Drone Remote ID Protocol (drip) interim meeting Agenda Wed, August 26, 2020 15:00-16:00 UTC Co-Chairs: Daniel Migault & Mohamed Boucadair Links: * [WEBEX](https://ietf.webex.com/ietf/j.php?MTID=m55592b255b3106bfd11854d9be550754) * [Meeting Matrial](https://datatracker.ietf.org/meeting/interim-2020-drip-05/session/drip) * [WG page](https://datatracker.ietf.org/wg/drip/documents/) * [etherpad](https://codimd.ietf.org/notes-ietf-interim-2020-drip-05-drip) # Agenda ## 1. [Note well](https://www.ietf.org/about/note-well/) [slide](https://docs.google.com/presentation/d/1Aug0vjm-4hCXzadszOgTJxMTBqYoS51BEIhb7nvfepc/edit?usp=sharing), logistics, and introduction 5 min Comments on agenda? None. ## 2. Requirements Discussion Stuart Card 10 min (need 15) * [draft-ietf-drip-reqs](https://datatracker.ietf.org/doc/draft-ietf-drip-reqs/) [prez](https://datatracker.ietf.org/doc/slides-interim-2020-drip-05-sessa-drip-requirements/) Requirements (Stu Card) - Slide 2 - Update, now rev4 - Try to address all points as understood - Added missing context, ignored if no consensus - Definitions? A lot of them not used in reqs. - Structure or restructure? - Slide 3 - GEN 1 out into multiple sub reqs, thanks Michael R. - Slide 4 (with updates in red) - Daniel; Concur, different characteristics. Maybe not 5 but a middle ground - Bob; also agree - Danel; lack of context maybe, do not understand why current sender of message...is this the simplest way (wording)? - Many short messages, but no session or connection, so a lot of technology doesn't work. Think UDP datagrams and can not correlate one message from another - Daniel; what about sender, UA or GCS? When speaking of UAS, drone can broadcast or has network connection - Bob; Broadcast assumes it is always coming from air. Network assumes either - both UA and GCS are allowed to do Network RID. - Stu; who is provider? - Dnaiel; whoever is collection location information - Stu; Broadcast the provider is Observer devices - Daniel; so non-IP communication, .... - Slide 5 - GEN 4 not really need? - Slide 6 - Remain unchanged. - Explinatory text in places - Even GCS could be mobile - yes. - Slide 7 - Uniqueness in a defined scope ... need to define this - Hoped it would just appear - Daniel; won't be unique for a long time - How wide and long it needs to be - Daniel; too specific - must provide ways to avoid collisions - Bob; FAA conops wording about avoiding ID use in operation conflict - 6 month period of relevance - Daniel; solution really match reqs at the end - Slide 8 - Action time - PRIV3, prior at 108 it was narrowed - PRIV2, trasparency vs. privacy - Bob; is happy with it - Daniel; is storage in scope? - Talks about in explanitory text - Slide 9 - PRIV4; new. Results for Amelia's review. - PRIV5; new. Michael R. make themselves mutually reachable while masking location of pilot location and ID - Daniel; I can talk to pilot of drone w/o ??? - Not really a requirment its a MAY - Daniel; why not a SHOULD? - Can upgrade if we all agree - Tactical deconfliction, when its automated its called DAA - Daniel; not much of a difference between MAY/SHOULD and if we don't have it - Michael R; not required, but its interesting! Enabling it for more than security it would get additional traction and mindshare. "I just got footage of mugging, but didn't get face, did you?" - Any objection of MAY to SHOULD? -- no push back will do so - Wrap up - Daniel; can we start WGLC on this Sept 1? - 1 yes... - Bob; need GEN1 changes on list and then call WGLC, also PRIV3 --> PRIV5 so just a reorder - Daniel; minor changes but next ver. can be discussed on list and do WGLC - Dan; want to reach other to other orgs for this - Dan; long WGLC? Shouldn't stop solution stuff - Dan; any opinion? - Michael; start after labor day - but no need to make it long - Bob; Silva