Transmission of IP Packets over Overlay Multilink Network (OMNI) Interfaces
draft-templin-6man-omni-interface-55
The information below is for an old version of the document.
Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Replaced".
|
|
---|---|---|---|
Authors | Fred Templin , Tony Whyman | ||
Last updated | 2020-12-10 | ||
Replaces | draft-templin-atn-aero-interface | ||
Replaced by | draft-templin-6man-omni | ||
RFC stream | (None) | ||
Formats | |||
Additional resources | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | I-D Exists | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
draft-templin-6man-omni-interface-55
Network Working Group P. Hoffman, Ed. Request for Comments: 4134 Internet Mail Consortium Category: Informational July 2005 Examples of S/MIME Messages Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005). Abstract This document gives examples of message bodies formatted using S/MIME. Specifically, it has examples of Cryptographic Message Syntax (CMS) objects and S/MIME messages (including the MIME formatting). It includes examples of many common CMS formats. The purpose of this document is to help increase interoperability for S/MIME and other protocols that rely on CMS. Hoffman, Ed. Informational [Page 1] RFC 4134 Examples of S/MIME Messages July 2005 Table of Contents 1. Introduction ................................................ 3 2. Constants Used in the Examples .............................. 3 2.1. Content of Documents .................................. 4 2.2. Private Keys .......................................... 4 2.3. Certificates .......................................... 13 2.4. CRLs .................................................. 33 3. Trivial Examples ............................................ 39 3.1. ContentInfo with Data Type, BER ....................... 39 3.2. ContentInfo with Data Type, DER ....................... 39 4. Signed-data ................................................. 39 4.1. Basic Signed Content, DSS ............................. 39 4.2. Basic Signed Content, RSA ............................. 44 4.3. Basic Signed Content, Detached Content ................ 49 4.4. Fancier Signed Content ................................ 53 4.5. All RSA Signed Message ................................ 68 4.6. Multiple Signers ...................................... 75 4.7. Signing Using SKI ..................................... 83 4.8. S/MIME multipart/signed Message ....................... 87 4.9. S/MIME application/pkcs7-mime Signed Message .......... 88 4.10. SignedData with Attributes ............................ 89 4.11. SignedData with Certificates Only ..................... 101 5. Enveloped-data .............................................. 109 5.1. Basic Encrypted Content, TripleDES and RSA ............ 109 5.2. Basic Encrypted Content, RC2/128 and RSA .............. 110 5.3. S/MIME application/pkcs7-mime Encrypted Message ....... 112 6. Digested-data ............................................... 112 7. Encrypted-data .............................................. 113 7.1. Simple EncryptedData .................................. 113 7.2. EncryptedData with Unprotected Attributes ............. 114 8. Security Considerations ..................................... 115 9. References .................................................. 115 9.1. Normative References .................................. 115 9.2. Informative References ................................ 115 A. Binaries of the Examples .................................... 116 A.1. How the Binaries and Extractor Works .................. 116 A.2. Example Extraction Program ............................ 116 B. Examples in Order of Appearance ............................. 118 C. Acknowledgements ............................................ 135 Hoffman, Ed. Informational [Page 2] RFC 4134 Examples of S/MIME Messages July 2005 1. Introduction The examples in this document show the structure and format of CMS message bodies, as described in [CMS]. They are useful to implementors who use protocols that rely on CMS, such as the S/MIME message format protocol. There are also examples of simple S/MIME messages [SMIME-MSG] (including the MIME headers). Every example in this document has been checked by two different implementors. This strongly indicates (but does not assure) that the examples are correct. All CMS implementors must read the CMS document carefully before implementing from it. No one should use the examples in this document as stand-alone explanations of how to create CMS message bodies. This document explicitly does not attempt to cover many PKIX [PKIX] examples. Documents with examples of that format may be forthcoming. Also, note that [DVCS], which covers PKIX Data Validation and Certification Server Protocols, has examples of formats for its protocol. The examples shown here were created and validated by many different people over a long period of time. Because of this, some of the dates used in the examples are many years in the past. This, plus the fact that some of the certificates in the examples have very long lifespans, may cause problems in some test situations. 2. Constants Used in the Examples This section defines the data used in the rest of the document. The names of the constants indicate their use. For example, AlicePrivDSSSign is the private part of Alice's DSS signing key. - Alice is the creator of the message bodies in this document. - Bob is the recipient of the messages. - Carl is a CA. - Diane sometimes gets involved with these folks. - Erica also sometimes gets involved. Hoffman, Ed. Informational [Page 3] RFC 4134 Examples of S/MIME Messages July 2005 2.1. Content of Documents ExContent is the following sentence: This is some sample content. That is, it is the string of characters starting with "T" up to and including the ".". The hex for ExContent is 5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e The MD5 hash of ExContent is 9898 cac8 fab7 691f f89d c207 24e7 4a04 The SHA-1 hash of ExContent is 406a ec08 5279 ba6e 1602 2d9e 0629 c022 9687 dd48 2.2. Private Keys The following private keys are needed to create the samples. To find the public keys, see the certificates in the next section. AlicePrivDSSSign = 0 30 331: SEQUENCE { 4 02 1: INTEGER 0 7 30 299: SEQUENCE { 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) : (ANSI X9.57 algorithm) 20 30 286: SEQUENCE { 24 02 129: INTEGER : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B : B5 E4 09 96 5C F3 7E 5B DB 156 02 21: INTEGER : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F : B8 37 21 2B 62 8B F7 93 CD Hoffman, Ed. Informational [Page 4] RFC 4134 Examples of S/MIME Messages July 2005 179 02 128: INTEGER : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 : D1 81 4A 60 39 BA 36 39 : } : } 310 04 23: OCTET STRING, encapsulates { 312 02 21: INTEGER : 00 BB 44 46 D1 A5 C9 46 07 2E D0 FE : 7A D6 92 07 F0 9A 85 89 3F : } : } AlicePrivRSASign = 0 30 630: SEQUENCE { 4 02 1: INTEGER 0 7 30 13: SEQUENCE { 9 06 9: OBJECT IDENTIFIER : rsaEncryption (1 2 840 113549 1 1 1) : (PKCS #1) 20 05 0: NULL : } 22 04 608: OCTET STRING, encapsulates { 26 30 604: SEQUENCE { 30 02 1: INTEGER 0 33 02 129: INTEGER : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 : 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB : DC 7D C7 75 29 0D 05 2E 6D 12 DF A6 : 86 26 D4 D2 6F AA 58 29 FC 97 EC FA : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 : 2C BB D8 32 CF C6 68 6F 07 D9 B0 60 : AC BE EE 34 09 6A 13 F5 F7 05 05 93 : DF 5E BA 35 56 D9 61 FF 19 7F C9 81 : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 : 9F 2D FA 55 3A B9 99 77 02 A6 48 52 : 8C 4E F3 57 38 57 74 57 5F 165 02 3: INTEGER 65537 170 02 128: INTEGER : 00 A4 03 C3 27 47 76 34 34 6C A6 86 Hoffman, Ed. Informational [Page 5] RFC 4134 Examples of S/MIME Messages July 2005 : B5 79 49 01 4B 2E 8A D2 C8 62 B2 C7 : D7 48 09 6A 8B 91 F7 36 F2 75 D6 E8 : CD 15 90 60 27 31 47 35 64 4D 95 CD : 67 63 CE B4 9F 56 AC 2F 37 6E 1C EE : 0E BF 28 2D F4 39 90 6F 34 D8 6E 08 : 5B D5 65 6A D8 41 F3 13 D7 2D 39 5E : FE 33 CB FF 29 E4 03 0B 3D 05 A2 8F : B7 F1 8E A2 76 37 B0 79 57 D3 2F 2B : DE 87 06 22 7D 04 66 5E C9 1B AF 8B : 1A C3 EC 91 44 AB 7F 21 301 02 65: INTEGER : 00 F6 D6 E0 22 21 4C 5F 0A 70 FF 27 : FC E5 B3 50 6A 9D E5 0F B5 85 96 C6 : 40 FA A8 0A B4 9B 9B 0C 55 C2 01 1D : F9 37 82 8A 14 C8 F2 93 0E 92 CD A5 : 66 21 B9 3C D2 06 BF B4 55 31 C9 DC : AD CA 98 2D D1 368 02 65: INTEGER : 00 E8 DE B0 11 25 09 D2 02 51 01 DE : 8A E8 98 50 F5 77 77 61 A4 45 93 6B : 08 55 96 73 5D F4 C8 5B 12 93 22 73 : 8B 7F D3 70 7F F5 A4 AA BB 74 FD 3C : 22 6A DA 38 91 2A 86 5B 6C 14 E8 AE : 4C 9E FA 8E 2F 435 02 65: INTEGER : 00 97 4C F0 87 9B 17 7F EE 1B 83 1B : 14 B6 0B 6A 90 5F 86 27 51 E1 B7 A0 : 7F F5 E4 88 E3 59 B9 F9 1E 9B D3 29 : 77 38 22 48 D7 22 B1 25 98 BA 3D 59 : 53 B7 FA 1E 20 B2 C8 51 16 23 75 93 : 51 E7 AB CD F1 502 02 64: INTEGER : 2C F0 24 5B FA A0 CD 85 22 EA D0 6E : 4F FA 6C CD 21 D3 C8 E4 F1 84 44 48 : 64 73 D7 29 8F 7E 46 8C EC 15 DE E4 : 51 B3 94 E7 2C 99 2D 55 65 7B 24 EA : A3 62 1F 3E 6C 4D 67 41 11 3B E1 BE : E9 83 02 83 568 02 64: INTEGER : 58 88 D9 A1 50 38 84 6A AB 03 BC BB : DF 4B F4 9C 6F B8 B4 2A 25 FB F6 E4 : 05 2F 6E E2 88 89 21 6F 4B 25 9E D0 : AB 50 93 CA BF 40 71 EC 21 25 C5 7F : FB 02 E9 21 96 B8 33 CD E2 C6 95 EE : 6F 8D 5F 28 : } : } : } Hoffman, Ed. Informational [Page 6] RFC 4134 Examples of S/MIME Messages July 2005 BobPrivRSAEncrypt = 0 30 645: SEQUENCE { 4 02 1: INTEGER 0 7 30 13: SEQUENCE { 9 06 9: OBJECT IDENTIFIER : rsaEncryption (1 2 840 113549 1 1 1) : (PKCS #1) 20 05 0: NULL : } 22 04 608: OCTET STRING, encapsulates { 26 30 604: SEQUENCE { 30 02 1: INTEGER 0 33 02 129: INTEGER : 00 A9 E1 67 98 3F 39 D5 5F F2 A0 93 : 41 5E A6 79 89 85 C8 35 5D 9A 91 5B : FB 1D 01 DA 19 70 26 17 0F BD A5 22 : D0 35 85 6D 7A 98 66 14 41 5C CF B7 : B7 08 3B 09 C9 91 B8 19 69 37 6D F9 : 65 1E 7B D9 A9 33 24 A3 7F 3B BB AF : 46 01 86 36 34 32 CB 07 03 59 52 FC : 85 8B 31 04 B8 CC 18 08 14 48 E6 4F : 1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53 : D8 69 01 F1 05 F8 7A 70 D1 BE 83 C6 : 5F 38 CF 1C 2C AA 6A A7 EB 165 02 3: INTEGER 65537 170 02 128: INTEGER : 67 CD 48 4C 9A 0D 8F 98 C2 1B 65 FF : 22 83 9C 6D F0 A6 06 1D BC ED A7 03 : 88 94 F2 1C 6B 0F 8B 35 DE 0E 82 78 : 30 CB E7 BA 6A 56 AD 77 C6 EB 51 79 : 70 79 0A A0 F4 FE 45 E0 A9 B2 F4 19 : DA 87 98 D6 30 84 74 E4 FC 59 6C C1 : C6 77 DC A9 91 D0 7C 30 A0 A2 C5 08 : 5E 21 71 43 FC 0D 07 3D F0 FA 6D 14 : 9E 4E 63 F0 17 58 79 1C 4B 98 1C 3D : 3D B0 1B DF FA 25 3B A3 C0 2C 98 05 : F6 10 09 D8 87 DB 03 19 301 02 65: INTEGER : 00 D0 C3 22 C6 DE A2 99 18 76 8F 8D : BC A6 75 D6 66 3F D4 8D 45 52 8C 76 : F5 72 C4 EB F0 46 9A F1 3E 5C AA 55 : 0B 9B DA DD 6B 6D F8 FC 3B 3C 08 43 : 93 B5 5B FE CE EA FD 68 84 23 62 AF : F3 31 C2 B9 E5 368 02 65: INTEGER : 00 D0 51 FC 1E 22 B7 5B ED B5 8E 01 : C8 D7 AB F2 58 D4 F7 82 94 F3 53 A8 : 19 45 CB 66 CA 28 19 5F E2 10 2B F3 Hoffman, Ed. Informational [Page 7] RFC 4134 Examples of S/MIME Messages July 2005 : 8F EC 6A 30 74 F8 4D 11 F4 A7 C4 20 : B5 47 21 DC 49 01 F9 0A 20 29 F0 24 : 08 84 60 7D 8F 435 02 64: INTEGER : 34 BA 64 C9 48 28 57 74 D7 55 50 DE : 6A 48 EF 1B 2A 5A 1C 48 7B 1E 21 59 : C3 60 3B 9B 97 A9 C0 EF 18 66 A9 4E : 62 52 38 84 CE E5 09 88 48 94 69 C5 : 20 14 99 5A 57 FE 23 6C E4 A7 23 7B : D0 80 B7 85 501 02 65: INTEGER : 00 9E 2F B3 37 9A FB 0B 06 5D 57 E1 : 09 06 A4 5D D9 90 96 06 05 5F 24 06 : 40 72 9C 3A 88 85 9C 87 0F 9D 62 12 : 88 16 68 A8 35 1A 1B 43 E8 38 C0 98 : 69 AF 03 0A 48 32 04 4E E9 0F 8F 77 : 7D 34 30 25 07 568 02 64: INTEGER : 57 18 67 D6 0A D2 B5 AB C2 BA 7A E7 : 54 DA 9C 05 4F 81 D4 EF 01 89 1E 32 : 3D 69 CB 31 C4 52 C8 54 55 25 00 3B : 1C 2A 7C 26 50 D5 E9 A6 D7 77 CB CF : 15 F5 EE 0B D5 8D EE B3 AF 4C A1 7C : 63 46 41 F6 : } : } 634 A0 13: [0] { 636 30 11: SEQUENCE { 638 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) : (X.509 id-ce (2 5 29)) 643 31 4: SET { 645 03 2: BIT STRING 0 unused bits : '00001000'B (bit 3) : Error: Spurious zero bits in bitstring. : } : } : } : } CarlPrivDSSSign = 0 30 330: SEQUENCE { 4 02 1: INTEGER 0 7 30 299: SEQUENCE { 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) : (ANSI X9.57 algorithm) 20 30 286: SEQUENCE { 24 02 129: INTEGER : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C Hoffman, Ed. Informational [Page 8] RFC 4134 Examples of S/MIME Messages July 2005 : 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81 : FB C6 4C B3 0E 94 09 06 EB 01 D4 B1 : C8 71 4B C7 45 C0 50 25 5D 9C FC DA : E4 6D D3 E2 86 48 84 82 7D BA 15 95 : 4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A : 0A 8A BA 16 7B B9 50 01 48 93 8B EB : 25 15 51 97 55 DC 8F 53 0E 10 A9 50 : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 : B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9 : AD E1 08 D4 6D 29 2D D6 E9 156 02 21: INTEGER : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E : 02 A4 BF 8A 5D 98 B9 10 D5 179 02 128: INTEGER : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 : 4F 55 7F 9D ED BC 61 0D EB 46 59 3C : 56 0B 2B 5B 0C 91 CE A5 62 52 69 CA : E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 : 87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE : AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A : 73 AA 7F 46 51 1F A9 42 16 9C 48 EB : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 : B8 A3 58 06 25 F8 29 C0 EF BA E0 75 : F0 42 C4 63 65 52 9B 0A : } : } 310 04 22: OCTET STRING, encapsulates { 312 02 20: INTEGER : 19 B3 38 A5 21 62 31 50 E5 7F B9 3E : 08 46 78 D1 3E B5 E5 72 : } : } CarlPrivRSASign = 0 30 630: SEQUENCE { 4 02 1: INTEGER 0 7 30 13: SEQUENCE { 9 06 9: OBJECT IDENTIFIER : rsaEncryption (1 2 840 113549 1 1 1) : (PKCS #1) 20 05 0: NULL : } 22 04 608: OCTET STRING, encapsulates { 26 30 604: SEQUENCE { 30 02 1: INTEGER 0 33 02 129: INTEGER : 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E Hoffman, Ed. Informational [Page 9] RFC 4134 Examples of S/MIME Messages July 2005 : 73 7B 93 71 5C BC 33 1A 92 92 72 23 : D8 41 46 D0 CD 11 3A 04 B3 8E AF 82 : 9D BD 51 1E 17 7A F2 76 2C 2B 86 39 : A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC : A2 36 B1 ED E2 50 E2 32 09 8A 3F 9F : 99 25 8F B8 4E AB B9 7D D5 96 65 DA : 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7 : 29 CB 82 DD AC 44 E9 AA 93 94 29 0E : F8 18 D6 C8 57 5E F2 76 C4 F2 11 60 : 38 B9 1B 3C 1D 97 C9 6A F1 165 02 3: INTEGER 65537 170 02 129: INTEGER : 00 AE 73 E4 5B 5F 5B 66 5A C9 D7 C6 : EF 38 5F 53 21 2A 2F 62 FE DE 29 9A : 7A 86 67 36 E7 7D 62 78 75 3D 73 A0 : BC 29 0E F3 8F BD C3 C9 C9 B6 F8 BA : D6 13 9B C3 97 7A CA 6A F0 B8 85 65 : 4E 0F BD A7 A8 F7 54 06 41 BD EB DC : 20 77 90 DF 61 9B 9A 6F 74 DE EA 3B : D4 9C 87 60 ED 76 84 F1 6A 30 37 D5 : E0 90 16 F8 80 47 C3 19 6B ED 75 77 : BA 4A ED 39 B6 5D 02 47 3B 5F 1B C8 : 1C AB CB E8 F5 26 3F A4 81 302 02 65: INTEGER : 00 FF DF 09 A0 56 0B 42 52 9E C4 4D : 93 B3 B0 49 BB DE E7 81 7D 28 99 D0 : B1 48 BA 0B 39 E1 1C 7B 22 18 33 B6 : 40 F6 BF DC AE 1D D0 A1 AD 04 71 5A : 61 0A 6E 3B CE 30 DA 36 9F 65 25 29 : BB A7 0E 7F 0B 369 02 65: INTEGER : 00 E4 69 68 18 5F F9 57 D0 7C 66 89 : 0F BA 63 1D 72 CB 20 A4 81 76 64 89 : CD 7D D1 C2 27 A9 2E AC 7A 56 9A 85 : 07 D9 30 03 A3 03 AB 7F 88 92 50 24 : 01 AA 1B 07 1F 20 4C B7 C9 7B 56 F7 : B6 C2 7E AB 73 436 02 64: INTEGER : 57 36 6C 8F 8C 04 76 6C B6 D4 EE 24 : 44 00 F8 80 E2 AF 42 01 A9 0F 14 84 : F8 E7 00 E0 8F 8C 27 A4 2D 5F A2 E5 : 6D B5 63 C0 AD 44 E9 76 91 A7 19 49 : 2E 46 F8 77 85 4B 3B 87 04 F0 AF D2 : D8 54 26 95 502 02 64: INTEGER : 64 A1 0F AC 55 74 1B BD 0D 61 7B 17 : 03 CD B0 E6 A7 19 1D 80 AF F1 41 