Transmission of IP Packets over Overlay Multilink Network (OMNI) Interfaces
draft-templin-6man-omni-interface-55
The information below is for an old version of the document.
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Replaced".
|
|
|---|---|---|---|
| Authors | Fred Templin , Tony Whyman | ||
| Last updated | 2020-12-10 | ||
| Replaces | draft-templin-atn-aero-interface | ||
| Replaced by | draft-templin-6man-omni | ||
| RFC stream | (None) | ||
| Formats | |||
| Additional resources | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-templin-6man-omni-interface-55
Network Working Group P. Hoffman, Ed.
Request for Comments: 4134 Internet Mail Consortium
Category: Informational July 2005
Examples of S/MIME Messages
Status of This Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2005).
Abstract
This document gives examples of message bodies formatted using
S/MIME. Specifically, it has examples of Cryptographic Message
Syntax (CMS) objects and S/MIME messages (including the MIME
formatting). It includes examples of many common CMS formats. The
purpose of this document is to help increase interoperability for
S/MIME and other protocols that rely on CMS.
Hoffman, Ed. Informational [Page 1]
RFC 4134 Examples of S/MIME Messages July 2005
Table of Contents
1. Introduction ................................................ 3
2. Constants Used in the Examples .............................. 3
2.1. Content of Documents .................................. 4
2.2. Private Keys .......................................... 4
2.3. Certificates .......................................... 13
2.4. CRLs .................................................. 33
3. Trivial Examples ............................................ 39
3.1. ContentInfo with Data Type, BER ....................... 39
3.2. ContentInfo with Data Type, DER ....................... 39
4. Signed-data ................................................. 39
4.1. Basic Signed Content, DSS ............................. 39
4.2. Basic Signed Content, RSA ............................. 44
4.3. Basic Signed Content, Detached Content ................ 49
4.4. Fancier Signed Content ................................ 53
4.5. All RSA Signed Message ................................ 68
4.6. Multiple Signers ...................................... 75
4.7. Signing Using SKI ..................................... 83
4.8. S/MIME multipart/signed Message ....................... 87
4.9. S/MIME application/pkcs7-mime Signed Message .......... 88
4.10. SignedData with Attributes ............................ 89
4.11. SignedData with Certificates Only ..................... 101
5. Enveloped-data .............................................. 109
5.1. Basic Encrypted Content, TripleDES and RSA ............ 109
5.2. Basic Encrypted Content, RC2/128 and RSA .............. 110
5.3. S/MIME application/pkcs7-mime Encrypted Message ....... 112
6. Digested-data ............................................... 112
7. Encrypted-data .............................................. 113
7.1. Simple EncryptedData .................................. 113
7.2. EncryptedData with Unprotected Attributes ............. 114
8. Security Considerations ..................................... 115
9. References .................................................. 115
9.1. Normative References .................................. 115
9.2. Informative References ................................ 115
A. Binaries of the Examples .................................... 116
A.1. How the Binaries and Extractor Works .................. 116
A.2. Example Extraction Program ............................ 116
B. Examples in Order of Appearance ............................. 118
C. Acknowledgements ............................................ 135
Hoffman, Ed. Informational [Page 2]
RFC 4134 Examples of S/MIME Messages July 2005
1. Introduction
The examples in this document show the structure and format of CMS
message bodies, as described in [CMS]. They are useful to
implementors who use protocols that rely on CMS, such as the S/MIME
message format protocol. There are also examples of simple S/MIME
messages [SMIME-MSG] (including the MIME headers).
Every example in this document has been checked by two different
implementors. This strongly indicates (but does not assure) that the
examples are correct. All CMS implementors must read the CMS
document carefully before implementing from it. No one should use
the examples in this document as stand-alone explanations of how to
create CMS message bodies.
This document explicitly does not attempt to cover many PKIX [PKIX]
examples. Documents with examples of that format may be forthcoming.
Also, note that [DVCS], which covers PKIX Data Validation and
Certification Server Protocols, has examples of formats for its
protocol.
The examples shown here were created and validated by many different
people over a long period of time. Because of this, some of the
dates used in the examples are many years in the past. This, plus
the fact that some of the certificates in the examples have very long
lifespans, may cause problems in some test situations.
2. Constants Used in the Examples
This section defines the data used in the rest of the document. The
names of the constants indicate their use. For example,
AlicePrivDSSSign is the private part of Alice's DSS signing key.
- Alice is the creator of the message bodies in this document.
- Bob is the recipient of the messages.
- Carl is a CA.
- Diane sometimes gets involved with these folks.
- Erica also sometimes gets involved.
Hoffman, Ed. Informational [Page 3]
RFC 4134 Examples of S/MIME Messages July 2005
2.1. Content of Documents
ExContent is the following sentence:
This is some sample content.
That is, it is the string of characters starting with "T" up to and
including the ".".
The hex for ExContent is
5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e
The MD5 hash of ExContent is
9898 cac8 fab7 691f f89d c207 24e7 4a04
The SHA-1 hash of ExContent is
406a ec08 5279 ba6e 1602 2d9e 0629 c022 9687 dd48
2.2. Private Keys
The following private keys are needed to create the samples. To find
the public keys, see the certificates in the next section.
