Minutes IETF107: drip
minutes-107-drip-00

Meeting Minutes Drone Remote ID Protocol (drip) WG
Date and time 2020-03-25 20:00
Title Minutes IETF107: drip
State Active
Other versions plain text
Last updated 2020-04-20

minutes-107-drip-00
   Drone Remote ID Protocol (drip) WG Agenda

Wed   2020-03-25 20:00-21:30 (UTC)

Co-Chairs: Daniel Migault & Mohamed Boucadair

webex:
etherpad:
https://etherpad.ietf.org:9009/p/notes-ietf-107-drip?useMonospaceFont=true
jabber: drip@jabber.ietf.org

**********************************************************************
          Agenda & Minutes
**********************************************************************

(1) Chairs slides                                       15 min
     Note well, Minute taker, jabber, agenda bashing
     https://datatracker.ietf.org/meeting/107/materials/slides-107-drip-chairs-slides

Agenda bashing and Note Well.
Daniel explains github use, and then explains goals of session about
Requirements to be understood by all the IETF.

(2) DRIP Requirements                                         30 min
     2.1 draft-card-drip-reqs          [Stuart]  20 min
     https://datatracker.ietf.org/meeting/107/materials/slides-107-drip-drip-requirements

Stu talking, presenting about the slides.
Many acronyms presented.
Firemen sees UA above fire, whose is it?
"UTM is the future of Aviation"
FAA UTM Pilot Project 2 architecture, DRIP must fit here as well as in EU
equivalent. "Punts security methods to implementors" slide 9: Type 3:
randomly-generated  alphanumeric code is encouraged in US, but forbidden in EU
Everyone says we should protect the identity of the pilot, but not how.

jabber Amelia Andersdotter: how depressing that EASA would not allowed a
randomly generated alphanumeric code for only one flight someone: integrity
protected and authenticated lies are still lies

Aviators understand push-to-talk analog, but not networking.
have been moving fast outside the IETF with HIP-based code.
badly need help with review, testing, etc.

Jim Reid: how is this WG going to interact with the aviation authorities?
Stu: There are no formal liasons in place. Not the one to push that.

Joseph Potvin: Re: Regulation and Measures for Compliance, in particular DRIP
General Req's #5. Can you provide more detail on the approach so far? Stu:
explains how the RID would go into a registry, akin to telephone numbers.
Joseph explains that Xalgorithms Foundation can participate with its free/libre
methods and working & components that enable a control table in JSON or CBOR
DSL to be associated with a Drone ID and pilot ID, within the 20 byte
constraint. We have a way to include the essential reqs "in effect" GIVEN
jurisdictions and date/time, and "applicable" WHEN various particulars are
present. THEN a certain control table (EU regs; US regs etc) is associated with
the ID. One of our team is involved in natoln team drone racing.  We are happy
to commit to assist with you DRIP GenReq #5. Contact: jpotvin@xalgorithms.org

Stewart Bryant: will there be a ground based proxy for this?
Stu: some are already over-constrained, very light, not easily retrofitted.
Rarely one to give governments clue, and explains that the network-RID can come
from any part of the UA-System, so they RID can come from the ground station,
including the smartphone.

Shuai Zhao: trying to use the ID from 3GPP SA2 and SA6
Stu: I'm hoping that you can connect us with that, because I definitely want to
connect on this. (Adam looks forward to email) See you are as key role in
connecting the communities.

Hannes: you are using BT, and what other communication technologies are in use?
Stu: the ASTN took the lead from from EU and USA regulators that first
responders be able to identify the aircraft using devices they already have,
which meant BT4.  This means direct BT4 from UA to device on hand, and BT5 is
on spec, and discussing ASTN requiring/allowing other media. For Network-RID,
anythiing that gets you on the Internet is fine.

Joseph Potvin: Xalgorithms, the way that we have split is to split up the rule
maker from rule taker.

Stephan Wenger: many think that there is a broadcast value, but considering the
speed of the Internet, it seems like rather than jumping through hoops, why
not, when sending out info over the Internet, why not query that information
directly? Stu: while I agree with your idea, some of the regulation is above
our pay grade, and there is back-pressure against FAA (in US) and in EU against
requiring Internet. They wanted to allow either.  There are many places where
there is not ubiquitous Internet, and there places where they still want to
identity things.