48 : D8 1A B6 88 14 A0 2C 7A C5 76 D4 0F Hoffman, Ed. Informational [Page 10] RFC 4134 Examples of S/MIME Messages July 2005 : 0E 1F 7A 2A B2 6E 37 04 AB 39 45 73 : BA 46 A8 0F 8D 82 5F 22 14 05 CF A2 : A3 F3 7C 83 568 02 64: INTEGER : 26 1E 1D 1C A1 98 2B E4 DB 38 E8 57 : 6E 6B 73 19 88 61 3A FA 74 4A 36 8B : 47 68 5D 50 EB 26 E3 EA 7D 9B 4E 65 : A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11 : AB A3 D6 A8 C0 27 36 1D 54 0B AA A7 : D1 6D 8D FA : } : } : } DianePrivDSSSign = 0 30 331: SEQUENCE { 4 02 1: INTEGER 0 7 30 299: SEQUENCE { 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) : (ANSI X9.57 algorithm) 20 30 286: SEQUENCE { 24 02 129: INTEGER : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C : 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81 : FB C6 4C B3 0E 94 09 06 EB 01 D4 B1 : C8 71 4B C7 45 C0 50 25 5D 9C FC DA : E4 6D D3 E2 86 48 84 82 7D BA 15 95 : 4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A : 0A 8A BA 16 7B B9 50 01 48 93 8B EB : 25 15 51 97 55 DC 8F 53 0E 10 A9 50 : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 : B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9 : AD E1 08 D4 6D 29 2D D6 E9 156 02 21: INTEGER : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E : 02 A4 BF 8A 5D 98 B9 10 D5 179 02 128: INTEGER : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 : 4F 55 7F 9D ED BC 61 0D EB 46 59 3C : 56 0B 2B 5B 0C 91 CE A5 62 52 69 CA : E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 : 87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE : AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A : 73 AA 7F 46 51 1F A9 42 16 9C 48 EB : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 : B8 A3 58 06 25 F8 29 C0 EF BA E0 75 : F0 42 C4 63 65 52 9B 0A Hoffman, Ed. Informational [Page 11] RFC 4134 Examples of S/MIME Messages July 2005 : } : } 310 04 23: OCTET STRING, encapsulates { 312 02 21: INTEGER : 00 96 95 F9 E0 C1 E0 41 2D 32 0F 8B : 42 52 93 2A E6 1E 0E 21 29 : } : } DianePrivRSASignEncrypt = 0 30 631: SEQUENCE { 4 02 1: INTEGER 0 7 30 13: SEQUENCE { 9 06 9: OBJECT IDENTIFIER : rsaEncryption (1 2 840 113549 1 1 1) : (PKCS #1) 20 05 0: NULL : } 22 04 609: OCTET STRING, encapsulates { 26 30 605: SEQUENCE { 30 02 1: INTEGER 0 33 02 129: INTEGER : 00 D6 FD B8 C0 70 C6 4C 25 EC EA CF : EA 7C BB A2 62 FA F0 E6 32 3A 53 FF : B1 92 5A 17 F4 20 E1 99 24 82 0A D0 : F6 7C FB 44 CA 8B 27 06 F1 7E 26 03 : A9 76 9D CF EC A0 2C 70 96 F2 83 42 : F6 D4 B7 28 0A BB F8 BF 4A 4C 19 3F : 07 DB A0 C1 60 1E B7 7E 67 F7 DE B1 : C3 60 49 AC 45 D7 F8 C6 EF 08 37 21 : 93 47 EE F0 73 35 72 B0 02 C4 F3 11 : C3 5E 47 E5 0A B7 83 F1 DB 74 69 64 : 8B 44 1D 95 5D CD 28 C0 85 165 02 3: INTEGER 65537 170 02 128: INTEGER : 3D BD CD C2 0E 61 14 5B 4B E7 BF 60 : 23 04 2B C5 6B 35 A5 96 45 23 FC 69 : 7D 93 3C 0F D3 25 96 BA 62 52 42 E2 : 96 CF FE 58 80 8F EB B1 8C BD D4 0D : 65 D0 3A 77 45 24 9E 0C EB 86 80 C3 : AC 21 11 71 44 E3 B2 A8 A9 2E AC 17 : D2 A3 84 25 63 B5 BC 2F 1E DD F6 21 : FF 15 20 24 5B F1 80 2F D5 41 0E 32 : 24 F7 D4 4A 32 9E B9 49 D8 19 8E 3F : 39 8D 62 BD 80 FC 0C 24 92 93 E4 C3 : D7 05 91 53 BB 96 B6 41 301 02 65: INTEGER : 00 F3 B8 3F 4A D1 94 B0 91 60 13 41 Hoffman, Ed. Informational [Page 12] RFC 4134 Examples of S/MIME Messages July 2005 : 92 0D 8D 44 3F 77 1D FF 96 23 44 08 : D4 0B 70 C9 1A AF E9 90 94 F2 B0 D5 : 5F 4F 19 85 50 A1 90 91 AE BD 05 76 : 52 B3 22 D8 A8 7C 8E 54 7F 00 72 4F : 36 75 68 73 B5 368 02 65: INTEGER : 00 E1 D2 E7 11 57 06 AE 72 95 22 16 : AA 02 B4 5A ED 4E 9D 82 11 4F 96 3C : 86 C9 10 8D 56 7B 31 75 79 69 E7 75 : 68 38 00 4B 2E D2 26 32 DD B1 E2 E0 : 2C 54 80 0A 75 BA D1 66 96 1B B0 0E : A0 7E D2 BB 91 435 02 65: INTEGER : 00 AF B6 BC DB 22 73 43 41 EC B4 B5 : 67 A9 A1 99 FC EF D2 8E FD 1D FB E5 : 29 8B FE 0A DF D4 C8 5E 57 25 0A 5D : 2B D4 09 A0 56 5B C5 B1 62 FC 20 BE : 08 2D E3 07 B5 A1 E7 B3 FF C4 C0 A5 : 5F AC 12 5C A9 502 02 65: INTEGER : 00 B9 98 41 FC 08 50 1F 73 60 8A 01 : A2 7C 52 8A 20 5A EA 2C 89 D9 A5 19 : DD 94 C6 1B C3 25 C0 82 51 E4 EE 2B : 9A 19 DC 73 ED E9 1D 27 D4 F8 6C 03 : DD AB 1D 08 7B B5 AC 7F E9 82 9B F1 : 89 8A 71 DB 61 569 02 64: INTEGER : 01 07 21 97 5F 7A 60 A8 FD 5A 5C 07 : DF A8 DE F7 E2 B1 34 7D FC EB 91 BD : B0 73 74 C8 C4 BE 3F 58 45 30 06 90 : B3 AC 69 CC B3 F7 3F 7C AC C7 B8 1B : 65 A1 16 39 39 B0 E3 74 7D CF CD C5 : AC 6C BF E5 : } : } : } 2.3. Certificates AliceDSSSignByCarlNoInherit = 0 30 732: SEQUENCE { 4 30 667: SEQUENCE { 8 A0 3: [0] { 10 02 1: INTEGER 2 : } 13 02 2: INTEGER 200 17 30 9: SEQUENCE { 19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) Hoffman, Ed. Informational [Page 13] RFC 4134 Examples of S/MIME Messages July 2005 : (ANSI X9.57 algorithm) : } 28 30 18: SEQUENCE { 30 31 16: SET { 32 30 14: SEQUENCE { 34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) : (X.520 id-at (2 5 4)) 39 13 7: PrintableString 'CarlDSS' : } : } : } 48 30 30: SEQUENCE { 50 17 13: UTCTime '990817011049Z' 65 17 13: UTCTime '391231235959Z' : } 80 30 19: SEQUENCE { 82 31 17: SET { 84 30 15: SEQUENCE { 86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) : (X.520 id-at (2 5 4)) 91 13 8: PrintableString 'AliceDSS' : } : } : } 101 30 438: SEQUENCE { 105 30 299: SEQUENCE { 109 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) : (ANSI X9.57 algorithm) 118 30 286: SEQUENCE { 122 02 129: INTEGER : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B : B5 E4 09 96 5C F3 7E 5B DB 254 02 21: INTEGER : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F : B8 37 21 2B 62 8B F7 93 CD 277 02 128: INTEGER : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD OMNI interfaces configured over underlying interfaces that connect to the open Internet can apply security services such as VPNs to connect to an MSE or establish a direct link to an MSE through some other means (see Section 4). In environments where an explicit VPN or direct link may be impractical, OMNI interfaces can instead use UDP/ IP encapsulation and HMAC-based message authentication per [RFC6081][RFC4380]. After establishing a VPN or preparing for UDP/IP encapsulation, OMNI interfaces send control plane messages to interface with the MS, including Neighbor Solicitation (NS) and Neighbor Advertisement (NA) messages used for address resolution / route optimization (see: [I-D.templin-intarea-6706bis]). The control plane messages must be authenticated while data plane messages are delivered the same as for ordinary best-effort Internet traffic with basic source address-based data origin verification. Data plane communications via OMNI interfaces that connect over the open Internet without an explicit VPN should therefore employ transport- or higher-layer security to ensure integrity and/or confidentiality. OMNI interfaces in the open Internet are often located behind Network Address Translators (NATs). The OMNI interface accommodates NAT traversal using UDP/IP encapsulation and the mechanisms discussed in [RFC6081][RFC4380][I-D.templin-intarea-6706bis]. 