AlicePrivDSSSign =
0 30 331: SEQUENCE {
4 02 1: INTEGER 0
7 30 299: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
20 30 286: SEQUENCE {
24 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
: 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
: 53 C5 AB 84 08 4F FF 94 E1 73 48 7E
: 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
: DC 5F 69 8A E4 75 D0 37 0C 91 08 95
: 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
: 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
: 78 BD FF 9D B0 84 97 37 F2 E4 51 1B
: B5 E4 09 96 5C F3 7E 5B DB
156 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
: B8 37 21 2B 62 8B F7 93 CD
Hoffman, Ed. Informational [Page 4]
RFC 4134 Examples of S/MIME Messages July 2005
179 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
: 4B 59 6A 4C 76 23 39 04 02 35 5C F2
: CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
: AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
: 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
: E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
: 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
: 1F 11 7F C2 BD ED D1 50 FF 98 74 C2
: D1 81 4A 60 39 BA 36 39
: }
: }
310 04 23: OCTET STRING, encapsulates {
312 02 21: INTEGER
: 00 BB 44 46 D1 A5 C9 46 07 2E D0 FE
: 7A D6 92 07 F0 9A 85 89 3F
: }
: }
AlicePrivRSASign =
0 30 630: SEQUENCE {
4 02 1: INTEGER 0
7 30 13: SEQUENCE {
9 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
20 05 0: NULL
: }
22 04 608: OCTET STRING, encapsulates {
26 30 604: SEQUENCE {
30 02 1: INTEGER 0
33 02 129: INTEGER
: 00 E0 89 73 39 8D D8 F5 F5 E8 87 76
: 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB
: DC 7D C7 75 29 0D 05 2E 6D 12 DF A6
: 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
: 82 51 0F 30 80 BE B1 50 9E 46 44 F1
: 2C BB D8 32 CF C6 68 6F 07 D9 B0 60
: AC BE EE 34 09 6A 13 F5 F7 05 05 93
: DF 5E BA 35 56 D9 61 FF 19 7F C9 81
: E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
: 9F 2D FA 55 3A B9 99 77 02 A6 48 52
: 8C 4E F3 57 38 57 74 57 5F
165 02 3: INTEGER 65537
170 02 128: INTEGER
: 00 A4 03 C3 27 47 76 34 34 6C A6 86
Hoffman, Ed. Informational [Page 5]
RFC 4134 Examples of S/MIME Messages July 2005
: B5 79 49 01 4B 2E 8A D2 C8 62 B2 C7
: D7 48 09 6A 8B 91 F7 36 F2 75 D6 E8
: CD 15 90 60 27 31 47 35 64 4D 95 CD
: 67 63 CE B4 9F 56 AC 2F 37 6E 1C EE
: 0E BF 28 2D F4 39 90 6F 34 D8 6E 08
: 5B D5 65 6A D8 41 F3 13 D7 2D 39 5E
: FE 33 CB FF 29 E4 03 0B 3D 05 A2 8F
: B7 F1 8E A2 76 37 B0 79 57 D3 2F 2B
: DE 87 06 22 7D 04 66 5E C9 1B AF 8B
: 1A C3 EC 91 44 AB 7F 21
301 02 65: INTEGER
: 00 F6 D6 E0 22 21 4C 5F 0A 70 FF 27
: FC E5 B3 50 6A 9D E5 0F B5 85 96 C6
: 40 FA A8 0A B4 9B 9B 0C 55 C2 01 1D
: F9 37 82 8A 14 C8 F2 93 0E 92 CD A5
: 66 21 B9 3C D2 06 BF B4 55 31 C9 DC
: AD CA 98 2D D1
368 02 65: INTEGER
: 00 E8 DE B0 11 25 09 D2 02 51 01 DE
: 8A E8 98 50 F5 77 77 61 A4 45 93 6B
: 08 55 96 73 5D F4 C8 5B 12 93 22 73
: 8B 7F D3 70 7F F5 A4 AA BB 74 FD 3C
: 22 6A DA 38 91 2A 86 5B 6C 14 E8 AE
: 4C 9E FA 8E 2F
435 02 65: INTEGER
: 00 97 4C F0 87 9B 17 7F EE 1B 83 1B
: 14 B6 0B 6A 90 5F 86 27 51 E1 B7 A0
: 7F F5 E4 88 E3 59 B9 F9 1E 9B D3 29
