draft-ietf-hip-rfc4843-bis-02.txt   draft-ietf-hip-rfc4843-bis-03.txt 
Network Working Group J. Laganier Network Working Group J. Laganier
Internet-Draft Juniper Networks Internet-Draft Juniper Networks
Obsoletes: 4843 (if approved) F. Dupont Obsoletes: 4843 (if approved) F. Dupont
Intended status: Standards Track Internet Systems Consortium Intended status: Standards Track Internet Systems Consortium
Expires: March 23, 2013 September 19, 2012 Expires: March 24, 2013 September 20, 2012
An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers
Version 2 (ORCHIDv2) Version 2 (ORCHIDv2)
draft-ietf-hip-rfc4843-bis-02 draft-ietf-hip-rfc4843-bis-03
Abstract Abstract
This document specifies an updated Overlay Routable Cryptographich This document specifies an updated Overlay Routable Cryptographich
Hash Identifiers format that obsoletes the earlier format defined in Hash Identifiers format that obsoletes the earlier format defined in
[RFC4843]. These identifiers are intended to be used as endpoint [RFC4843]. These identifiers are intended to be used as endpoint
identifiers at applications and Application Programming Interfaces identifiers at applications and Application Programming Interfaces
(API) and not as identifiers for network location at the IP layer, (API) and not as identifiers for network location at the IP layer,
i.e., locators. They are designed to appear as application layer i.e., locators. They are designed to appear as application layer
entities and at the existing IPv6 APIs, but they should not appear in entities and at the existing IPv6 APIs, but they should not appear in
skipping to change at page 1, line 49 skipping to change at page 1, line 49
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 23, 2013. This Internet-Draft will expire on March 24, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 35 skipping to change at page 2, line 35
1.3. Expected use of ORCHIDs . . . . . . . . . . . . . . . . . 5 1.3. Expected use of ORCHIDs . . . . . . . . . . . . . . . . . 5
1.4. Action Plan . . . . . . . . . . . . . . . . . . . . . . . 5 1.4. Action Plan . . . . . . . . . . . . . . . . . . . . . . . 5
1.5. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5 1.5. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5
2. Cryptographic Hash Identifier Construction . . . . . . . . . . 5 2. Cryptographic Hash Identifier Construction . . . . . . . . . . 5
3. Routing Considerations . . . . . . . . . . . . . . . . . . . . 7 3. Routing Considerations . . . . . . . . . . . . . . . . . . . . 7
3.1. Overlay Routing . . . . . . . . . . . . . . . . . . . . . 7 3.1. Overlay Routing . . . . . . . . . . . . . . . . . . . . . 7
4. Collision Considerations . . . . . . . . . . . . . . . . . . . 8 4. Collision Considerations . . . . . . . . . . . . . . . . . . . 8
5. Design Choices . . . . . . . . . . . . . . . . . . . . . . . . 10 5. Design Choices . . . . . . . . . . . . . . . . . . . . . . . . 10
6. Security Considerations . . . . . . . . . . . . . . . . . . . 10 6. Security Considerations . . . . . . . . . . . . . . . . . . . 10
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 12 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 11
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 12 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 11
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12
10.1. Normative references . . . . . . . . . . . . . . . . . . . 12 10.1. Normative references . . . . . . . . . . . . . . . . . . . 12
10.2. Informative references . . . . . . . . . . . . . . . . . . 12 10.2. Informative references . . . . . . . . . . . . . . . . . . 12
Appendix A. Changes from RFC 4843 . . . . . . . . . . . . . . . . 13 Appendix A. Changes from RFC 4843 . . . . . . . . . . . . . . . . 13
1. Introduction 1. Introduction
This document introduces Overlay Routable Cryptographic Hash This document introduces Overlay Routable Cryptographic Hash
Identifiers (ORCHID), a new class of IP address-like identifiers. Identifiers (ORCHID), a new class of IP address-like identifiers.
These identifiers are intended to be globally unique in a statistical These identifiers are intended to be globally unique in a statistical
skipping to change at page 4, line 33 skipping to change at page 4, line 33
implementations are already using a certain IPv6 prefix for implementations are already using a certain IPv6 prefix for
differentiating HIP identifiers from IPv6 addresses, allowing them differentiating HIP identifiers from IPv6 addresses, allowing them
both to be used by the existing applications via the existing APIs. both to be used by the existing applications via the existing APIs.