18. Time-Varying MNPs In some use cases, it is desirable, beneficial and efficient for the MN to receive a constant MNP that travels with the MN wherever it moves. For example, this would allow air traffic controllers to easily track aircraft, etc. In other cases, however (e.g., intelligent transportation systems), the MN may be willing to sacrifice a modicum of efficiency in order to have time-varying MNPs that can be changed every so often to defeat adversarial tracking. The prefix delegation services discussed in Section 12.3 allows OMNI MNs that desire time-varying MNPs to obtain short-lived prefixes to use a Temporary OMNI LLA as the source address of an RS message with an OMNI option with DHCPv6 Option sub-options. The MN would then be obligated to renumber its internal networks whenever its MNP (and therefore also its OMNI address) changes. This should not present a challenge for MNs with automated network renumbering services, however presents limits for the durations of ongoing sessions that would prefer to use a constant address. Templin & Whyman Expires June 13, 2021 [Page 45] Internet-Draft IPv6 over OMNI Interfaces December 2020 19. IANA Considerations The IANA is instructed to allocate an official Type number TBD from the registry "IPv6 Neighbor Discovery Option Formats" for the OMNI option. Implementations set Type to 253 as an interim value [RFC4727]. The IANA is instructed to assign a new Code value "1" in the "ICMPv6 Code Fields: Type 2 - Packet Too Big" registry. The registry should read as follows: Code Name Reference --- ---- --------- 0 Diagnostic Packet Too Big [RFC4443] 1 Advisory Packet Too Big [RFCXXXX] Figure 17: OMNI Option Sub-Type Values The IANA is instructed to allocate one Ethernet unicast address TBD2 (suggest 00-00-5E-00-52-14 [RFC5214]) in the registry "IANA Ethernet Address Block - Unicast Use". The OMNI option also defines an 8-bit Sub-Type field, for which IANA is instructed to create and maintain a new registry entitled "OMNI option Sub-Type values". Initial values for the OMNI option Sub-Type values registry are given below; future assignments are to be made through Expert Review [RFC8126]. Value Sub-Type name Reference ----- ------------- ---------- 0 Pad1 [RFCXXXX] 1 PadN [RFCXXXX] 2 Interface Attributes [RFCXXXX] 3 Traffic Selector [RFCXXXX] 4 MS-Register [RFCXXXX] 5 MS-Release [RFCXXXX] 6 Network Access Identifier [RFCXXXX] 7 Geo Coordinates [RFCXXXX] 8 DHCP Unique Identifier (DUID) [RFCXXXX] 9 DHCPv6 Message [RFCXXXX] 10-252 Unassigned 253-254 Experimental [RFCXXXX] 255 Reserved [RFCXXXX] Figure 18: OMNI Option Sub-Type Values Templin & Whyman Expires June 13, 2021 [Page 46] Internet-Draft IPv6 over OMNI Interfaces December 2020 20. Security Considerations Security considerations for IPv4 [RFC0791], IPv6 [RFC8200] and IPv6 Neighbor Discovery [RFC4861] apply. OMNI interface IPv6 ND messages SHOULD include Nonce and Timestamp options [RFC3971] when transaction confirmation and/or time synchronization is needed. OMNI interfaces configured over secured ANET interfaces inherit the physical and/or link-layer security properties of the connected ANETs. OMNI interfaces configured over open INET interfaces can use symmetric securing services such as VPNs or can by some other means establish a direct link. When a VPN or direct link may be impractical, however, an asymmetric security service such as the authentication option specified in [RFC4380] or other protocol control message security mechanisms may be necessary. While the OMNI link protects control plane messaging, applications must still employ end-to-end transport- or higher-layer security services to protect the data plane. The Mobility Service MUST provide strong network layer security for control plane messages and forwarding path integrity for data plane messages. In one example, the AERO service [I-D.templin-intarea-6706bis] constructs a spanning tree between mobility service elements and secures the links in the spanning tree with network layer security mechanisms such as IPsec [RFC4301] or Wireguard. Control plane messages are then constrained to travel only over the secured spanning tree paths and are therefore protected from attack or eavesdropping. Since data plane messages can travel over route optimized paths that do not strictly follow the spanning tree, however, end-to-end transport- or higher-layer security services are still required. Security considerations for specific access network interface types are covered under the corresponding IP-over-(foo) specification (e.g., [RFC2464], [RFC2492], etc.). Security considerations for IPv6 fragmentation and reassembly are discussed in Section 5.1. 21. Implementation Status Draft -29 is implemented in the recently tagged AERO/OMNI 3.0.0 internal release, and Draft -30 is now tagged as the AERO/OMNI 3.0.1. Newer specification versions will be tagged in upcoming releases. First public release expected before the end of 2020. Templin & Whyman Expires June 13, 2021 [Page 47] Internet-Draft IPv6 over OMNI Interfaces December 2020 22. Acknowledgements The first version of this document was prepared per the consensus decision at the 7th Conference of the International Civil Aviation Organization (ICAO) Working Group-I Mobility Subgroup on March 22, 2019. Consensus to take the document forward to the IETF was reached at the 9th Conference of the Mobility Subgroup on November 22, 2019. Attendees and contributors included: Guray Acar, Danny Bharj, Francois D'Humieres, Pavel Drasil, Nikos Fistas, Giovanni Garofolo, Bernhard Haindl, Vaughn Maiolla, Tom McParland, Victor Moreno, Madhu Niraula, Brent Phillips, Liviu Popescu, Jacky Pouzet, Aloke Roy, Greg Saccone, Robert Segers, Michal Skorepa, Michel Solery, Stephane Tamalet, Fred Templin, Jean-Marc Vacher, Bela Varkonyi, Tony Whyman, Fryderyk Wrobel and Dongsong Zeng. The following individuals are acknowledged for their useful comments: Michael Matyas, Madhu Niraula, Michael Richardson, Greg Saccone, Stephane Tamalet, Eric Vyncke. Pavel Drasil, Zdenek Jaron and Michal Skorepa are recognized for their many helpful ideas and suggestions. Madhuri Madhava Badgandi, Katherine Tran, and Vijayasarathy Rajagopalan are acknowledged for their hard work on the implementation and insights that led to improvements to the spec. Discussions on the IETF 6man and atn mailing lists during the fall of 2020 suggested additional points to consider. The authors gratefully acknowledge the list members who contributed valuable insights through those discussions. Eric Vyncke and Erik Kline were the intarea ADs, while Bob Hinden and Ole Troan were the 6man WG chairs at the time the document was developed; they are all gratefully acknowledged for their many helpful insights. This work is aligned with the NASA Safe Autonomous Systems Operation (SASO) program under NASA contract number NNA16BD84C. This work is aligned with the FAA as per the SE2025 contract number DTFAWA-15-D-00030. 23. References 23.1. Normative References [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, DOI 10.17487/RFC0791, September 1981, <https://www.rfc-editor.org/info/rfc791>. Templin & Whyman Expires June 13, 2021 [Page 48] Internet-Draft IPv6 over OMNI Interfaces December 2020 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>. [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers", RFC 2474, DOI 10.17487/RFC2474, December 1998, <https://www.rfc-editor.org/info/rfc2474>. [RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander, "SEcure Neighbor Discovery (SEND)", RFC 3971, DOI 10.17487/RFC3971, March 2005, <https://www.rfc-editor.org/info/rfc3971>. [RFC4191] Draves, R. and D. Thaler, "Default Router Preferences and More-Specific Routes", RFC 4191, DOI 10.17487/RFC4191, November 2005, <https://www.rfc-editor.org/info/rfc4191>. [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005, <https://www.rfc-editor.org/info/rfc4193>. [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, DOI 10.17487/RFC4291, February 2006, <https://www.rfc-editor.org/info/rfc4291>. [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification", STD 89, RFC 4443, DOI 10.17487/RFC4443, March 2006, <https://www.rfc-editor.org/info/rfc4443>. [RFC4727] Fenner, B., "Experimental Values In IPv4, IPv6, ICMPv4, ICMPv6, UDP, and TCP Headers", RFC 4727, DOI 10.17487/RFC4727, November 2006, <https://www.rfc-editor.org/info/rfc4727&Hoffman, Ed. Informational [Page 14] RFC 4134 Examples of S/MIME Messages July 2005 : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 : D1 81 4A 60 39 BA 36 39 : } : } 408 03 132: BIT STRING 0 unused bits, encapsulates { 412 02 128: INTEGER : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 : 3F A9 EC AC 5E DC BD B7 13 11 34 A6 : 16 89 28 11 23 D9 34 86 67 75 75 13 : 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 : A5 A0 4A E3 85 D6 CE 06 80 3F E8 23 : 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF : 08 BF 66 14 80 5C 62 AC 65 FA 15 8B : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 : 32 84 F0 7E 41 40 FD 46 A7 63 4E 33 : F2 A5 E2 F4 F2 83 E5 B8 : } : } 543 A3 129: [3] { 546 30 127: SEQUENCE { 548 30 12: SEQUENCE { 550 06 3: OBJECT IDENTIFIER : basicConstraints (2 5 29 19) : (X.509 id-ce (2 5 29)) 555 01 1: BOOLEAN TRUE 558 04 2: OCTET STRING, encapsulates { 560 30 0: SEQUENCE {} : } : } 562 30 14: SEQUENCE { 564 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) : (X.509 id-ce (2 5 29)) 569 01 1: BOOLEAN TRUE 572 04 4: OCTET STRING, encapsulates { 574 03 2: BIT STRING 6 unused bits : '11'B : } : } 578 30 31: SEQUENCE { 580 06 3: OBJECT IDENTIFIER : authorityKeyIdentifier (2 5 29 35) Hoffman, Ed. Informational [Page 15] RFC 4134 Examples of S/MIME Messages July 2005 : (X.509 id-ce (2 5 29)) 585 04 24: OCTET STRING, encapsulates { 587 30 22: SEQUENCE { 589 80 20: [0] : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 : 3D 20 BC 43 2B 93 F1 1F : } : } : } 611 30 29: SEQUENCE { 613 06 3: OBJECT IDENTIFIER : subjectKeyIdentifier (2 5 29 14) : (X.509 id-ce (2 5 29)) 618 04 22: OCTET STRING, encapsulates { 620 04 20: OCTET STRING : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE : 13 01 E2 FD E3 97 FE CD : } : } 642 30 31: SEQUENCE { 644 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) : (X.509 id-ce (2 5 29)) 649 04 24: OCTET STRING, encapsulates { 651 30 22: SEQUENCE { 653 81 20: [1] 'AliceDSS@example.com' : } : } : } : } : } : } 675 30 9: SEQUENCE { 677 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) : (ANSI X9.57 algorithm) : } 686 03 48: BIT STRING 0 unused bits, encapsulates { 689 30 45: SEQUENCE { 691 02 20: INTEGER : 55 0C A4 19 1F 42 2B 89 71 22 33 8D : 83 6A B5 3D 67 6B BF 45 713 02 21: INTEGER : 00 9F 61 53 52 54 0B 5C B2 DD DA E7 : 76 1D E2 10 52 5B 43 5E BD : } : } : } AliceRSASignByCarl = Hoffman, Ed. Informational [Page 16] RFC 4134 Examples of S/MIME Messages July 2005 0 30 556: SEQUENCE { 4 30 405: SEQUENCE { 8 A0 3: [0] { 10 02 1: INTEGER 2 : } 13 02 16: INTEGER : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E : C4 10 B3 B0 31 30 13: SEQUENCE { 33 06 9: OBJECT IDENTIFIER : sha1withRSAEncryption (1 2 840 113549 1 1 5) : (PKCS #1) 44 05 0: NULL : } 46 30 18: SEQUENCE { 48 31 16: SET { 50 30 14: SEQUENCE { 52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) : (X.520 id-at (2 5 4)) 57 13 7: PrintableString 'CarlRSA' : } : } : } 66 30 30: SEQUENCE { 68 17 13: UTCTime '990919010847Z' 83 17 13: UTCTime '391231235959Z' : } 98 30 19: SEQUENCE { 100 31 17: SET { 102 30 15: SEQUENCE { 104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) : (X.520 id-at (2 5 4)) 109 13 8: PrintableString 'AliceRSA' : } : } : } 119 30 159: SEQUENCE { 122 30 13: SEQUENCE { 124 06 9: OBJECT IDENTIFIER : rsaEncryption (1 2 840 113549 1 1 1) : (PKCS #1) 135 05 0: NULL : } 137 03 141: BIT STRING 0 unused bits, encapsulates { 141 30 137: SEQUENCE { 144 02 129: INTEGER : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 : 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB Hoffman, Ed. Informational [Page 17] RFC 4134 Examples of S/MIME Messages July 2005 : DC 7D C7 75 29 0D 05 2E 6D 12 DF A6 : 86 26 D4 D2 6F AA 58 29 FC 97 EC FA : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 : 2C BB D8 32 CF C6 68 6F 07 D9 B0 60 : AC BE EE 34 09 6A 13 F5 F7 05 05 93 : DF 5E BA 35 56 D9 61 FF 19 7F C9 81 : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 : 9F 2D FA 55 3A B9 99 77 02 A6 48 52 : 8C 4E F3 57 38 57 74 57 5F 276 02 3: INTEGER 65537 : } : } : } 281 A3 129: [3] { 284 30 127: SEQUENCE { 286 30 12: SEQUENCE { 288 06 3: OBJECT IDENTIFIER : basicConstraints (2 5 29 19) : (X.509 id-ce (2 5 29)) 293 01 1: BOOLEAN TRUE 296 04 2: OCTET STRING, encapsulates { 298 30 0: SEQUENCE {} : } : } 300 30 14: SEQUENCE { 302 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) : (X.509 id-ce (2 5 29)) 307 01 1: BOOLEAN TRUE 310 04 4: OCTET STRING, encapsulates { 312 03 2: BIT STRING 6 unused bits : '11'B : } : } 316 30 31: SEQUENCE { 318 06 3: OBJECT IDENTIFIER : authorityKeyIdentifier (2 5 29 35) : (X.509 id-ce (2 5 29)) 323 04 24: OCTET STRING, encapsulates { 325 30 22: SEQUENCE { 327 80 20: [0] : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 : 42 37 4E 22 AE 9E 38 BB : } : } : } 349 30 29: SEQUENCE { 351 06 3: OBJECT IDENTIFIER : subjectKeyIdentifier (2 5 29 14) Hoffman, Ed. Informational [Page 18] RFC 4134 Examples of S/MIME Messages July 2005 : (X.509 id-ce (2 5 29)) 356 04 22: OCTET STRING, encapsulates { 358 04 20: OCTET STRING : 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D : CE EC 3C A0 3A E3 FF 50 : } : } 380 30 31: SEQUENCE { 382 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) : (X.509 id-ce (2 5 29)) 387 04 24: OCTET STRING, encapsulates { 389 30 22: SEQUENCE { 391 81 20: [1] 'AliceRSA@example.com' : } : } : } : } : } : } 413 30 13: SEQUENCE { 415 06 9: OBJECT IDENTIFIER : sha1withRSAEncryption (1 2 840 113549 1 1 5) : (PKCS #1) 426 05 0: NULL : } 428 03 129: BIT STRING 0 unused bits : 3E 70 47 A8 48 CC 13 58 8F CA 51 71 : 6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC : CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C : 59 A9 20 AA 05 81 A8 4E 25 AD A7 70 : 14 75 2F F5 C7 9B D1 0E E9 63 D2 64 : B7 C6 66 6E 73 21 54 DF F4 BA 25 5D : 7D 49 D3 94 6B 22 36 74 73 B8 4A EC : 2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A : B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA : F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A : 76 AE EB 9B DB 49 B0 22 : } BobRSASignByCarl = 0 30 551: SEQUENCE { 4 30 400: SEQUENCE { 8 A0 3: [0] { 10 02 1: INTEGER 2 : } 13 02 16: INTEGER : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E : CD 5D 71 D0 Hoffman, Ed. Informational [Page 19] RFC 4134 Examples of S/MIME Messages July 2005 31 30 13: SEQUENCE { 33 06 9: OBJECT IDENTIFIER : sha1withRSAEncryption (1 2 840 113549 1 1 5) : (PKCS #1) 44 05 0: NULL : } 46 30 18: SEQUENCE { 48 31 16: SET { 50 30 14: SEQUENCE { 52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) : (X.520 id-at (2 5 4)) 57 13 7: PrintableString 'CarlRSA' : } : } : } 66 30 30: SEQUENCE { 68 17 13: UTCTime '990919010902Z' 83 17 13: UTCTime '391231235959Z' : } 98 30 17: SEQUENCE { 100 31 15: SET { 102 30 13: SEQUENCE { 104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) : (X.520 id-at (2 5 4)) 109 13 6: PrintableString 'BobRSA' : } : } : } 117 30 159: SEQUENCE { 120 30 13: SEQUENCE { 122 06 9: OBJECT IDENTIFIER : rsaEncryption (1 2 840 113549 1 1 1) : (PKCS #1) 133 05 0: NULL : } 135 03 141: BIT STRING 0 unused bits, encapsulates { 139 30 137: SEQUENCE { 142 02 129: INTEGER : 00 A9 E1 67 98 3F 39 D5 5F F2 A0 93 : 41 5E A6 79 89 85 C8 35 5D 9A 91 5B : FB 1D 01 DA 19 70 26 17 0F BD A5 22 : D0 35 85 6D 7A 98 66 14 41 5C CF B7 : B7 08 3B 09 C9 91 B8 19 69 37 6D F9 : 65 1E 7B D9 A9 33 24 A3 7F 3B BB AF : 46 01 86 36 34 32 CB 07 03 59 52 FC : 85 8B 31 04 B8 CC 18 08 14 48 E6 4F : 1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53 : D8 69 01 F1 05 F8 7A 70 D1 BE 83 C6 Hoffman, Ed. Informational [Page 20] RFC 4134 Examples of S/MIME Messages July 2005 : 5F 38 CF 1C 2C AA 6A A7 EB 274 02 3: INTEGER 65537 : } : } : } 279 A3 127: [3] { 281 30 125: SEQUENCE { 283 30 12: SEQUENCE { 285 06 3: OBJECT IDENTIFIER : basicConstraints (2 5 29 19) : (X.509 id-ce (2 5 29)) 290 01 1: BOOLEAN TRUE 293 04 2: OCTET STRING, encapsulates { 295 30 0: SEQUENCE {} : } : } 297 30 14: SEQUENCE { 299 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) : (X.509 id-ce (2 5 29)) 304 01 1: BOOLEAN