: 77 38 22 48 D7 22 B1 25 98 BA 3D 59
: 53 B7 FA 1E 20 B2 C8 51 16 23 75 93
: 51 E7 AB CD F1
502 02 64: INTEGER
: 2C F0 24 5B FA A0 CD 85 22 EA D0 6E
: 4F FA 6C CD 21 D3 C8 E4 F1 84 44 48
: 64 73 D7 29 8F 7E 46 8C EC 15 DE E4
: 51 B3 94 E7 2C 99 2D 55 65 7B 24 EA
: A3 62 1F 3E 6C 4D 67 41 11 3B E1 BE
: E9 83 02 83
568 02 64: INTEGER
: 58 88 D9 A1 50 38 84 6A AB 03 BC BB
: DF 4B F4 9C 6F B8 B4 2A 25 FB F6 E4
: 05 2F 6E E2 88 89 21 6F 4B 25 9E D0
: AB 50 93 CA BF 40 71 EC 21 25 C5 7F
: FB 02 E9 21 96 B8 33 CD E2 C6 95 EE
: 6F 8D 5F 28
: }
: }
: }
Hoffman, Ed. Informational [Page 6]
RFC 4134 Examples of S/MIME Messages July 2005
BobPrivRSAEncrypt =
0 30 645: SEQUENCE {
4 02 1: INTEGER 0
7 30 13: SEQUENCE {
9 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
20 05 0: NULL
: }
22 04 608: OCTET STRING, encapsulates {
26 30 604: SEQUENCE {
30 02 1: INTEGER 0
33 02 129: INTEGER
: 00 A9 E1 67 98 3F 39 D5 5F F2 A0 93
: 41 5E A6 79 89 85 C8 35 5D 9A 91 5B
: FB 1D 01 DA 19 70 26 17 0F BD A5 22
: D0 35 85 6D 7A 98 66 14 41 5C CF B7
: B7 08 3B 09 C9 91 B8 19 69 37 6D F9
: 65 1E 7B D9 A9 33 24 A3 7F 3B BB AF
: 46 01 86 36 34 32 CB 07 03 59 52 FC
: 85 8B 31 04 B8 CC 18 08 14 48 E6 4F
: 1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53
: D8 69 01 F1 05 F8 7A 70 D1 BE 83 C6
: 5F 38 CF 1C 2C AA 6A A7 EB
165 02 3: INTEGER 65537
170 02 128: INTEGER
: 67 CD 48 4C 9A 0D 8F 98 C2 1B 65 FF
: 22 83 9C 6D F0 A6 06 1D BC ED A7 03
: 88 94 F2 1C 6B 0F 8B 35 DE 0E 82 78
: 30 CB E7 BA 6A 56 AD 77 C6 EB 51 79
: 70 79 0A A0 F4 FE 45 E0 A9 B2 F4 19
: DA 87 98 D6 30 84 74 E4 FC 59 6C C1
: C6 77 DC A9 91 D0 7C 30 A0 A2 C5 08
: 5E 21 71 43 FC 0D 07 3D F0 FA 6D 14
: 9E 4E 63 F0 17 58 79 1C 4B 98 1C 3D
: 3D B0 1B DF FA 25 3B A3 C0 2C 98 05
: F6 10 09 D8 87 DB 03 19
301 02 65: INTEGER
: 00 D0 C3 22 C6 DE A2 99 18 76 8F 8D
: BC A6 75 D6 66 3F D4 8D 45 52 8C 76
: F5 72 C4 EB F0 46 9A F1 3E 5C AA 55
: 0B 9B DA DD 6B 6D F8 FC 3B 3C 08 43
: 93 B5 5B FE CE EA FD 68 84 23 62 AF
: F3 31 C2 B9 E5
368 02 65: INTEGER
: 00 D0 51 FC 1E 22 B7 5B ED B5 8E 01
: C8 D7 AB F2 58 D4 F7 82 94 F3 53 A8
: 19 45 CB 66 CA 28 19 5F E2 10 2B F3
Hoffman, Ed. Informational [Page 7]
RFC 4134 Examples of S/MIME Messages July 2005
: 8F EC 6A 30 74 F8 4D 11 F4 A7 C4 20
: B5 47 21 DC 49 01 F9 0A 20 29 F0 24
: 08 84 60 7D 8F
435 02 64: INTEGER
: 34 BA 64 C9 48 28 57 74 D7 55 50 DE
: 6A 48 EF 1B 2A 5A 1C 48 7B 1E 21 59
: C3 60 3B 9B 97 A9 C0 EF 18 66 A9 4E
: 62 52 38 84 CE E5 09 88 48 94 69 C5
: 20 14 99 5A 57 FE 23 6C E4 A7 23 7B
: D0 80 B7 85
501 02 65: INTEGER
: 00 9E 2F B3 37 9A FB 0B 06 5D 57 E1
: 09 06 A4 5D D9 90 96 06 05 5F 24 06
: 40 72 9C 3A 88 85 9C 87 0F 9D 62 12
: 88 16 68 A8 35 1A 1B 43 E8 38 C0 98
: 69 AF 03 0A 48 32 04 4E E9 0F 8F 77
: 7D 34 30 25 07
568 02 64: INTEGER
: 57 18 67 D6 0A D2 B5 AB C2 BA 7A E7
: 54 DA 9C 05 4F 81 D4 EF 01 89 1E 32
: 3D 69 CB 31 C4 52 C8 54 55 25 00 3B
: 1C 2A 7C 26 50 D5 E9 A6 D7 77 CB CF
: 15 F5 EE 0B D5 8D EE B3 AF 4C A1 7C
: 63 46 41 F6
: }
: }
634 A0 13: [0] {
636 30 11: SEQUENCE {
638 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
643 31 4: SET {
645 03 2: BIT STRING 0 unused bits
: '00001000'B (bit 3)
: Error: Spurious zero bits in bitstring.
