Skip to main content

Problem Statement for Digitized Emblems
draft-haberman-digital-emblem-ps-03

Document Type Active Internet-Draft (individual)
Authors Brian Haberman , Tommy Jensen , Bill Woodcock
Last updated 2024-11-18
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date (None)
Responsible AD (None)
Send notices to (None)
draft-haberman-digital-emblem-ps-03
Network Working Group                                   B. Haberman, Ed.
Internet-Draft                                                   JHU/APL
Intended status: Informational                                 T. Jensen
Expires: 22 May 2025                                           Microsoft
                                                             B. Woodcock
                                                                     PCH
                                                        18 November 2024

                Problem Statement for Digitized Emblems
                  draft-haberman-digital-emblem-ps-03

Abstract

   International law defines a number of emblems, such as the blue
   helmets of United Nations peacekeeping forces, the blue and white
   shield of UNESCO, and the Red Cross of the International Committee of
   the Red Cross, as indicative of special protections under the Geneva
   Conventions.  Similar protections attach to journalists who wear
   "Press" protective emblems on the battlefield, under Article 79 of
   Protocol I of the Geneva Conventions and Resolution 2222 of the
   United Nations Security Council.  The emblems of national governments
   and inter-governmental organizations protect diplomatic pouches,
   couriers, and envoys under the Vienna Convention on Diplomatic
   Relations.  Other marks enjoy protections against mis-use under the
   Paris Convention, the Madrid Protocol, and the Trade-Related Aspects
   of Intellectual Property Rights.

   Such physical emblems have a number of weaknesses and do not
   translate to the digital realm.  This document provides a summary of
   the problems and documents identified requirements from a number of
   stakeholders for a digital emblem which addresses the shortcomings of
   the physical emblems and makes possible the indication of protections
   of digital assets under international law.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

Haberman, et al.           Expires 22 May 2025                  [Page 1]
Internet-Draft               Digital Emblems               November 2024

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 22 May 2025.

Copyright Notice

   Copyright (c) 2024 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Revised BSD License text as
   described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Conventions . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Threat Model for Physical Emblems . . . . . . . . . . . . . .   3
     2.1.  Authenticity  . . . . . . . . . . . . . . . . . . . . . .   4
     2.2.  Visibility  . . . . . . . . . . . . . . . . . . . . . . .   4
     2.3.  Mis-use . . . . . . . . . . . . . . . . . . . . . . . . .   4
     2.4.  Management  . . . . . . . . . . . . . . . . . . . . . . .   4
   3.  Notional Requirements for Digital Emblems . . . . . . . . . .   4
     3.1.  Identification Requirements . . . . . . . . . . . . . . .   5
     3.2.  Distribution Requirements . . . . . . . . . . . . . . . .   5
     3.3.  Trust model requirements  . . . . . . . . . . . . . . . .   6
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   6
   5.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   6.  Contributors  . . . . . . . . . . . . . . . . . . . . . . . .   7
   7.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .   7
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   7
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .   7
     8.2.  Informative References  . . . . . . . . . . . . . . . . .   7
   Appendix A.  Use Cases for a digital emblem . . . . . . . . . . .   8
     A.1.  International Committee of the Red Cross (ICRC) . . . . .   8
       A.1.1.  Labeling web servers  . . . . . . . . . . . . . . . .   9
       A.1.2.  Labeling personal-use devices . . . . . . . . . . . .   9
       A.1.3.  Labeling power-constrained devices  . . . . . . . . .   9
       A.1.4.  Labeling networks from within . . . . . . . . . . . .   9
       A.1.5.  Labeling networks from without  . . . . . . . . . . .   9

Haberman, et al.           Expires 22 May 2025                  [Page 2]
Internet-Draft               Digital Emblems               November 2024

       A.1.6.  Miscellaneous . . . . . . . . . . . . . . . . . . . .   9
     A.2.  United Nations  . . . . . . . . . . . . . . . . . . . . .   9
     A.3.  United Nations Educational, Scientific, and Cultural
            Organization (UNESCO)  . . . . . . . . . . . . . . . . .  10
     A.4.  Organization for the Prohibition of Chemical Weapons
            (OPCW) . . . . . . . . . . . . . . . . . . . . . . . . .  10
     A.5.  International Atomic Energy Agency (IAEA) . . . . . . . .  10
     A.6.  Basel Convention  . . . . . . . . . . . . . . . . . . . .  10
     A.7.  Press . . . . . . . . . . . . . . . . . . . . . . . . . .  11
     A.8.  World Intellectual Property Organization (WIPO) . . . . .  11
     A.9.  International Civil Aviation Organization (ICAO)  . . . .  11
     A.10. World Health Organization (WHO) . . . . . . . . . . . . .  11
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  11

1.  Introduction

   International law defines a number of emblems, such as the blue
   helmets of United Nations (UN) peacekeeping forces [BLUEHELMET], the
   blue and white shield of UNESCO [BLUESHIELD], and the Red Cross of
   the International Committee of the Red Cross (ICRC) [REDCROSS], as
   indicative of special protections under international law.  Similar
   protections attach to journalists who wear "Press" protective emblems
   on the battlefield [PRESS].  The emblems of national governments and
   inter-governmental organizations protect diplomatic pouches,
   couriers, and envoys [DIPLOMAT], and international law protects
   certain marks against counterfeiting.

