private information.  The
   public information is primarily pointers to the repositories of, and
   keys for looking up, the private information.  Given these different
   uses, and to improve scalability, security and simplicity of
   administration, the public and private information can be stored in
   different registries, indeed different types of registry.

3.1.  Private Information Registry

   The private information required for UAS RID is similar to that
   required for Internet domain name registration.  This facilitates
   leveraging existing Internet resources, including domain name
   registration protocols, infrastructure and business models.  This
   implies a further derived requirement: a DRIP UAS ID MUST be amenable
   to handling as an Internet domain name (at an arbitrary level in the
   heirarchy), MUST be registered in at least a pseudo-domain (e.g. .ip6
   for reverse lookup), and MAY be registered as a sub-domain (for
   forward lookup).

Card, et al.            Expires 24 September 2020               [Page 8]
Internet-Draft                  DRIP Arch                     March 2020

   A DRIP private information registry MUST support essential Internet
   domain name registry operations (e.g. add, delete, update, query)
   using interoperable open standard protocols.  It SHOULD support the
   Extensible Provisioning Protocol (EPP) and the Registry Data Access
   Protocol (RDAP) with access controls.  It MAY use XACML to specify
   those access controls.  It MUST be listed in a DNS: that DNS MAY be
   private; but absent any compelling reasons for use of private DNS,
   SHOULD be the definitive public Internet DNS heirarchy.  The DRIP
   private information registry in which a given UAS is registered MUST
   be locatable, starting from the UAS ID, using the methods specified
   in [RFC7484].

3.2.  Public Information Registry

   The public information required to be made available by UAS RID is
   transmitted as clear plaintext to local observers in Broadcast RID
   and is served to a client by a NETDP in Network RID.  Therefore,
   while IETF can offer e.g.  [RFC6280] as one way to implement Network
   RID, the only public information required to support essential DRIP
   functions for UAS RID is that required to look up Internet domain
   hosts, services, etc.

   A DRIP public information registry MUST be a standard DNS server, in
   the definitive public Internet DNS heirarchy.  It MUST support NS,
   MX, SRV, TXT, AAAA, PTR, CNAME and HIP RR types.


   A CS-RID SDSP MUST appear (i.e. present the same interface) to a
   NETSP as a NETDP.  A CS-RID SDSP MUST appear to a NETDP as a NETSP.
   A CS-RID SDSP MUST NOT present a standard GCS-facing interface as if
   it were a NETSP.  A CS-RID SDSP MUST NOT present a standard client-
   facing interface as if it were a NETDP.  A CS-RID SDSP MUST present a
   TBD interface to a CS-RID Finder; this interface SHOULD be based upon
   but readily distinguishable from that between a GCS and a NETSP.

3.4.  CS-RID Finder

   A CS-RID Finder MUST present a TBD interface to a CS-RID SDSP; this
   interface SHOULD be based upon but readily distinguishable from that
   between a GCS and a NETSP.  A CS-RID Finder must implement, integrate
   or accept outputs from a Broadcast RID receiver.  A CS-RID Finder
   MUST NOT interface directly with a GCS, NETSP, NETDP or Network RID

Card, et al.            Expires 24 September 2020               [Page 9]
Internet-Draft                  DRIP Arch                     March 2020

4.  Identifiers

   A DRIP UAS ID MUST be a HHIT.  It SHOULD be self-generated by the UAS
   (either UA or GCS) and MUST be registered with the Private
   Information Registry identified in its heirarchy fields.  Each UAS ID
   HHIT MUST NOT be used more than once, with one exception as follows.

   Each UA MAY be assigned, by its manufacturer, a single HI and derived
   HHIT encoded as a hardware serial number per [CTA2063A].  Such a
   static HHIT SHOULD be used only to bind one-time use UAS IDs (other
   HHITs) to the unique UA.  Depending upon implementation, this may
   leave a HI private key in the posession of the manufacturer (see
   Security Considerations).

   Each UA equipped for Broadcast RID MUST be provisioned not only with
   its HHIT but also with the HI public key from which the HHIT was
   derived and the corresponding private key, to enable message
   signature.  Each UAS equipped for Network RID MUST be provisioned
   likewise; the private key SHOULD reside only in the ultimate source
   of Network RID messages (i.e. on the UA itself if the GCS is merely
   relaying rather than sourcing Network RID messages).  Each observer
   device MUST be provisioned with public keys of the UAS RID root
   registries and MAY be provisioned with public keys or certificates
   for subordinate registries.

   Operators and Private Information Registries MUST possess and other
   UTM entities MAY possess UAS ID style HHITs.  When present, such
   HHITs SHOULD be used with HIP to strongly mutually authenticate and
   optionally encrypt communications.

5.  Transactions

   Each Operator MUST generate a "HIo" and derived "HHITo", register
   them with a Private Information Registry along with whatever Operator
   data (inc.  PII) is required by the cognizant CAA and the registry,
   and obtain a certificate "Cro" signed with "HIr(priv)" proving such

   To add an UA, an Operator MUST generate a "HIa" and derived "HHITa",
   create a certificate "Coa" signed with "HIo(priv)" to associate the
   UA with its Operator, register them with a Private Information
   Registry along with whatever UAS data is required by the cognizant
   CAA and the registry, obtain a certificate "Croa" signed with
   "HIr(priv)" proving such registration, and obtain a certificate "Cra"
   signed with "HIr(priv)" proving UA registration in that specific
   registry while preserving Operator privacy.  The operator then MUST
   provision the UA with "HIa", "HIa(priv)", "HHITa" and "Cra".