: }
: }
: }
: }
CarlPrivDSSSign =
0 30 330: SEQUENCE {
4 02 1: INTEGER 0
7 30 299: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
20 30 286: SEQUENCE {
24 02 129: INTEGER
: 00 B6 49 18 3E 8A 44 C1 29 71 94 4C
Hoffman, Ed. Informational [Page 8]
RFC 4134 Examples of S/MIME Messages July 2005
: 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81
: FB C6 4C B3 0E 94 09 06 EB 01 D4 B1
: C8 71 4B C7 45 C0 50 25 5D 9C FC DA
: E4 6D D3 E2 86 48 84 82 7D BA 15 95
: 4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A
: 0A 8A BA 16 7B B9 50 01 48 93 8B EB
: 25 15 51 97 55 DC 8F 53 0E 10 A9 50
: FC 70 B7 CD 30 54 FD DA DE A8 AA 22
: B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9
: AD E1 08 D4 6D 29 2D D6 E9
156 02 21: INTEGER
: 00 DD C1 2F DF 53 CE 0B 34 60 77 3E
: 02 A4 BF 8A 5D 98 B9 10 D5
179 02 128: INTEGER
: 0C EE 57 9B 4B BD DA B6 07 6A 74 37
: 4F 55 7F 9D ED BC 61 0D EB 46 59 3C
: 56 0B 2B 5B 0C 91 CE A5 62 52 69 CA
: E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
: AD CB AE 45 E3 06 AC 8C 22 9D 9C 44
: 87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE
: AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A
: 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
: 8A 79 61 B4 D5 2F 53 22 44 63 1F 86
: B8 A3 58 06 25 F8 29 C0 EF BA E0 75
: F0 42 C4 63 65 52 9B 0A
: }
: }
310 04 22: OCTET STRING, encapsulates {
312 02 20: INTEGER
: 19 B3 38 A5 21 62 31 50 E5 7F B9 3E
: 08 46 78 D1 3E B5 E5 72
: }
: }
CarlPrivRSASign =
0 30 630: SEQUENCE {
4 02 1: INTEGER 0
7 30 13: SEQUENCE {
9 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
20 05 0: NULL
: }
22 04 608: OCTET STRING, encapsulates {
26 30 604: SEQUENCE {
30 02 1: INTEGER 0
33 02 129: INTEGER
: 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E
Hoffman, Ed. Informational [Page 9]
RFC 4134 Examples of S/MIME Messages July 2005
: 73 7B 93 71 5C BC 33 1A 92 92 72 23
: D8 41 46 D0 CD 11 3A 04 B3 8E AF 82
: 9D BD 51 1E 17 7A F2 76 2C 2B 86 39
: A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC
: A2 36 B1 ED E2 50 E2 32 09 8A 3F 9F
: 99 25 8F B8 4E AB B9 7D D5 96 65 DA
: 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
: 29 CB 82 DD AC 44 E9 AA 93 94 29 0E
: F8 18 D6 C8 57 5E F2 76 C4 F2 11 60
: 38 B9 1B 3C 1D 97 C9 6A F1
165 02 3: INTEGER 65537
170 02 129: INTEGER
: 00 AE 73 E4 5B 5F 5B 66 5A C9 D7 C6
: EF 38 5F 53 21 2A 2F 62 FE DE 29 9A
: 7A 86 67 36 E7 7D 62 78 75 3D 73 A0
: BC 29 0E F3 8F BD C3 C9 C9 B6 F8 BA
: D6 13 9B C3 97 7A CA 6A F0 B8 85 65
: 4E 0F BD A7 A8 F7 54 06 41 BD EB DC
: 20 77 90 DF 61 9B 9A 6F 74 DE EA 3B
: D4 9C 87 60 ED 76 84 F1 6A 30 37 D5
: E0 90 16 F8 80 47 C3 19 6B ED 75 77
: BA 4A ED 39 B6 5D 02 47 3B 5F 1B C8
: 1C AB CB E8 F5 26 3F A4 81
302 02 65: INTEGER
: 00 FF DF 09 A0 56 0B 42 52 9E C4 4D
: 93 B3 B0 49 BB DE E7 81 7D 28 99 D0
: B1 48 BA 0B 39 E1 1C 7B 22 18 33 B6
: 40 F6 BF DC AE 1D D0 A1 AD 04 71 5A
: 61 0A 6E 3B CE 30 DA 36 9F 65 25 29
: BB A7 0E 7F 0B
369 02 65: INTEGER
: 00 E4 69 68 18 5F F9 57 D0 7C 66 89
: 0F BA 63 1D 72 CB 20 A4 81 76 64 89
: CD 7D D1 C2 27 A9 2E AC 7A 56 9A 85
: 07 D9 30 03 A3 03 AB 7F 88 92 50 24
: 01 AA 1B 07 1F 20 4C B7 C9 7B 56 F7
: B6 C2 7E AB 73
436 02 64: INTEGER
: 57 36 6C 8F 8C 04 76 6C B6 D4 EE 24
: 44 00 F8 80 E2 AF 42 01 A9 0F 14 84
: F8 E7 00 E0 8F 8C 27 A4 2D 5F A2 E5
: 6D B5 63 C0 AD 44 E9 76 91 A7 19 49
: 2E 46 F8 77 85 4B 3B 87 04 F0 AF D2
: D8 54 26 95
502 02 64: INTEGER
: 64 A1 0F AC 55 74 1B BD 0D 61 7B 17
: 03 CD B0 E6 A7 19 1D 80 AF F1 41 48
: D8 1A B6 88 14 A0 2C 7A C5 76 D4 0F
Hoffman, Ed. Informational [Page 10]
RFC 4134 Examples of S/MIME Messages July 2005
: 0E 1F 7A 2A B2 6E 37 04 AB 39 45 73
: BA 46 A8 0F 8D 82 5F 22 14 05 CF A2
: A3 F3 7C 83
568 02 64: INTEGER
: 26 1E 1D 1C A1 98 2B E4 DB 38 E8 57
: 6E 6B 73 19 88 61 3A FA 74 4A 36 8B
: 47 68 5D 50 EB 26 E3 EA 7D 9B 4E 65
: A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11
: AB A3 D6 A8 C0 27 36 1D 54 0B AA A7
: D1 6D 8D FA
: }
: }
: }
DianePrivDSSSign =
0 30 331: SEQUENCE {
4 02 1: INTEGER 0
7 30 299: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
20 30 286: SEQUENCE {
24 02 129: INTEGER
: 00 B6 49 18 3E 8A 44 C1 29 71 94 4C
: 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81
: FB C6 4C B3 0E 94 09 06 EB 01 D4 B1
: C8 71 4B C7 45 C0 50 25 5D 9C FC DA
: E4 6D D3 E2 86 48 84 82 7D BA 15 95
: 4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A
: 0A 8A BA 16 7B B9 50 01 48 93 8B EB
: 25 15 51 97 55 DC 8F 53 0E 10 A9 50
: FC 70 B7 CD 30 54 FD DA DE A8 AA 22
: B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9
: AD E1 08 D4 6D 29 2D D6 E9
156 02 21: INTEGER
: 00 DD C1 2F DF 53 CE 0B 34 60 77 3E
: 02 A4 BF 8A 5D 98 B9 10 D5
179 02 128: INTEGER
: 0C EE 57 9B 4B BD DA B6 07 6A 74 37
: 4F 55 7F 9D ED BC 61 0D EB 46 59 3C
: 56 0B 2B 5B 0C 91 CE A5 62 52 69 CA
: E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