TRUE 307 04 4: OCTET STRING, encapsulates { 309 03 2: BIT STRING 5 unused bits : '100'B (bit 2) : } : } 313 30 31: SEQUENCE { 315 06 3: OBJECT IDENTIFIER : authorityKeyIdentifier (2 5 29 35) : (X.509 id-ce (2 5 29)) 320 04 24: OCTET STRING, encapsulates { 322 30 22: SEQUENCE { 324 80 20: [0] : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 : 42 37 4E 22 AE 9E 38 BB : } : } : } 346 30 29: SEQUENCE { 348 06 3: OBJECT IDENTIFIER : subjectKeyIdentifier (2 5 29 14) : (X.509 id-ce (2 5 29)) 353 04 22: OCTET STRING, encapsulates { 355 04 20: OCTET STRING : E8 F4 B8 67 D8 B3 96 A4 2A F3 11 AA : 29 D3 95 5A 86 16 B4 24 : } : } 377 30 29: SEQUENCE { Hoffman, Ed. Informational [Page 21] RFC 4134 Examples of S/MIME Messages July 2005 379 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) : (X.509 id-ce (2 5 29)) 384 04 22: OCTET STRING, encapsulates { 386 30 20: SEQUENCE { 388 81 18: [1] 'BobRSA@example.com>. [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, DOI 10.17487/RFC4861, September 2007, <https://www.rfc-editor.org/info/rfc4861>. [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless Address Autoconfiguration", RFC 4862, DOI 10.17487/RFC4862, September 2007, <https://www.rfc-editor.org/info/rfc4862>. Templin & Whyman Expires June 13, 2021 [Page 49] Internet-Draft IPv6 over OMNI Interfaces December 2020 [RFC6088] Tsirtsis, G., Giarreta, G., Soliman, H., and N. Montavont, "Traffic Selectors for Flow Bindings", RFC 6088, DOI 10.17487/RFC6088, January 2011, <https://www.rfc-editor.org/info/rfc6088>. [RFC8028] Baker, F. and B. Carpenter, "First-Hop Router Selection by Hosts in a Multi-Prefix Network", RFC 8028, DOI 10.17487/RFC8028, November 2016, <https://www.rfc-editor.org/info/rfc8028>. [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <https://www.rfc-editor.org/info/rfc8174>. [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", STD 86, RFC 8200, DOI 10.17487/RFC8200, July 2017, <https://www.rfc-editor.org/info/rfc8200>. [RFC8201] McCann, J., Deering, S., Mogul, J., and R. Hinden, Ed., "Path MTU Discovery for IP version 6", STD 87, RFC 8201, DOI 10.17487/RFC8201, July 2017, <https://www.rfc-editor.org/info/rfc8201>. [RFC8415] Mrugalski, T., Siodelski, M., Volz, B., Yourtchenko, A., Richardson, M., Jiang, S., Lemon, T., and T. Winters, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 8415, DOI 10.17487/RFC8415, November 2018, <https://www.rfc-editor.org/info/rfc8415>. 23.2. Informative References [ATN] Maiolla, V., "The OMNI Interface - An IPv6 Air/Ground Interface for Civil Aviation, IETF Liaison Statement #1676, https://datatracker.ietf.org/liaison/1676/", March 2020. [CRC] Jain, R., "Error Characteristics of Fiber Distributed Data Interface (FDDI), IEEE Transactions on Communications", August 1990. [I-D.ietf-6man-rfc4941bis] Gont, F., Krishnan, S., Narten, T., and R. Draves, "Temporary Address Extensions for Stateless Address Autoconfiguration in IPv6", draft-ietf-6man-rfc4941bis-12 (work in progress), November 2020. Templin & Whyman Expires June 13, 2021 [Page 50] Internet-Draft IPv6 over OMNI Interfaces December 2020 [I-D.ietf-intarea-tunnels] Touch, J. and M. Townsley, "IP Tunnels in the Internet Architecture", draft-ietf-intarea-tunnels-10 (work in progress), September 2019. [I-D.ietf-ipwave-vehicular-networking] Jeong, J., "IPv6 Wireless Access in Vehicular Environments (IPWAVE): Problem Statement and Use Cases", draft-ietf- ipwave-vehicular-networking-19 (work in progress), July 2020. [I-D.templin-6man-dhcpv6-ndopt] Templin, F., "A Unified Stateful/Stateless Configuration Service for IPv6", draft-templin-6man-dhcpv6-ndopt-10 (work in progress), June 2020. [I-D.templin-6man-lla-type] Templin, F., "The IPv6 Link-Local Address Type Field", draft-templin-6man-lla-type-02 (work in progress), November 2020. [I-D.templin-intarea-6706bis] Templin, F., "Asymmetric Extended Route Optimization (AERO)", draft-templin-intarea-6706bis-74 (work in progress), December 2020. [RFC1122] Braden, R., Ed., "Requirements for Internet Hosts - Communication Layers", STD 3, RFC 1122, DOI 10.17487/RFC1122, October 1989, <https://www.rfc-editor.org/info/rfc1122>. [RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191, DOI 10.17487/RFC1191, November 1990, <https://www.rfc-editor.org/info/rfc1191>. [RFC1256] Deering, S., Ed., "ICMP Router Discovery Messages", RFC 1256, DOI 10.17487/RFC1256, September 1991, <https://www.rfc-editor.org/info/rfc1256>. [RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, DOI 10.17487/RFC2131, March 1997, <https://www.rfc-editor.org/info/rfc2131>. [RFC2225] Laubach, M. and J. Halpern, "Classical IP and ARP over ATM", RFC 2225, DOI 10.17487/RFC2225, April 1998, <https://www.rfc-editor.org/info/rfc2225>. Templin & Whyman Expires June 13, 2021 [Page 51] Internet-Draft IPv6 over OMNI Interfaces December 2020 [RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet Networks", RFC 2464, DOI 10.17487/RFC2464, December 1998, <https://www.rfc-editor.org/info/rfc2464>. [RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in IPv6 Specification", RFC 2473, DOI 10.17487/RFC2473, December 1998, <https://www.rfc-editor.org/info/rfc2473>. [RFC2492] Armitage, G., Schulter, P., and M. Jork, "IPv6 over ATM Networks", RFC 2492, DOI 10.17487/RFC2492, January 1999, <https://www.rfc-editor.org/info/rfc2492>. [RFC2529] Carpenter, B. and C. Jung, "Transmission of IPv6 over IPv4 Domains without Explicit Tunnels", RFC 2529, DOI 10.17487/RFC2529, March 1999, <https://www.rfc-editor.org/info/rfc2529>. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000, <https://www.rfc-editor.org/info/rfc2863>. [RFC3692] Narten, T., "Assigning Experimental and Testing Numbers Considered Useful", BCP 82, RFC 3692, DOI 10.17487/RFC3692, January 2004, <https://www.rfc-editor.org/info/rfc3692>. [RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener Discovery Version 2 (MLDv2) for IPv6", RFC 3810, DOI 10.17487/RFC3810, June 2004, <https://www.rfc-editor.org/info/rfc3810>. [RFC3819] Karn, P., Ed., Bormann, C., Fairhurst, G., Grossman, D., Ludwig, R., Mahdavi, J., Montenegro, G., Touch, J., and L. Wood, "Advice for Internet Subnetwork Designers", BCP 89, RFC 3819, DOI 10.17487/RFC3819, July 2004, <https://www.rfc-editor.org/info/rfc3819>. [RFC3879] Huitema, C. and B. Carpenter, "Deprecating Site Local Addresses", RFC 3879, DOI 10.17487/RFC3879, September 2004, <https://www.rfc-editor.org/info/rfc3879>. [RFC4301] Kent, S. and K. Seo, "Security Architecture for the Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, December 2005, <https://www.rfc-editor.org/info/rfc4301>. Templin & Whyman Expires June 13, 2021 [Page 52] Internet-Draft IPv6 over OMNI Interfaces December 2020 [RFC4380] Huitema, C., "Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs)", RFC 4380, DOI 10.17487/RFC4380, February 2006, <https://www.rfc-editor.org/info/rfc4380>. [RFC4389] Thaler, D., Talwar, M., and C. Patel, "Neighbor Discovery Proxies (ND Proxy)", RFC 4389, DOI 10.17487/RFC4389, April 2006, <https://www.rfc-editor.org/info/rfc4389>. [RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD) for IPv6", RFC 4429, DOI 10.17487/RFC4429, April 2006, <https://www.rfc-editor.org/info/rfc4429>. [RFC4541] Christensen, M., Kimball, K., and F. Solensky, "Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches", RFC 4541, DOI 10.17487/RFC4541, May 2006, <https://www.rfc-editor.org/info/rfc4541>. [RFC4605] Fenner, B., He, H., Haberman, B., and H. Sandick, "Internet Group Management Protocol (IGMP) / Multicast Listener Discovery (MLD)-Based Multicast Forwarding ("IGMP/MLD Proxying")", RFC 4605, DOI 10.17487/RFC4605, August 2006, <https://www.rfc-editor.org/info/rfc4605>. [RFC4821] Mathis, M. and J. Heffner, "Packetization Layer Path MTU Discovery", RFC 4821, DOI 10.17487/RFC4821, March 