Daniel asks:
Stu: increasing awareness that systems need to be integrated.
D:    But out of scope?
Stu: out of scope for the ASTM F3411, but maybe not for DRIP.

Daniel asks that people check that the use case really fits into the
requirements.

webex: Mika Jarvenpaa 16:46
New U-space regulation draft
https://www.easa.europa.eu/document-library/opinions/opinion-012020

     2.2 Discussion                    [ALL]     10 min
(3) DRIP Reference Architecture                         30 min
     3.1 draft-card-drip-arch          [Stuart]  20 min
     https://datatracker.ietf.org/meeting/107/materials/slides-107-drip-drip-architecture

unverified, weakly coorelated assertions about who is going where.
one-way BT4 beacon frames with 24-bytes each, paged multi-frame at most 224
bytes (minus any ECC) the UAS ID, even though it is called that, it's an
aircraft ID, because the ground station could operate multiple aircraft.

Done 17:06,
Jim Reid: 1) when do you need this architecture framework to be completed?
Stu: hard to answer, as yet unwise in the ways of the IETF, trying to move as
fast as the regulator is moving. JR 2) if you look at what happened in ICANN
with WHOIS and RDAP(?) and LE... if you have any kind of information that
identifies a human being, then the GDPR gets involved.  So good to have a
dialog with data protection authorities. Stu: one of the things that astonished
me is that the European Aviation association required the type-1 identifier
(the manufacturer identifier).  Seems counter-intuitive given EU views on
privacy. Jim Reid: a big problem, and I don't see an easy solution

Hannes: you mentioned a prototype, did you produce a write-up/blog-post, etc? 
wants to learn more. Stu: I will get together with the developers and put
together something.

SDaSilva: issues relating to mobility? How does this impact the RID? Is this a
real issue? mobility problem with Internet?

Stu: I first got involved with mobile-IP in the context of aircraft, and
aircraft were handed off between base stations, and this was challenging. 
Although there have been great strides in the last 20 years, but I don't see
secure arbitrary mobility.  I can't say anything more specific than that.

Stewart Bryant: I am rather surprised, every vehicle that has flown for the
past 100 years has had it's identity as public information (aircraft, vehicles,
boats).  I can see Europeans taking that position maybe. GDPR is about personal
information, and not about the identity of the vehicle. Stu: that's mostly
correct, but the broadcast information contains not just the identity/location
of the vehicle, but the location of the pilot. Stewart: never heard anyone
being at risk in the UK from this? Toerless: maybe there has never been a risk
of the information being public. Stu: someone does something bad with a drone,
and then somebody else sees the drone flying, envision the scenario where a mob
attacks the wrong person. Toerless: the established tradition is that vehicle
(plane) identifier was public , no requirement for "need to know".

Stu: public visibility of the identifier, visibility of the information about
the operator (name,rank,serial no, home address), EU and US have taken
different approaches.

Stu: UTM is the future of ATM.  Very risk adverse, so hard to experiment with
new ways to do things, where as unmapped systems are non-threatening, so they
provide a place to innovate.

Toerless: must be transparent and ??? ... privacy vs ... just a normal person
having a lot of drones around me, then maybe I want to know more.

Stephan Wenger: limited experience with FAA man-carrying regulation work, when
you just look at what is obvious to those who have taken a flight lesson...
recent regulator change.  Introducing ADSB, the man-carrying equivalent to RID,
which took 20 years to get. Mandatory as of 2020, using 199x technology... just
being phased. Stick to our guns, and make the drones workable, because the
timelines for man-carrying are an order of magnitude too long for us.

Stu: the IETF is the best group to solve the problem, because we know the 90%
of the problem. Toerless: it's not that the IETF is slow, it's that people do
not have time to comment quickly.  But that nagging would have to be unicast.

Hannes: I'm not sure that the regulators will really be that fast.  In Europe
there are other problems that this kind of regulation. Stephan: I agree, but
the IETF schedule of 1yr is often 5.

Daniel suggests that we try to keep this deadline.  I don't see any
difficulties with the current documents. No technical difficulties.