: AD CB AE 45 E3 06 AC 8C 22 9D 9C 44
: 87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE
: AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A
: 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
: 8A 79 61 B4 D5 2F 53 22 44 63 1F 86
: B8 A3 58 06 25 F8 29 C0 EF BA E0 75
: F0 42 C4 63 65 52 9B 0A
Hoffman, Ed. Informational [Page 11]
RFC 4134 Examples of S/MIME Messages July 2005
: }
: }
310 04 23: OCTET STRING, encapsulates {
312 02 21: INTEGER
: 00 96 95 F9 E0 C1 E0 41 2D 32 0F 8B
: 42 52 93 2A E6 1E 0E 21 29
: }
: }
DianePrivRSASignEncrypt =
0 30 631: SEQUENCE {
4 02 1: INTEGER 0
7 30 13: SEQUENCE {
9 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
20 05 0: NULL
: }
22 04 609: OCTET STRING, encapsulates {
26 30 605: SEQUENCE {
30 02 1: INTEGER 0
33 02 129: INTEGER
: 00 D6 FD B8 C0 70 C6 4C 25 EC EA CF
: EA 7C BB A2 62 FA F0 E6 32 3A 53 FF
: B1 92 5A 17 F4 20 E1 99 24 82 0A D0
: F6 7C FB 44 CA 8B 27 06 F1 7E 26 03
: A9 76 9D CF EC A0 2C 70 96 F2 83 42
: F6 D4 B7 28 0A BB F8 BF 4A 4C 19 3F
: 07 DB A0 C1 60 1E B7 7E 67 F7 DE B1
: C3 60 49 AC 45 D7 F8 C6 EF 08 37 21
: 93 47 EE F0 73 35 72 B0 02 C4 F3 11
: C3 5E 47 E5 0A B7 83 F1 DB 74 69 64
: 8B 44 1D 95 5D CD 28 C0 85
165 02 3: INTEGER 65537
170 02 128: INTEGER
: 3D BD CD C2 0E 61 14 5B 4B E7 BF 60
: 23 04 2B C5 6B 35 A5 96 45 23 FC 69
: 7D 93 3C 0F D3 25 96 BA 62 52 42 E2
: 96 CF FE 58 80 8F EB B1 8C BD D4 0D
: 65 D0 3A 77 45 24 9E 0C EB 86 80 C3
: AC 21 11 71 44 E3 B2 A8 A9 2E AC 17
: D2 A3 84 25 63 B5 BC 2F 1E DD F6 21
: FF 15 20 24 5B F1 80 2F D5 41 0E 32
: 24 F7 D4 4A 32 9E B9 49 D8 19 8E 3F
: 39 8D 62 BD 80 FC 0C 24 92 93 E4 C3
: D7 05 91 53 BB 96 B6 41
301 02 65: INTEGER
: 00 F3 B8 3F 4A D1 94 B0 91 60 13 41
Hoffman, Ed. Informational [Page 12]
RFC 4134 Examples of S/MIME Messages July 2005
: 92 0D 8D 44 3F 77 1D FF 96 23 44 08
: D4 0B 70 C9 1A AF E9 90 94 F2 B0 D5
: 5F 4F 19 85 50 A1 90 91 AE BD 05 76
: 52 B3 22 D8 A8 7C 8E 54 7F 00 72 4F
: 36 75 68 73 B5
368 02 65: INTEGER
: 00 E1 D2 E7 11 57 06 AE 72 95 22 16
: AA 02 B4 5A ED 4E 9D 82 11 4F 96 3C
: 86 C9 10 8D 56 7B 31 75 79 69 E7 75
: 68 38 00 4B 2E D2 26 32 DD B1 E2 E0
: 2C 54 80 0A 75 BA D1 66 96 1B B0 0E
: A0 7E D2 BB 91
435 02 65: INTEGER
: 00 AF B6 BC DB 22 73 43 41 EC B4 B5
: 67 A9 A1 99 FC EF D2 8E FD 1D FB E5
: 29 8B FE 0A DF D4 C8 5E 57 25 0A 5D
: 2B D4 09 A0 56 5B C5 B1 62 FC 20 BE
: 08 2D E3 07 B5 A1 E7 B3 FF C4 C0 A5
: 5F AC 12 5C A9
502 02 65: INTEGER
: 00 B9 98 41 FC 08 50 1F 73 60 8A 01
: A2 7C 52 8A 20 5A EA 2C 89 D9 A5 19
: DD 94 C6 1B C3 25 C0 82 51 E4 EE 2B
: 9A 19 DC 73 ED E9 1D 27 D4 F8 6C 03
: DD AB 1D 08 7B B5 AC 7F E9 82 9B F1
: 89 8A 71 DB 61
569 02 64: INTEGER
: 01 07 21 97 5F 7A 60 A8 FD 5A 5C 07
: DF A8 DE F7 E2 B1 34 7D FC EB 91 BD
: B0 73 74 C8 C4 BE 3F 58 45 30 06 90
: B3 AC 69 CC B3 F7 3F 7C AC C7 B8 1B
: 65 A1 16 39 39 B0 E3 74 7D CF CD C5
: AC 6C BF E5
: }
: }
: }
2.3. Certificates
AliceDSSSignByCarlNoInherit =
0 30 732: SEQUENCE {
4 30 667: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 2: INTEGER 200
17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
Hoffman, Ed. Informational [Page 13]
RFC 4134 Examples of S/MIME Messages July 2005
: (ANSI X9.57 algorithm)
: }
28 30 18: SEQUENCE {
30 31 16: SET {
32 30 14: SEQUENCE {
34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
39 13 7: PrintableString 'CarlDSS'
: }
: }
: }
48 30 30: SEQUENCE {
50 17 13: UTCTime '990817011049Z'
65 17 13: UTCTime '391231235959Z'
: }
80 30 19: SEQUENCE {
82 31 17: SET {
84 30 15: SEQUENCE {
86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
91 13 8: PrintableString 'AliceDSS'
: }
: }
: }
101 30 438: SEQUENCE {
105 30 299: SEQUENCE {
109 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
118 30 286: SEQUENCE {
122 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
: 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
: 53 C5 AB 84 08 4F FF 94 E1 73 48 7E
: 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
: DC 5F 69 8A E4 75 D0 37 0C 91 08 95
: 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
: 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
: 78 BD FF 9D B0 84 97 37 F2 E4 51 1B
: B5 E4 09 96 5C F3 7E 5B DB
254 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
: B8 37 21 2B 62 8B F7 93 CD
277 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
: 4B 59 6A 4C 76 23 39 04 02 35 5C F2
: CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
OMNI interfaces configured over underlying interfaces that connect to
the open Internet can apply security services such as VPNs to connect
to an MSE or establish a direct link to an MSE through some other
means (see Section 4). In environments where an explicit VPN or
direct link may be impractical, OMNI interfaces can instead use UDP/
IP encapsulation and HMAC-based message authentication per
[RFC6081][RFC4380].
