rfc9575v3.txt | rfc9575.txt | |||
---|---|---|---|---|
skipping to change at line 212 ¶ | skipping to change at line 212 ¶ | |||
802.11 Beacons with the vendor-specific information element as | 802.11 Beacons with the vendor-specific information element as | |||
specified in [F3411]. Must use ASTM Message Pack (Message Type | specified in [F3411]. Must use ASTM Message Pack (Message Type | |||
0xF). | 0xF). | |||
Legacy Transports: Use of broadcast frames (Bluetooth 4.x) as | Legacy Transports: Use of broadcast frames (Bluetooth 4.x) as | |||
specified in [F3411]. | specified in [F3411]. | |||
Manifest: An immutable list of items being transported (in this | Manifest: An immutable list of items being transported (in this | |||
specific case over wireless communication). | specific case over wireless communication). | |||
Note: For the remainder of this document, Broadcast Endorsement: | Note: For the remainder of this document, _Broadcast Endorsement: | |||
Parent, Child will be abbreviated as BE: Parent, Child. For example, | Parent, Child_ will be abbreviated as _BE: Parent, Child_. For | |||
Broadcast Endorsement: RAA, HDA will be abbreviated as BE: RAA, HDA. | example, _Broadcast Endorsement: RAA, HDA_ will be abbreviated as | |||
_BE: RAA, HDA_. | ||||
3. UAS RID Authentication Background and Procedures | 3. UAS RID Authentication Background and Procedures | |||
3.1. DRIP Authentication Protocol Description | 3.1. DRIP Authentication Protocol Description | |||
[F3411] defines Authentication Message framing only. It does not | [F3411] defines Authentication Message framing only. It does not | |||
define authentication formats or methods. It explicitly anticipates | define authentication formats or methods. It explicitly anticipates | |||
several signature options but does not fully define those. Annex A1 | several signature options but does not fully define those. Annex A1 | |||
of [F3411] defines a Broadcast Authentication Verifier Service, which | of [F3411] defines a Broadcast Authentication Verifier Service, which | |||
has a heavy reliance on Observer real-time connectivity to the | has a heavy reliance on Observer real-time connectivity to the | |||
skipping to change at line 659 ¶ | skipping to change at line 660 ¶ | |||
Identity Tags (HHIT) Suite ID of the DET. | Identity Tags (HHIT) Suite ID of the DET. | |||
When using this structure, the UA is minimally self-endorsing its | When using this structure, the UA is minimally self-endorsing its | |||
DET. The HI of the UA DET can be looked up by mechanisms described | DET. The HI of the UA DET can be looked up by mechanisms described | |||
in [DRIP-REG] or by extracting it from a Broadcast Endorsement (see | in [DRIP-REG] or by extracting it from a Broadcast Endorsement (see | |||
Sections 4.2 and 6.3). | Sections 4.2 and 6.3). | |||
4.2. DRIP Link | 4.2. DRIP Link | |||
This SAM Type (Figure 5) is used to transmit Broadcast Endorsements. | This SAM Type (Figure 5) is used to transmit Broadcast Endorsements. | |||
For example, the BE: HDA, UA is sent (see Section 6.3) as a DRIP Link | For example, the _BE: HDA, UA_ is sent (see Section 6.3) as a DRIP | |||
message. | Link message. | |||
DRIP Link is important as its contents are used to provide trust in | DRIP Link is important as its contents are used to provide trust in | |||
the DET/HI pair that the UA is currently broadcasting. This message | the DET/HI pair that the UA is currently broadcasting. This message | |||
does not require Internet connectivity to perform signature | does not require Internet connectivity to perform signature | |||
verification of the contents when the DIME DET/HI is in the | verification of the contents when the DIME DET/HI is in the | |||
Observer's cache. It also provides the UA HI, when it is filled with | Observer's cache. It also provides the UA HI, when it is filled with | |||
a BE: HDA, UA, so that connectivity is not required when performing | a BE: HDA, UA, so that connectivity is not required when performing | |||
signature verification of other DRIP Authentication Messages. | signature verification of other DRIP Authentication Messages. | |||
Various Broadcast Endorsements are sent during each UAS flight | Various Broadcast Endorsements are sent during each UAS flight | |||
skipping to change at line 1005 ¶ | skipping to change at line 1006 ¶ | |||
cSHAKE128(ASTM Message, 64, "", "Remote ID Auth Hash") | cSHAKE128(ASTM Message, 64, "", "Remote ID Auth Hash") | |||
For ORCHID Generation Algorithms (OGAs) other than "5" (EdDSA/ | For ORCHID Generation Algorithms (OGAs) other than "5" (EdDSA/ | |||