The Overlay Routable Cryptographic Hash Identifiers originally The Overlay Routable Cryptographic Hash Identifiers originally
defined in [RFC4843] lacked a mechanism for cryptographic algorithm defined in [RFC4843] lacked a mechanism for cryptographic algorithm
agility. The updated ORCHID format specified in this document agility. The updated ORCHID format specified in this document
removes this limitation by encoding in the identifier itself an index removes this limitation by encoding in the identifier itself an index
to the suite of cryptographic algorithms in use. to the suite of cryptographic algorithms in use.
Becase the updated ORCHID format is not backward compatible with the Because the updated ORCHIDv2 format is not backward compatible with
earlier one, IANA is requested to allocate a new prefix out of the the earlier one, IANA is requested to allocate a new 28-bit prefix
IPv6 addressing space. The prefix that was temporarily allocated for out of the IANA IPv6 Special Purpose Address Block, namely 2001:
the experimental ORCHID is to be returned to IANA in 2014 [RFC4843]. 0000::/23, as per [RFC4773]. The prefix that was temporarily
allocated for the experimental ORCHID is to be returned to IANA in
2014 [RFC4843].
1.2. ORCHID Properties 1.2. ORCHID Properties
ORCHIDs are designed to have the following properties: ORCHIDs are designed to have the following properties:
o Statistical uniqueness; also see Section 4 o Statistical uniqueness; also see Section 4
o Secure binding to the input parameters used in their generation o Secure binding to the input parameters used in their generation
(i.e., the context identifier and a bitstring). (i.e., the context identifier and a bitstring).
skipping to change at page 11, line 29 skipping to change at page 11, line 29
globally maintained counter value, a pseudo-random number of globally maintained counter value, a pseudo-random number of
sufficient entropy (minimum 96 bits), or a randomly generated public sufficient entropy (minimum 96 bits), or a randomly generated public
cryptographic key. The Context ID makes sure that input bitstrings cryptographic key. The Context ID makes sure that input bitstrings
from different contexts never overlap. These together make sure that from different contexts never overlap. These together make sure that
the probability of collisions is determined only by the probability the probability of collisions is determined only by the probability
of natural collisions in the hash space and is not increased by a of natural collisions in the hash space and is not increased by a
possibility of colliding input bitstrings. possibility of colliding input bitstrings.
7. IANA Considerations 7. IANA Considerations
IANA allocated a temporary non-routable 28-bit prefix from the IPv6 Because the updated ORCHIDv2 format is not backward compatible with
address space. By default, the prefix will be returned to IANA in the earlier one, IANA is requested to allocate a new 28-bit prefix
2014, continued use requiring IETF consensus. As per [RFC4773], the out of the IANA IPv6 Special Purpose Address Block, namely 2001:
28-bit prefix was drawn out of the IANA Special Purpose Address 0000::/23, as per [RFC4773]. The prefix that was temporarily
Block, namely 2001:0000::/23, in support of the experimental usage allocated for the experimental ORCHID is to be returned to IANA in
described in this document. IANA has updated the IPv6 Special 2014 [RFC4843].
Purpose Address Registry.
Becase the updated ORCHIDv2 format is not backward compatible with
the earlier one, IANA is requested to allocate a new prefix out of
the IPv6 addressing space. The prefix that was temporarily allocated
for the experimental ORCHID is to be returned to IANA in 2014
[RFC4843].
The Context Identifier (or Context ID) is a randomly generated value The Context Identifier (or Context ID) is a randomly generated value
defining the usage context of an ORCHID and the hash function to be defining the usage context of an ORCHID and the hash function to be
used for generation of ORCHIDs in this context. This document used for generation of ORCHIDs in this context. This document
defines no specific value. The Context ID shares the name space defines no specific value. The Context ID shares the name space
introduced for CGA Type Tags. Hence, defining new values follows the introduced for CGA Type Tags. Hence, defining new values follows the
rules of Section 8 of [RFC3972], i.e., First Come First Served. rules of Section 8 of [RFC3972], i.e., First Come First Served.
8. Contributors 8. Contributors
 End of changes. 6 change blocks. 
22 lines changed or deleted 17 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/