After establishing a VPN or preparing for UDP/IP encapsulation, OMNI
interfaces send control plane messages to interface with the MS,
including Neighbor Solicitation (NS) and Neighbor Advertisement (NA)
messages used for address resolution / route optimization (see:
[I-D.templin-intarea-6706bis]). The control plane messages must be
authenticated while data plane messages are delivered the same as for
ordinary best-effort Internet traffic with basic source address-based
data origin verification. Data plane communications via OMNI
interfaces that connect over the open Internet without an explicit
VPN should therefore employ transport- or higher-layer security to
ensure integrity and/or confidentiality.
OMNI interfaces in the open Internet are often located behind Network
Address Translators (NATs). The OMNI interface accommodates NAT
traversal using UDP/IP encapsulation and the mechanisms discussed in
[RFC6081][RFC4380][I-D.templin-intarea-6706bis].
18. Time-Varying MNPs
In some use cases, it is desirable, beneficial and efficient for the
MN to receive a constant MNP that travels with the MN wherever it
moves. For example, this would allow air traffic controllers to
easily track aircraft, etc. In other cases, however (e.g.,
intelligent transportation systems), the MN may be willing to
sacrifice a modicum of efficiency in order to have time-varying MNPs
that can be changed every so often to defeat adversarial tracking.
The prefix delegation services discussed in Section 12.3 allows OMNI
MNs that desire time-varying MNPs to obtain short-lived prefixes to
use a Temporary OMNI LLA as the source address of an RS message with
an OMNI option with DHCPv6 Option sub-options. The MN would then be
obligated to renumber its internal networks whenever its MNP (and
therefore also its OMNI address) changes. This should not present a
challenge for MNs with automated network renumbering services,
however presents limits for the durations of ongoing sessions that
would prefer to use a constant address.
Templin & Whyman Expires June 13, 2021 [Page 45]
Internet-Draft IPv6 over OMNI Interfaces December 2020
19. IANA Considerations
The IANA is instructed to allocate an official Type number TBD from
the registry "IPv6 Neighbor Discovery Option Formats" for the OMNI
option. Implementations set Type to 253 as an interim value
[RFC4727].
The IANA is instructed to assign a new Code value "1" in the "ICMPv6
Code Fields: Type 2 - Packet Too Big" registry. The registry should
read as follows:
Code Name Reference
--- ---- ---------
0 Diagnostic Packet Too Big [RFC4443]
1 Advisory Packet Too Big [RFCXXXX]
Figure 17: OMNI Option Sub-Type Values
The IANA is instructed to allocate one Ethernet unicast address TBD2
(suggest 00-00-5E-00-52-14 [RFC5214]) in the registry "IANA Ethernet
Address Block - Unicast Use".
The OMNI option also defines an 8-bit Sub-Type field, for which IANA
is instructed to create and maintain a new registry entitled "OMNI
option Sub-Type values". Initial values for the OMNI option Sub-Type
values registry are given below; future assignments are to be made
through Expert Review [RFC8126].
Value Sub-Type name Reference
----- ------------- ----------
0 Pad1 [RFCXXXX]
1 PadN [RFCXXXX]
2 Interface Attributes [RFCXXXX]
3 Traffic Selector [RFCXXXX]
4 MS-Register [RFCXXXX]
5 MS-Release [RFCXXXX]
6 Network Access Identifier [RFCXXXX]
7 Geo Coordinates [RFCXXXX]
8 DHCP Unique Identifier (DUID) [RFCXXXX]
9 DHCPv6 Message [RFCXXXX]
10-252 Unassigned
253-254 Experimental [RFCXXXX]
255 Reserved [RFCXXXX]
Figure 18: OMNI Option Sub-Type Values
Templin & Whyman Expires June 13, 2021 [Page 46]
Internet-Draft IPv6 over OMNI Interfaces December 2020
20. Security Considerations
Security considerations for IPv4 [RFC0791], IPv6 [RFC8200] and IPv6
Neighbor Discovery [RFC4861] apply. OMNI interface IPv6 ND messages
SHOULD include Nonce and Timestamp options [RFC3971] when transaction
confirmation and/or time synchronization is needed.