MCR suggests that it is the requirements that will be controversial, not the
solutions, and that we need to deal with the objections from people who are new
to this topic now. Toerless tries to agree with me. Hannes the tricky issue is
to describe the requirements and the architecture. The solution is easy to do
if you know the requirements.

Shuai: do we have any specific dates?
Daniel: we will ask, do you think these documents should be adopted, and this
will occur in April.  (Then explains the IETF process, and Stewart adds also
area review)

Eric: "feel free to continue use webex room. But, please close the official
meeting and the minutes. Hallway track starts :-) and note well still applies"
Jim Reid: need to ask the WG to adopt, (Stewart reminds that the chairs can do
this unilaterally)

     3.2 Discusion                     [ALL]     10 min
(4) WG Planning & Closing                               15 min

===If time permits

(5) Protocol Documents
     5.1 DRIP Authentication Formats & Identity Claims  [Adam]
         draft-wiethuechter-drip-auth
         https://datatracker.ietf.org/meeting/107/materials/slides-107-drip-authentication-formats

         draft-wiethuechter-drip-identity-claims
         https://datatracker.ietf.org/meeting/107/materials/slides-107-drip-identity-claims

     5.2 CS-RID & HIP Updates                           [Robert]
         draft-moskowitz-tmrid-crowd-sourced-rid
https://datatracker.ietf.org/meeting/107/materials/slides-107-drip-crowd-sourced-remoteid-nonotes

**********************************************************************
     Bluesheet - Sign with your name and affiliation
**********************************************************************

Éric Vyncke, Cisco
Adam Wiethuechter, AX Enterprize, LLC
Stuart Card, AX Enterprize, LLC
Scott Hollenbeck, Verisign
Bernie Hoeneisen. pEp Foundation
Mohit Sethi, Ericsson
Shuai Zhao, Tencent
Robert Moskowitz, HTT Consulting
Henk Birkholz, Fraunhofer SIT
John Kaippallimalil, Futurewei
Valery Smyslov, ELVIS-PLUS
Zaid AlBanna, Verisign
Peter Yee, AKAYLA
Mohamed Boucadair, Orange
Jonathan Hoyland, Cloudflare
James Gould, Verisign
Keith Moore, Network Heretics
Ronald in 't Velt, TNO
Andrew Lacher, The Boeing Company
Stephan Wenger (Tencent)
Ross Finlayson, Live Networks
Amelia Andersdotter (CENTR)
Stefano Faccin (Qualcomm)
John Border, Hughes
Ari Keränen, Ericsson
David Smith, Verisign
Stewart Bryant Futurewei US
Nicolai Leymann, Deutsche Telekom
Andy Thurling NUAIR
Yuji Tochio, Fujitsu
Erik Kline, Loon LLC
Linda Dunbar, Futurewei
Carsten Bormann, TZI
Brendan Moran, Arm
Michael Richardson, Sandelman Software Works
Michael Gibbs, Verisign
Teemu Kärkkäinen, TUM
Ash Wilson, Valimail
Jim Reid, rtfm llp
Donald Eastlake, Futurewei
Richard Wilhelm, Verisign
Emile Stephan, Orange
Russ Housley, Vigil Security LLC
Behcet Sarikaya, Self
Jari Arkko, Ericsson
Toerless Eckert, Futurewei
Barbara Stark, AT&T
Josef Jahn, Frequentis AG
Justin Iurman, University of Liege
Olaf Maennel, Tallinn University of Technology
Samita Chakrabarti, Verizon
Philip Hall, RelmaTech
Kiran Makhijani (Futurewei)
Xavier de Foy, Interdigital
Mika Järvenpää, Nokia
Larry Masinter, LarryMasinter.net
Fanny Parzysz, Orange
Mike Boyle, NSA
Steve Olshansky, ISOC
Joseph Potvin, Xalgorithms Foundation
Peter Koch, DENIC eG
Daniel Migault Ericsson
Hannes Tschofenig, Arm
Brad Peabody
Peter Van Roste, CENTR
Godfred Ahuma, Packetfile
Dieter Sibold, PTB
Karen O'Donoghue, Internet Society
Mitsuaki Hatano