cSHAKE128) [RFC9374], use the construct appropriate for the | cSHAKE128) [RFC9374], use the construct appropriate for the | |||
associated hash. For example, the hash for "2" (ECDSA/SHA-384) is | associated hash. For example, the hash for "2" (ECDSA/SHA-384) is | |||
computed as follows: | computed as follows: | |||
Ltrunc( SHA-384( ASTM Message | "Remote ID Auth Hash" ), 8 ) | Ltrunc( SHA-384( ASTM Message | "Remote ID Auth Hash" ), 8 ) | |||
When building the list of hashes, the _Previous Manifest Hash_ is | When building a Manifest, this process MUST be followed: | |||
known from the previous Manifest. For the first built Manifest, this | ||||
value is filled with a random nonce. The _Current Manifest Hash_ is | 1. The _Previous Manifest Hash_ | |||
null filled while ASTM Messages are hashed and fill the _ASTM Message | ||||
Hashes_ field. When all messages are hashed, the _Current Manifest | a. is filled with a random nonce if and only if this is the | |||
Hash_ is computed over the _Previous Manifest Hash_, _Current | first manifest being generated; | |||
Manifest Hash_ (null filled), and _ASTM Message Hashes_. This hash | ||||
value replaces the null-filled _Current Manifest Hash_ and becomes | b. otherwise, it contains the previous manifest's _Current | |||
the _Previous Manifest Hash_ for the next Manifest. | Manifest Hash_. | |||
2. The _Current Manifest Hash_ is filled with null. | ||||
3. _ASTM Message Hashes_ are filled per Section 4.4.3.1 or | ||||
Section 4.4.3.2. | ||||
4. A hash, as defined above in this section, is calculated over the | ||||
_Previous Manifest Hash_, _Current Manifest Hash_ (null filled), | ||||
and _ASTM Message Hashes_. | ||||
5. The _Current Manifest Hash_ (null filled) is replaced with the | ||||
hash generated in Step r. | ||||
4.4.3.1. Legacy Transport Hashing | 4.4.3.1. Legacy Transport Hashing | |||
Under this transport, DRIP hashes the full ASTM Message being sent | Under this transport, DRIP hashes the full ASTM Message being sent | |||
over the Bluetooth Advertising frame. This is the 25-octet object | over the Bluetooth Advertising frame. This is the 25-octet object | |||
that starts with the Message Type and Protocol Version octet along | that starts with the Message Type and Protocol Version octet along | |||
with the 24 octets of message data. The hash MUST NOT include the | with the 24 octets of message data. The hash MUST NOT include the | |||
Message Counter octet. | Message Counter octet. | |||
For paged ASTM Messages (currently only Authentication Messages), all | For paged ASTM Messages (currently only Authentication Messages), all | |||
skipping to change at line 1276 ¶ | skipping to change at line 1289 ¶ | |||
FEC. Thus, the DRIP decoders will never be presented with a Message | FEC. Thus, the DRIP decoders will never be presented with a Message | |||
Pack from which a constituent Authentication Page has been dropped; | Pack from which a constituent Authentication Page has been dropped; | |||
DRIP FEC could never provide benefit to a Message Pack, only consume | DRIP FEC could never provide benefit to a Message Pack, only consume | |||
its precious payload space. Therefore, DRIP FEC (Section 5) MUST NOT | its precious payload space. Therefore, DRIP FEC (Section 5) MUST NOT | |||
be used in Message Packs. | be used in Message Packs. | |||
6.3. Authentication | 6.3. Authentication | |||
To fulfill the requirements in [RFC9153], a UA: | To fulfill the requirements in [RFC9153], a UA: | |||
1. MUST: send DRIP Link (Section 4.2) using the BE: Apex, RAA | 1. MUST: send DRIP Link (Section 4.2) using the _BE: Apex, RAA_ | |||
(partially satisfying GEN-3); at least once per 5 minutes. Apex | (partially satisfying GEN-3); at least once per 5 minutes. Apex | |||
in this context is the DET prefix owner. | in this context is the DET prefix owner. | |||
2. MUST: send DRIP Link (Section 4.2) using the BE: RAA, HDA | 2. MUST: send DRIP Link (Section 4.2) using the BE: RAA, HDA | |||
(partially satisfying GEN-3); at least once per 5 minutes. | (partially satisfying GEN-3); at least once per 5 minutes. | |||
3. MUST: send DRIP Link (Section 4.2) using the BE: HDA, UA | 3. MUST: send DRIP Link (Section 4.2) using the BE: HDA, UA | |||
(satisfying ID-5, GEN-1 and partially satisfying GEN-3); at least | (satisfying ID-5, GEN-1 and partially satisfying GEN-3); at least | |||
once per minute. | once per minute. | |||
End of changes. 4 change blocks. | ||||
15 lines changed or deleted | 28 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. |