OMNI interfaces configured over secured ANET interfaces inherit the
physical and/or link-layer security properties of the connected
ANETs. OMNI interfaces configured over open INET interfaces can use
symmetric securing services such as VPNs or can by some other means
establish a direct link. When a VPN or direct link may be
impractical, however, an asymmetric security service such as the
authentication option specified in [RFC4380] or other protocol
control message security mechanisms may be necessary. While the OMNI
link protects control plane messaging, applications must still employ
end-to-end transport- or higher-layer security services to protect
the data plane.
The Mobility Service MUST provide strong network layer security for
control plane messages and forwarding path integrity for data plane
messages. In one example, the AERO service
[I-D.templin-intarea-6706bis] constructs a spanning tree between
mobility service elements and secures the links in the spanning tree
with network layer security mechanisms such as IPsec [RFC4301] or
Wireguard. Control plane messages are then constrained to travel
only over the secured spanning tree paths and are therefore protected
from attack or eavesdropping. Since data plane messages can travel
over route optimized paths that do not strictly follow the spanning
tree, however, end-to-end transport- or higher-layer security
services are still required.
Security considerations for specific access network interface types
are covered under the corresponding IP-over-(foo) specification
(e.g., [RFC2464], [RFC2492], etc.).
Security considerations for IPv6 fragmentation and reassembly are
discussed in Section 5.1.
21. Implementation Status
Draft -29 is implemented in the recently tagged AERO/OMNI 3.0.0
internal release, and Draft -30 is now tagged as the AERO/OMNI 3.0.1.
Newer specification versions will be tagged in upcoming releases.
First public release expected before the end of 2020.
Templin & Whyman Expires June 13, 2021 [Page 47]
Internet-Draft IPv6 over OMNI Interfaces December 2020
22. Acknowledgements
The first version of this document was prepared per the consensus
decision at the 7th Conference of the International Civil Aviation
Organization (ICAO) Working Group-I Mobility Subgroup on March 22,
2019. Consensus to take the document forward to the IETF was reached
at the 9th Conference of the Mobility Subgroup on November 22, 2019.
Attendees and contributors included: Guray Acar, Danny Bharj,
Francois D'Humieres, Pavel Drasil, Nikos Fistas, Giovanni Garofolo,
Bernhard Haindl, Vaughn Maiolla, Tom McParland, Victor Moreno, Madhu
Niraula, Brent Phillips, Liviu Popescu, Jacky Pouzet, Aloke Roy, Greg
Saccone, Robert Segers, Michal Skorepa, Michel Solery, Stephane
Tamalet, Fred Templin, Jean-Marc Vacher, Bela Varkonyi, Tony Whyman,
Fryderyk Wrobel and Dongsong Zeng.
The following individuals are acknowledged for their useful comments:
Michael Matyas, Madhu Niraula, Michael Richardson, Greg Saccone,
Stephane Tamalet, Eric Vyncke. Pavel Drasil, Zdenek Jaron and Michal
Skorepa are recognized for their many helpful ideas and suggestions.
Madhuri Madhava Badgandi, Katherine Tran, and Vijayasarathy
Rajagopalan are acknowledged for their hard work on the
implementation and insights that led to improvements to the spec.
Discussions on the IETF 6man and atn mailing lists during the fall of
2020 suggested additional points to consider. The authors gratefully
acknowledge the list members who contributed valuable insights
through those discussions. Eric Vyncke and Erik Kline were the
intarea ADs, while Bob Hinden and Ole Troan were the 6man WG chairs
at the time the document was developed; they are all gratefully
acknowledged for their many helpful insights.
This work is aligned with the NASA Safe Autonomous Systems Operation
(SASO) program under NASA contract number NNA16BD84C.
This work is aligned with the FAA as per the SE2025 contract number
DTFAWA-15-D-00030.
23. References
23.1. Normative References
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791,
DOI 10.17487/RFC0791, September 1981,
<https://www.rfc-editor.org/info/rfc791>.
Templin & Whyman Expires June 13, 2021 [Page 48]
Internet-Draft IPv6 over OMNI Interfaces December 2020
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black,
"Definition of the Differentiated Services Field (DS
Field) in the IPv4 and IPv6 Headers", RFC 2474,
DOI 10.17487/RFC2474, December 1998,
<https://www.rfc-editor.org/info/rfc2474>.
[RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander,
"SEcure Neighbor Discovery (SEND)", RFC 3971,
DOI 10.17487/RFC3971, March 2005,
<https://www.rfc-editor.org/info/rfc3971>.
[RFC4191] Draves, R. and D. Thaler, "Default Router Preferences and
More-Specific Routes", RFC 4191, DOI 10.17487/RFC4191,
November 2005, <https://www.rfc-editor.org/info/rfc4191>.
[RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast
Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005,
<https://www.rfc-editor.org/info/rfc4193>.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, DOI 10.17487/RFC4291, February
2006, <https://www.rfc-editor.org/info/rfc4291>.
[RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet
Control Message Protocol (ICMPv6) for the Internet
Protocol Version 6 (IPv6) Specification", STD 89,
RFC 4443, DOI 10.17487/RFC4443, March 2006,
<https://www.rfc-editor.org/info/rfc4443>.