could comment from ICAO? - Bob; end of Oct to finish up? - Dan; WGLC for a month? So mid-Sept to Oct 15 - Michael; sounds too long, you will lose focus. Never really get any comments until final review. outside ORG different story - Dan; good points - Stu; start on Sept 8 ## 3. Solution Discussion ### 3.1. UAS Remote ID Robert Moskowitz 10 min * draft-moskowitz-drip-uas-rid [prez](https://datatracker.ietf.org/doc/slides-interim-2020-drip-05-sessa-drip-uas-rid/) Slide 3 - limited by outside groups - 200 bytes max size of auth messages - challenging in practice for BT4 to get all frames - Dan; 10 is BT restriction? - no, more from other groups and previous decisions Slide 4 - self explained Slide 5 - Certs? Cert isn't but name inside is - This is being discussed in ICAO Digital Identity group for their PKI model (manned aircraft and services) - Daniel; 20 bytes or characters? - bytes but assumed printable ascii - Russ; don't understand Certs are non-spoofable - certificate can not prove name - Russ; depends on ppolicy and CA is following rules - multiple CAs! - Russ; or they split up the namespace - lost ??? - Russ; if ICAO runs the root, then they can audit subordinates - ICAO is expanding to federated model - Russ; doesn't change...can still audit - after damage has been done - Russ; so if you don't trust CA then can't trust name - I agree with that - maybe Bob being gun-rush? - Russ; if policy in place and being enforced they will get caught if breaking it! - will send to Russ current draft (Silva confirms in chat) Slide 6 - ???? Slide 7 - statistical uniqueness is not sufficient Slide 8 - ??? (test ignore) Another possible approach is the use of return tests: ping it and if it replies now, or in the time 4th dimension, then that's who s/he is, else no. I must say I dont know Host Identity Tag Slide 9 - HHIT is chosen approach Slide 10 - EPP is probably better and need stuff from Michael P. - Better/simpler approach to how lookup would work - RDAP approach as well - leverage EPP/RDAP is probably way forward - do not have best DNS structure - Alexandre Petrescu; not clear how IPv6 comes into opicture here if we said earlier that this is bluetooth, not IP. Not sure how to use that IP reverse lookup, although I do see how IP reverse lookups work. - Adam; IPv6 comes into play when the ID is recieved by an Observer (either via Broadcast or Network) and can lookup the public key and other public information using it as a key. - Alex; at that point, we want to do reverse lookup on an IP address, and the ownership of that IP address is what might be at risk (claimed by an attacker). Slide 11 - Stu; also supporting ID6 ### 3.2. DRIP Authentication Formats Adam Wiethuechter 10 min * draft-wiethuechter-drip-auth [prez](https://datatracker.ietf.org/doc/slides-interim-2020-drip-05-sessa-drip-implementation-drafts-authentication-and-identity-claims/) postponed until next inteim (but critically important) ### 3.3 DRIP Identity Claims Adam Wiethuechter 10 min * draft-wiethuechter-drip-identity-claims [prez](https://datatracker.ietf.org/doc/slides-interim-2020-drip-05-sessa-drip-implementation-drafts-authentication-and-identity-claims/) postponed until next interim (but critically important) ### 3.4 DRIP Operator Privacy * draft-moskowitz-drip-operator-privacy [prez](https://datatracker.ietf.org/doc/slides-interim-2020-drip-05-sessa-drip-uas-operator-privacy/) also postponed ## 4 Closing 5 min WG last call on -reqs to start shortly if Med agrees call for UAS RID draft adoption also soon closing ~12:01 EDT Attendees: Stuart Card AX Enterprize Bob Moskowitz HTT Consaulting Adam Wiethuechter AX Enterprize, LLC Russ Housley, Vigil Security Alexandre Petrescu, CEA Peter Yee, Spyrus Sao Da Silva, ICAO Michael Richardson, MCR Shuai Zhao, Tencent Michael Palage, Daniel Migault, Ericsson