Card, et al.            Expires 24 September 2020              [Page 10]
Internet-Draft                  DRIP Arch                     March 2020

   UA engaging in Broadcast RID MUST use "HIa(priv)" to sign Auth
   Messages and MUST periodically broadcast "Cra".  UAS engaging in
   Network RID MUST use "HIa(priv)" to sign Auth Messages.  Observers
   MUST use "HIa" from received "Cra" to verify received Broadcast RID
   Auth messages.  Observers without Internet connectivity MAY use "Cra"
   to identify the trust class of the UAS based on known registry
   vetting.  Observers with Internet connectivity MAY use "HHITa" to
   perform lookups in the Public Information Registry and MAY then query
   the Private Information Registry, which MUST enforce access control
   policy on Operator PII and other sensitive information.

6.  IANA Considerations

   It is likely that an IPv6 prefix will be needed for the HHIT (or
   other identifier) space; this will be specified in other drafts.

7.  Security Considerations

   DRIP is all about safety and security, so content pertaining to such
   is not limited to this section.  The security provided by asymmetric
   cryptographic techniques depends upon protection of the private keys.
   A manufacturer that embeds a private key in an UA may have retained a
   copy.  A manufacturer whose UA are configured by a closed source
   application on the GCS which communicates over the Internet with the
   factory may be sending a copy of a UA or GCS self-generated key back
   to the factory.  Compromise of a registry private key could do
   widespread harm.  Key revocation procedures are as yet to be
   determined.  These risks are in addition to those involving Operator
   key management practices.

8.  Acknowledgments

   The work of the FAA's UAS Identification and Tracking (UAS ID)
   Aviation Rulemaking Committee (ARC) is the foundation of later ASTM
   and proposed IETF DRIP WG efforts.  The work of ASTM F38.02 in
   balancing the interests of diverse stakeholders is essential to the
   necessary rapid and widespread deployment of UAS RID.

9.  References

9.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,

Card, et al.            Expires 24 September 2020              [Page 11]
Internet-Draft                  DRIP Arch                     March 2020

   [RFC7401]  Moskowitz, R., Ed., Heer, T., Jokela, P., and T.
              Henderson, "Host Identity Protocol Version 2 (HIPv2)",
              RFC 7401, DOI 10.17487/RFC7401, April 2015,

   [RFC7484]  Blanchet, M., "Finding the Authoritative Registration Data
              (RDAP) Service", RFC 7484, DOI 10.17487/RFC7484, March
              2015, <https://www.rfc-editor.org/info/rfc7484>.

   [RFC8005]  Laganier, J., "Host Identity Protocol (HIP) Domain Name
              System (DNS) Extension", RFC 8005, DOI 10.17487/RFC8005,
              October 2016, <https://www.rfc-editor.org/info/rfc8005>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

9.2.  Informative References

   [CTA2063A] ANSI, "Small Unmanned Aerial Systems Serial Numbers",
              September 2019.

              European Union Aviation Safety Agency (EASA), "EU
              Commission Delegated Regulation 2019/945 of 12 March 2019
              on unmanned aircraft systems and on third-country
              operators of unmanned aircraft systems", March 2019.

              Moskowitz, R., Card, S., and A. Wiethuechter,
              "Hierarchical HITs for HIPv2", Work in Progress, Internet-
              Draft, draft-moskowitz-hip-hierarchical-hit-04, 3 March
              2020, <https://tools.ietf.org/html/draft-moskowitz-hip-

              Moskowitz, R., Card, S., and A. Wiethuechter, "New
              Cryptographic Algorithms for HIP", Work in Progress,
              Internet-Draft, draft-moskowitz-hip-new-crypto-04, 23
              January 2020, <https://tools.ietf.org/html/draft-

              European Union Aviation Safety Agency (EASA), "EU
              Commission Implementing Regulation 2019/947 of 24 May 2019
              on the rules and procedures for the operation of unmanned
              aircraft", May 2019.

Card, et al.            Expires 24 September 2020              [Page 12]
Internet-Draft                  DRIP Arch                     March 2020

   [NPRM]     United States Federal Aviation Administration (FAA),
              "Notice of Proposed Rule Making on Remote Identification
              of Unmanned Aircraft Systems", December 2019.

              FAA UAS Identification and Tracking Aviation Rulemaking
              Committee, "UAS ID and Tracking ARC Recommendations Final
              Report", September 2017.

   [RFC4122]  Leach, P., Mealling, M., and R. Salz, "A Universally
              Unique IDentifier (UUID) URN Namespace", RFC 4122,
              DOI 10.17487/RFC4122, July 2005,

   [RFC6280]  Barnes, R., Lepinski, M., Cooper, A., Morris, J.,
              Tschofenig, H., and H. Schulzrinne, "An Architecture for
              Location and Location Privacy in Internet Applications",
              BCP 160, RFC 6280, DOI 10.17487/RFC6280, July 2011,

   [WK65041]  ASTM, "Standard Specification for Remote ID and Tracking",
              September 2019.

Authors' Addresses

   Stuart W.   Card
   AX Enterprize
   4947 Commercial Drive
   Yorkville, NY 13495
   United States of America

   Email: stu.card@axenterprize.com

   Adam Wiethuechter
   AX Enterprize
   4947 Commercial Drive
   Yorkville, NY 13495
   United States of America

   Email: adam.wiethuechter@axenterprize.com

   Robert Moskowitz
   HTT Consulting
   Oak Park, MI 48237
   United States of America

Card, et al.            Expires 24 September 2020              [Page 13]
Internet-Draft                  DRIP Arch                     March 2020

   Email: rgm@labs.htt-consult.com

Card, et al.            Expires 24 September 2020              [Page 14]