1.1.  Conventions

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14 [RFC2119][RFC8174] when, and only when, they appear in all
   capitals, as shown here.

2.  Threat Model for Physical Emblems

   Physical emblems have served a number of key functions over hundreds
   of years.  The design/use of those physical emblems were limited by
   the available resources and capabilities during the time of their
   inceptions.  As technology advances and newer capabilities become
   available, it is beneficial to examine limitations with existing
   emblems and identify potential needs going forward.

   The following describes a number of weaknesses with physical emblems.

Haberman, et al.           Expires 22 May 2025                  [Page 3]
Internet-Draft               Digital Emblems               November 2024

2.1.  Authenticity

   It is generally not possible to evaluate the authenticity of a
   physical emblem in real-time.  Physical emblems do not carry any type
   of attestation from an authorized party indicating the validity of
   emblem.  Mis-use of a physical emblem requires a post-facto
   investigation.

2.2.  Visibility

   Physical emblems may not always be visible to an observing party.
   They can be difficult or impossible to see in the dark.  The physical
   emblem may be deployed on the opposite side of an object from an
   observing party.  They may be difficult to observe from a distance or
   at an oblique angle.  The visibility of a physical emblem may be
   affected by wear, vandalism, or obfuscation.

2.3.  Mis-use

   Physical emblems do not provide sufficient context to indicate the
   validity of their observed use.  Physical emblems requested for use
   in a specific location and/or at a certain time can be re-used at
   other locations or times that are not authorized.  No mechanism
   exists to correlate the validity of a physical emblem with specific
   locations, times, items, or people subject to protection.  Such abuse
   is similar to known security attacks (replay, time-shifting, and
   location-shifting attacks).

2.4.  Management

   As noted above, potential mis-use of a physical emblem typically
   requires a post-facto investigation.  There is no mechanism to revoke
   the instance of a physical emblem that has been abused, compromised,
   or is no longer valid.

3.  Notional Requirements for Digital Emblems

   The above list of weaknesses highlights the need for an emblem
   approach that meets a number of requirements to perform its function
   properly under international law.  Because there are multiple use
   cases for digital emblems, some of which are fundamentally different
   from one another, it is not presumed that any one use of a digital
   emblem would necessarily have every single one of these requirements
   for a given implementation.

Haberman, et al.           Expires 22 May 2025                  [Page 4]
Internet-Draft               Digital Emblems               November 2024

3.1.  Identification Requirements

   A digital emblem capable of acting as an official marking of legal
   significance needs to be identifiable by its intended legal purpose
   and what assets it applies to.  To do this, digital emblems...

   *  MUST provide a clearly detectable and unambiguous marking mappable
      to enable verification,

   *  MUST be machine-readable to enable automated verification,

   *  MUST be capable of carrying a visual representation of the
      physical emblem it represents,

   *  MUST carry an unambiguous indication of the international law or
      laws conferring protection upon the entity marked with the emblem,

   *  MUST be possible to associate with a range or specific quantity of
      persons or items,

   *  MUST be possible to associate with online services (e.g.,
      websites, email servers, databases),

   *  MUST be possible to associate with data in transit or at rest,

   *  MUST be possible to associate with network-addressable equipment
      (e.g., routers, servers, laptops, IoT devices),

   *  MUST be possible to associate with a physical object (e.g.,
      building, vehicle, container),

   *  MUST be possible to associate with a person or group of people

3.2.  Distribution Requirements

   A digital emblem applicable to a variety of physical and digital
   assets will need to support a variety of discovery mechanisms to
   ensure emblem verification is a practical process international law
   can enforce.  Practicality can mean multiple things, including
   minimizing the risk that verifying emblems will disclose verifier
   presence or behavior, minimizing the cost of verifying digital
   emblems, and ensuring universal access to emblem-bearing for legally
   entitled assets.

   To accomplish practical emblem distribution, digital emblems...

   *  MUST NOT impose an undue cost to verify,

Haberman, et al.           Expires 22 May 2025                  [Page 5]
Internet-Draft               Digital Emblems               November 2024

   *  MUST NOT impose an undue cost to apply to or remove from an asset,

   *  MUST NOT impose an undue cost to acquire authority to deploy,

   *  MUST NOT require verifiers of the emblem to reveal to the emblem
      bearer that existence checking is occurring,

   *  SHOULD be possible to view an emblem in-band via a communications
      network, optically (e.g., QR code), or wirelessly (e.g., RFID).