2007, <https://www.rfc-editor.org/info/rfc4821>. [RFC4963] Heffner, J., Mathis, M., and B. Chandler, "IPv4 Reassembly Errors at High Data Rates", RFC 4963, DOI 10.17487/RFC4963, July 2007, <https://www.rfc-editor.org/info/rfc4963>. [RFC5175] Haberman, B., Ed. and R. Hinden, "IPv6 Router Advertisement Flags Option", RFC 5175, DOI 10.17487/RFC5175, March 2008, <https://www.rfc-editor.org/info/rfc5175>. [RFC5213] Gundavelli, S., Ed., Leung, K., Devarapalli, V., Chowdhury, K., and B. Patil, "Proxy Mobile IPv6", RFC 5213, DOI 10.17487/RFC5213, August 2008, <https://www.rfc-editor.org/info/rfc5213>. [RFC5214] Templin, F., Gleeson, T., and D. Thaler, "Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)", RFC 5214, DOI 10.17487/RFC5214, March 2008, <https://www.rfc-editor.org/info/rfc5214>. Templin & Whyman Expires June 13, 2021 [Page 53] Internet-Draft IPv6 over OMNI Interfaces December 2020 [RFC5558] Templin, F., Ed., "Virtual Enterprise Traversal (VET)", RFC 5558, DOI 10.17487/RFC5558, February 2010, <https://www.rfc-editor.org/info/rfc5558>. [RFC5798] Nadas, S., Ed., "Virtual Router Redundancy Protocol (VRRP) Version 3 for IPv4 and IPv6", RFC 5798, DOI 10.17487/RFC5798, March 2010, <https://www.rfc-editor.org/info/rfc5798>. [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, <https://www.rfc-editor.org/info/rfc5880>. [RFC6081] Thaler, D., "Teredo Extensions", RFC 6081, DOI 10.17487/RFC6081, January 2011, <https://www.rfc-editor.org/info/rfc6081>. [RFC6221] Miles, D., Ed., Ooghe, S., Dec, W., Krishnan, S., and A. Kavanagh, "Lightweight DHCPv6 Relay Agent", RFC 6221, DOI 10.17487/RFC6221, May 2011, <https://www.rfc-editor.org/info/rfc6221>. [RFC6355] Narten, T. and J. Johnson, "Definition of the UUID-Based DHCPv6 Unique Identifier (DUID-UUID)", RFC 6355, DOI 10.17487/RFC6355, August 2011, <https://www.rfc-editor.org/info/rfc6355>. [RFC6543] Gundavelli, S., "Reserved IPv6 Interface Identifier for Proxy Mobile IPv6", RFC 6543, DOI 10.17487/RFC6543, May 2012, <https://www.rfc-editor.org/info/rfc6543>. [RFC7084] Singh, H., Beebee, W., Donley, C., and B. Stark, "Basic Requirements for IPv6 Customer Edge Routers", RFC 7084, DOI 10.17487/RFC7084, November 2013, <https://www.rfc-editor.org/info/rfc7084>. [RFC7421] Carpenter, B., Ed., Chown, T., Gont, F., Jiang, S., Petrescu, A., and A. Yourtchenko, "Analysis of the 64-bit Boundary in IPv6 Addressing", RFC 7421, DOI 10.17487/RFC7421, January 2015, <https://www.rfc-editor.org/info/rfc7421>. [RFC7526] Troan, O. and B. Carpenter, Ed., "Deprecating the Anycast Prefix for 6to4 Relay Routers", BCP 196, RFC 7526, DOI 10.17487/RFC7526, May 2015, <https://www.rfc-editor.org/info/rfc7526>. Templin & Whyman Expires June 13, 2021 [Page 54] Internet-Draft IPv6 over OMNI Interfaces December 2020 [RFC7542] DeKok, A., "The Network Access Identifier", RFC 7542, DOI 10.17487/RFC7542, May 2015, <https://www.rfc-editor.org/info/rfc7542>. [RFC7739] Gont, F., "Security Implications of Predictable Fragment Identification Values", RFC 7739, DOI 10.17487/RFC7739, February 2016, <https://www.rfc-editor.org/info/rfc7739>. [RFC7847] Melia, T., Ed. and S. Gundavelli, Ed., "Logical-Interface Support for IP Hosts with Multi-Access Support", RFC 7847, DOI 10.17487/RFC7847, May 2016, <https://www.rfc-editor.org/info/rfc7847>. [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017, <https://www.rfc-editor.org/info/rfc8126>. [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., Decraene, B., Litkowski, S., and R. Shakir, "Segment Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, July 2018, <https://www.rfc-editor.org/info/rfc8402>. [RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020, <https://www.rfc-editor.org/info/rfc8754>. [RFC8900] Bonica, R., Baker, F., Huston, G., Hinden, R., Troan, O., and F. Gont, "IP Fragmentation Considered Fragile", BCP 230, RFC 8900, DOI 10.17487/RFC8900, September 2020, <https://www.rfc-editor.org/info/rfc8900>. Appendix A. Interface Attribute Preferences Bitmap Encoding Adaptation of the OMNI option Interface Attributes Preferences Bitmap encoding to specific Internetworks such as the Aeronautical Telecommunications Network with Internet Protocol Services (ATN/IPS) may include link selection preferences based on other traffic classifiers (e.g., transport port numbers, etc.) in addition to the existing DSCP-based preferences. Nodes on specific Internetworks maintain a map of traffic classifiers to additional P[*] preference fields beyond the first 64. For example, TCP port 22 maps to P[67], TCP port 443 maps to P[70], UDP port 8060 maps to P[76], etc. Implementations use Simplex or Indexed encoding formats for P[*] encoding in order to encode a given set of traffic classifiers in the most efficient way. Some use cases may be more efficiently coded Templin & Whyman Expires June 13, 2021 [Page 55] Internet-Draft IPv6 over OMNI Interfaces December 2020 using Simplex form, while others may be more efficient using Indexed. Once a format is selected for preparation of a single Interface Attribute the same format must be used for the entire Interface Attribute sub-option. Different sub-options may use different formats. The following figures show coding examples for various Simplex and Indexed formats: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sub-Type=2 | Sub-length=N | ifIndex | ifType | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Provider ID | Link |R| API | Bitmap(0)=0xff|P00|P01|P02|P03| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |P04|P05|P06|P07|P08|P09|P10|P11|P12|P13|P14|P15|P16|P17|P18|P19| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |P20|P21|P22|P23|P24|P25|P26|P27|P28|P29|P30|P31| Bitmap(1)=0xff| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |P32|P33|P34|P35|P36|P37|P38|P39|P40|P41|P42|P43|P44|P45|P46|P47| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |P48|P49|P50|P51|P52|P53|P54|P55|P56|P57|P58|P59|P60|P61|P62|P63| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Bitmap(2)=0xff|P64|P65|P67|P68| ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- Figure 19: Example 1: Dense Simplex Encoding Templin & Whyman Expires June 13, 2021 [Page 56] Internet-Draft IPv6 over OMNI Interfaces December 2020 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sub-Type=2 | Sub-length=N | ifIndex | ifType | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Provider ID | Link |R| API | Bitmap(0)=0x00| Bitmap(1)=0x0f| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |P48|P49|P50|P51|P52|P53|P54|P55|P56|P57|P58|P59|P60|P61|P62|P63| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Bitmap(2)=0x00| Bitmap(3)=0x00| Bitmap(4)=0x00| Bitmap(5)=0x00| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Bitmap(6)=0xf0|192|193|194|195|196|197|198|199|200|201|202|203| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |204|205|206|207| Bitmap(7)=0x00| Bitmap(8)=0x0f|272|273|274|275| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |276|277|278|279|280|281|282|283|284|285|286|287| Bitmap(9)=0x00| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Bitmap(10)=0x00| ... +-+-+-+-+-+-+-+-+-+-+- Figure 20: Example 2: Sparse Simplex Encoding 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sub-Type=2 | Sub-length=N | ifIndex | ifType | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Provider ID | Link |R| API | Index = 0x00 | Bitmap = 0x80 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |P00|P01|P02|P03| Index = 0x01 | Bitmap = 0x01 |P60|P61|P62|P63| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Index = 0x10 | Bitmap = 0x80 |512|513|514|515| Index = 0x18 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Bitmap = 0x01 |796|797|798|799| ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- Figure 21: Example 3: Indexed Encoding Appendix B. VDL Mode 2 Considerations ICAO Doc 9776 is the "Technical Manual for VHF Data Link Mode 2" (VDLM2) that specifies an essential radio frequency data link service for aircraft and ground stations in worldwide civil aviation air traffic management. The VDLM2 link type is "multicast capable" [RFC4861], but with considerable differences from common multicast links such as Ethernet and IEEE 802.11. Templin & Whyman Expires June 13, 2021 [Page 57] Internet-Draft IPv6 over OMNI Interfaces December 2020 First, the VDLM2 link data rate is only 31.5Kbps - multiple orders of magnitude less than most modern wireless networking gear. Second, due to the low available link bandwidth only VDLM2 ground stations (i.e., and not aircraft) are permitted to send broadcasts, and even so only as compact layer 2 "beacons". Third, aircraft employ the services of ground stations by performing unicast RS/RA exchanges upon receipt of beacons instead of listening for multicast RA messages and/or sending multicast RS messages. This beacon-oriented unicast RS/RA approach is necessary to conserve the already-scarce available link bandwidth. Moreover, since the numbers of beaconing ground stations operating within a given spatial range must be kept as sparse as possible, it would not be feasible to have different classes of ground stations within the same region observing different protocols. It is therefore highly desirable that all ground stations observe a common language of RS/RA as specified in this document. Note that links of this nature may benefit from compression techniques that reduce the bandwidth necessary for conveying the same amount of data. The IETF lpwan working group is considering possible alternatives: [https://datatracker.ietf.org/wg/lpwan/documents]. Appendix C. MN / AR Isolation Through L2 Address Mapping Per [RFC4861], IPv6 ND messages may be sent to either a multicast or unicast link-scoped IPv6 destination address. However, IPv6 ND messaging should be coordinated between the MN and AR only without invoking other nodes on the ANET. This implies that MN / AR control messaging should be isolated and not overheard by other nodes on the link. To support MN / AR isolation on some ANET links, ARs can maintain an OMNI-specific unicast L2 address ("MSADDR"). For Ethernet-compatible ANETs, this specification reserves one Ethernet unicast address TBD2 (see: Section 19). For non-Ethernet statically-addressed ANETs, MSADDR is reserved per the assigned numbers authority for the ANET addressing space. For still other ANETs, MSADDR may be dynamically discovered through other means, e.g., L2 beacons. MNs map the L3 addresses of all IPv6 ND messages they send (i.e., both multicast and unicast) to MSADDR instead of to an ordinary unicast or multicast L2 address. In this way, all of the MN's IPv6 ND messages will be received by ARs that are configured to accept packets destined to MSADDR. Note that multiple ARs on the link could be configured to accept packets destined to MSADDR, e.g., as a basis for supporting redundancy. Templin & Whyman Expires June 13, 2021 [Page 58] Internet-Draft IPv6 over OMNI Interfaces December 2020 Therefore, ARs must accept and process packets destined to MSADDR, while all other devices must not process packets destined to MSADDR. This model has well-established operational experience in Proxy Mobile IPv6 (PMIP) [RFC5213][RFC6543]. Appendix D. Change Log << RFC Editor - remove prior to publication >> Differences from draft-templin-6man-omni-interface-35 to draft- templin-6man-omni-interface-36: o Major clarifications on aspects such as "hard/soft" PTB error messages o Made generic so that either IP protocol version (IPv4 or IPv6) can be used in the data plane. Differences from draft-templin-6man-omni-interface-31 to draft- templin-6man-omni-interface-32: o MTU o Support for multi-hop ANETS such as ISATAP. Differences from draft-templin-6man-omni-interface-29 to draft- templin-6man-omni-interface-30: o Moved link-layer addressing information into the OMNI option on a per-ifIndex basis o Renamed "ifIndex-tuple" to "Interface Attributes" Differences from draft-templin-6man-omni-interface-27 to draft- templin-6man-omni-interface-28: o Updates based on implementation expereince. Differences from draft-templin-6man-omni-interface-25 to draft- templin-6man-omni-interface-26: o Further clarification on "aggregate" RA messages. o Expanded Security Considerations to discuss expectations for security in the Mobility Service. Differences from draft-templin-6man-omni-interface-20 to draft- templin-6man-omni-interface-21: Templin & Whyman Expires June 13, 2021 [Page 59] Internet-Draft IPv6 over OMNI Interfaces December 2020 o Safety-Based Multilink (SBM) and Performance-Based Multilink (PBM). Differences from draft-templin-6man-omni-interface-18 to draft- templin-6man-omni-interface-19: o SEND/CGA. Differences from draft-templin-6man-omni-interface-17 to draft- templin-6man-omni-interface-18: o Teredo Differences from draft-templin-6man-omni-interface-14 to draft- templin-6man-omni-interface-15: o Prefix length discussions removed. Differences from draft-templin-6man-omni-interface-12 to draft- templin-6man-omni-interface-13: o Teredo Differences from draft-templin-6man-omni-interface-11 to draft- templin-6man-omni-interface-12: o Major simplifications and clarifications on MTU and fragmentation. o Document now updates RFC4443 and RFC8201. Differences from draft-templin-6man-omni-interface-10 to draft- templin-6man-omni-interface-11: o Removed /64 assumption, resulting in new OMNI address format. Differences from draft-templin-6man-omni-interface-07 to draft- templin-6man-omni-interface-08: o OMNI MNs in the open Internet Differences from draft-templin-6man-omni-interface-06 to draft- templin-6man-omni-interface-07: o Brought back L2 MSADDR mapping text for MN / AR isolation based on L2 addressing. o Expanded "Transition Considerations". Templin & Whyman Expires June 13, 2021 [Page 60] Internet-Draft IPv6 over OMNI Interfaces December 2020 Differences from draft-templin-6man-omni-interface-05 to draft- templin-6man-omni-interface-06: o Brought back OMNI option "R" flag, and discussed its use. Differences from draft-templin-6man-omni-interface-04 to draft- templin-6man-omni-interface-05: o Transition considerations, and overhaul of RS/RA addressing with the inclusion of MSE addresses within the OMNI option instead of as RS/RA addresses (developed under FAA SE2025 contract number DTFAWA-15-D-00030). Differences from draft-templin-6man-omni-interface-02 to draft- templin-6man-omni-interface-03: o Added "advisory PTB messages" under FAA SE2025 contract number DTFAWA-15-D-00030. Differences from draft-templin-6man-omni-interface-01 to draft- templin-6man-omni-interface-02: o Removed "Primary" flag and supporting text. o Clarified that "Router Lifetime" applies to each ANET interface independently, and that the union of all ANET interface Router Lifetimes determines MSE lifetime. Differences from draft-templin-6man-omni-interface-00 to draft- templin-6man-omni-interface-01: o "All-MSEs" OMNI LLA defined. Also reserved fe80::ff00:0000/104 for future use (most likely as "pseudo-multicast"). o Non-normative discussion of alternate OMNI LLA construction form made possible if the 64-bit assumption were relaxed. First draft version (draft-templin-atn-aero-interface-00): o Draft based on consensus decision of ICAO Working Group I Mobility Subgroup March 22, 2019. Authors' Addresses Templin & Whyman Expires June 13, 2021 [Page 61] Internet-Draft IPv6 over OMNI Interfaces December 2020 Fred L. Templin (editor) The Boeing Company P.O. Box 3707 Seattle, WA 98124 USA Email: fltemplin@acm.org Tony Whyman MWA Ltd c/o Inmarsat Global Ltd 99 City Road London EC1Y 1AX England Email: tony.whyman@mccallumwhyman.com Templin & Whyman Expires June 13, 2021 [Page 62]