3.3.  Trust model requirements

   A digital emblem needs to be trustworthy in order to provide any
   value.  This means that parties verifying the presence of emblems
   need to know that the asset bearing an emblem is entitled to do so
   for the declared asset, time frame, and other scopes.  Therefore,
   digital emblems...

   *  MUST be authorized by a party that has the legal authority to
      issue it,

   *  MUST identify the authorizing party that issued it to ensure
      accountability of emblem use,

   *  MUST carry an unambiguous indication of the international law or
      laws conferring protection upon the entity marked with the emblem,

   *  MUST be capable of providing a reference to additional relevant
      information (e.g., photographs, unique identifiers) which can be
      used to corroborate the association of the digital emblem with the
      entity bearing it,

   *  MUST be revocable when they are no longer valid,

   *  MUST be restrictable by temporal scope,

   *  MUST be restrictable by geographic scope,

   *  MUST be robust against being replayed by invalid bearers,

   *  MUST be robust against forgery of its various properties.

4.  IANA Considerations

   This document makes no requests of the IANA.

Haberman, et al.           Expires 22 May 2025                  [Page 6]
Internet-Draft               Digital Emblems               November 2024

5.  Security Considerations

   A key part of this document highlights the risks surrounding physical
   emblems.  Technical implementations of digital emblems will
   undoubtedly incur their own security considerations.  However, this
   document does not propose technical solutions; it enumerates the use
   cases that justify creating technical solutions and what requirements
   are imposed on such solutions.

6.  Contributors

   Allison Mankin provided significant input on the issues surrounding
   physical emblems and the criteria for a digital emblem.  Tony
   DeSimone, Kerstin Vignard, and Erin Hahn provided insight into the
   legal and policy issues surrounding emblems.  Felix Linker and Mauro
   Vignati provided many of the requirements that derive from digital
   asset use cases.

7.  Acknowledgments

8.  References

8.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/rfc/rfc2119>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.

8.2.  Informative References

   [BLUEHELMET]
              Doctors Without Borders, "The Practical Guide to
              Humanitarian Law", n.d., <https://guide-humanitarian-
              law.org/content/article/3/peacekeeping/>.

   [BLUESHIELD]
              United Nations Educational, Scientific and Cultural
              Organization, "Enhanced Protection - Cultural Property of
              Highest Importance to Humanity", n.d.,
              <https://www.unesco.org/en/heritage-armed-conflicts/
              enhanced-protection-cultural-property-highest-importance-
              humanity>.

Haberman, et al.           Expires 22 May 2025                  [Page 7]
Internet-Draft               Digital Emblems               November 2024

   [DIPLOMAT] Cornell Law School - Legal Information Institute,
              "Personnel of Foreign Governments and International
              Organizations and Special Treatment for Returning
              Individuals", n.d.,
              <https://www.law.cornell.edu/cfr/text/19/148.83>.

   [PRESS]    Reporters Without Borders, "RSF Resource for Journalists'
              Safety", n.d., <https://safety.rsf.org/appendix-i-
              protection-of-journalists-in-war-zones/>.

   [REDCROSS] International Committee of the Red Cross, "The Protection
              of the Red Cross / Red Crescent Emblems", n.d.,
              <https://www.icrc.org/en/doc/assets/files/other/
              protection_emblems.pdf>.

Appendix A.  Use Cases for a digital emblem

   Digital emblems are verifiable labels that can be associated with an
   entity so that a verifier can prove that the entity (person, place,
   or thing) has some property the digital emblem represents.  This is a
   list of use cases that necessitate the creation of one or more
   standards for digital emblems to be used to express some status of
   the entity bearing them.  Each use case contains a list of potential
   attributes to associate with the entity as a part of the emblem.  It
   is assumed that each use case would contain a link or reference to
   the law, regulation, or policy that governs the protections granted
   under the emblem.

   These use cases come from discussions with the organizations
   identified.  This is a representative (not exhaustive) list of use
   cases for a digital emblem.

A.1.  International Committee of the Red Cross (ICRC)

   The ICRC is responsible for the visual Red Cross, Red Crescent, and
   Red Crystal emblems used to label physical assets such as buildings
   and vehicles so that wartime combatants know that International
   Humanitarian Law (IHL) forbids attacking that asset.  The ICRC has
   been challenging private industry and academic researchers to create
   a digital equivalent to these visual emblems that can be used to
   label digital assets as protected under IHL the same way they can
   label physical assets today.

   *  Indication of location

   *  Textual description

Haberman, et al.           Expires 22 May 2025                  [Page 8]
Internet-Draft               Digital Emblems               November 2024

   The ICRC has shared the following concrete use cases as part of their
   industry and academic research engagement.

A.1.1.  Labeling web servers

   Ensuring that attackers targeting a server hosting websites the
   attacker wishes to compromise know that the server hosting those
   sites is IHL protected.

A.1.2.  Labeling personal-use devices

   Doctors use laptops to process IHL protected data both on hospital
   premises and on the move.

A.1.3.  Labeling power-constrained devices

   IoT devices are used to manage various equipment within hospitals,
   and their power constraints may pose unique limitations on digital
   emblem solutions.

A.1.4.  Labeling networks from within

   A device on a network that was compromised by a non-network path
   (such as malware loaded from a USB device) needs to discover that it
   compromised a network that is IHL protected (distinct from
   discovering the compromised device is protected).

A.1.5.  Labeling networks from without

   Attackers trying to compromise a network through a network path can
   discover an emblem for an IP address for a NAT or gateway behind
   which are IHL protected assets.

A.1.6.  Miscellaneous

   Other valuable use cases may exist across the following areas:
   protections of buildings (e.g., hospitals), people (e.g., aid
   workers), vehicles (e.g., ambulances), objects (e.g., medical
   devices), digital services (e.g., family reunification services), and
   data at-rest & in-transit.  Permission to use an emblem is delegated
   to each UN member nation.

A.2.  United Nations

   UN Peacekeepers may require protective markings in theater as well as
   facilities associated with the mission.

Haberman, et al.           Expires 22 May 2025                  [Page 9]
Internet-Draft               Digital Emblems               November 2024

A.3.  United Nations Educational, Scientific, and Cultural Organization
      (UNESCO)

   Requires protections for items of cultural heritage, both physical
   and digital.  Priority is on buildings and physical artworks.  These
   can be denoted with location information, descriptions, and linked
   images.  There is a special concern with repatriating stolen works,
   which would benefit from a provenance trail via an emblem.  Their is
   also an interest in ensuring that a physical instantiation of an
   emblem accompany each artwork and leverage the digital emblem to
   track the current location and any special handling needed.

   *  Indication of location

   *  Image(s)

   *  Textual description

   *  Chain-of-custody / provenance

A.4.  Organization for the Prohibition of Chemical Weapons (OPCW)

   Requires protection of Schedule 1 chemicals in transit between
   signatory countries for research, medical, pharmaceutical, or
   protective purposes.  Emblem would identify place, date, and volume
   of production.  Also a need to encrypt the description/
   characteristics of the items for access only by the receiving customs
   agencies and material handlers.  This encryption precludes other
   actors from determining the contents being transported.

   *  Indication of location (dynamic as materials are moved)

   *  Indication of quantity

   *  Textual description

A.5.  International Atomic Energy Agency (IAEA)

   IAEA administers several treaties, especially related to the
   controlled shipment of atomic fuels and wastes across borders.
   Similar use case as OPCW.

A.6.  Basel Convention

   Regulates the trans-boundary movement of hazardous wastes.  Use cases
   are functionally identical to OPCW and IAEA.

Haberman, et al.           Expires 22 May 2025                 [Page 10]
Internet-Draft               Digital Emblems               November 2024

A.7.  Press

   Journalists in conflict zones require protective markings that
   indicate their status as a non-combatant.

A.8.  World Intellectual Property Organization (WIPO)

   WIPO administers 26+ treaties with different protections for
   different things.  Brands that are protected under international law
   (e.g., Madrid Protocol) can mark their shipments with an emblem
   allowing customs agents to positively identify legitimate products.

   *  Copyright/Brand image

   *  Textual description

   *  Chain-of-custody / provenance

A.9.  International Civil Aviation Organization (ICAO)

   Requires protection of civil aviation flights and the ability to
   assert that they are not dual-use (i.e., not carrying military
   cargo).  Digital emblem would carry a geographic description of the
   flight plan, its current location, and an indicator of its identity
   (i.e., tail number).  Potential need for the emblem to reference a
   flight manifest.

   *  Indication of location

      -  Flight plan is static

      -  Current location is dynamic

   *  Textual description (i.e., manifest, identifying characteristics
      such as tail number)

A.10.  World Health Organization (WHO)

   Similar use case as the ICRC.

Authors' Addresses

   Brian Haberman (editor)
   JHU/APL
   Email: brian@innovationslab.net

Haberman, et al.           Expires 22 May 2025                 [Page 11]
Internet-Draft               Digital Emblems               November 2024

   Tommy Jensen
   Microsoft
   Email: tojens@microsoft.com

   Bill Woodcock
   PCH
   Email: woody@pch.net

Haberman, et al.           Expires 22 May 2025                 [Page 12]