[RFC4727] Fenner, B., "Experimental Values In IPv4, IPv6, ICMPv4,
ICMPv6, UDP, and TCP Headers", RFC 4727,
DOI 10.17487/RFC4727, November 2006,
<https://www.rfc-editor.org/info/rfc4727&Hoffman, Ed. Informational [Page 14]
RFC 4134 Examples of S/MIME Messages July 2005
: AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
: 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
: E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
: 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
: 1F 11 7F C2 BD ED D1 50 FF 98 74 C2
: D1 81 4A 60 39 BA 36 39
: }
: }
408 03 132: BIT STRING 0 unused bits, encapsulates {
412 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3
: 3F A9 EC AC 5E DC BD B7 13 11 34 A6
: 16 89 28 11 23 D9 34 86 67 75 75 13
: 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
: A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
: 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
: 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
: 32 84 F0 7E 41 40 FD 46 A7 63 4E 33
: F2 A5 E2 F4 F2 83 E5 B8
: }
: }
543 A3 129: [3] {
546 30 127: SEQUENCE {
548 30 12: SEQUENCE {
550 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
555 01 1: BOOLEAN TRUE
558 04 2: OCTET STRING, encapsulates {
560 30 0: SEQUENCE {}
: }
: }
562 30 14: SEQUENCE {
564 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
569 01 1: BOOLEAN TRUE
572 04 4: OCTET STRING, encapsulates {
574 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
578 30 31: SEQUENCE {
580 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
Hoffman, Ed. Informational [Page 15]
RFC 4134 Examples of S/MIME Messages July 2005
: (X.509 id-ce (2 5 29))
585 04 24: OCTET STRING, encapsulates {
587 30 22: SEQUENCE {
589 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
: 3D 20 BC 43 2B 93 F1 1F
: }
: }
: }
611 30 29: SEQUENCE {
613 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
618 04 22: OCTET STRING, encapsulates {
620 04 20: OCTET STRING
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
: 13 01 E2 FD E3 97 FE CD
: }
: }
642 30 31: SEQUENCE {
644 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
649 04 24: OCTET STRING, encapsulates {
651 30 22: SEQUENCE {
653 81 20: [1] 'AliceDSS@example.com'
: }
: }
: }
: }
: }
: }
675 30 9: SEQUENCE {
677 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
686 03 48: BIT STRING 0 unused bits, encapsulates {
689 30 45: SEQUENCE {
691 02 20: INTEGER
: 55 0C A4 19 1F 42 2B 89 71 22 33 8D
: 83 6A B5 3D 67 6B BF 45
713 02 21: INTEGER
: 00 9F 61 53 52 54 0B 5C B2 DD DA E7
: 76 1D E2 10 52 5B 43 5E BD
: }
: }
: }
AliceRSASignByCarl =
Hoffman, Ed. Informational [Page 16]
RFC 4134 Examples of S/MIME Messages July 2005
0 30 556: SEQUENCE {
4 30 405: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E
: C4 10 B3 B0
31 30 13: SEQUENCE {
33 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
44 05 0: NULL
: }
46 30 18: SEQUENCE {
48 31 16: SET {
50 30 14: SEQUENCE {
52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
57 13 7: PrintableString 'CarlRSA'
: }
: }
: }
66 30 30: SEQUENCE {
68 17 13: UTCTime '990919010847Z'
83 17 13: UTCTime '391231235959Z'
: }
98 30 19: SEQUENCE {
100 31 17: SET {
102 30 15: SEQUENCE {
104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
109 13 8: PrintableString 'AliceRSA'
: }
: }
: }
119 30 159: SEQUENCE {
122 30 13: SEQUENCE {
124 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
135 05 0: NULL
: }
137 03 141: BIT STRING 0 unused bits, encapsulates {
141 30 137: SEQUENCE {
144 02 129: INTEGER
: 00 E0 89 73 39 8D D8 F5 F5 E8 87 76
: 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB
Hoffman, Ed. Informational [Page 17]
RFC 4134 Examples of S/MIME Messages July 2005
: DC 7D C7 75 29 0D 05 2E 6D 12 DF A6
: 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
: 82 51 0F 30 80 BE B1 50 9E 46 44 F1
: 2C BB D8 32 CF C6 68 6F 07 D9 B0 60
: AC BE EE 34 09 6A 13 F5 F7 05 05 93
: DF 5E BA 35 56 D9 61 FF 19 7F C9 81
: E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
: 9F 2D FA 55 3A B9 99 77 02 A6 48 52
: 8C 4E F3 57 38 57 74 57 5F
276 02 3: INTEGER 65537
: }
: }
: }
281 A3 129: [3] {
284 30 127: SEQUENCE {
286 30 12: SEQUENCE {
288 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
293 01 1: BOOLEAN TRUE
296 04 2: OCTET STRING, encapsulates {
298 30 0: SEQUENCE {}
: }
: }
300 30 14: SEQUENCE {
302 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
307 01 1: BOOLEAN TRUE
310 04 4: OCTET STRING, encapsulates {
312 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
316 30 31: SEQUENCE {
318 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
323 04 24: OCTET STRING, encapsulates {
325 30 22: SEQUENCE {
327 80 20: [0]
: E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
: 42 37 4E 22 AE 9E 38 BB
: }
: }
: }
349 30 29: SEQUENCE {
351 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
Hoffman, Ed. Informational [Page 18]
RFC 4134 Examples of S/MIME Messages July 2005
: (X.509 id-ce (2 5 29))
356 04 22: OCTET STRING, encapsulates {
358 04 20: OCTET STRING
: 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D
: CE EC 3C A0 3A E3 FF 50
: }
: }
380 30 31: SEQUENCE {
382 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
387 04 24: OCTET STRING, encapsulates {
389 30 22: SEQUENCE {
391 81 20: [1] 'AliceRSA@example.com'
: }
: }
: }
: }
: }
: }
413 30 13: SEQUENCE {
415 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
426 05 0: NULL
: }
428 03 129: BIT STRING 0 unused bits
: 3E 70 47 A8 48 CC 13 58 8F CA 51 71
: 6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC
: CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C
: 59 A9 20 AA 05 81 A8 4E 25 AD A7 70
: 14 75 2F F5 C7 9B D1 0E E9 63 D2 64
: B7 C6 66 6E 73 21 54 DF F4 BA 25 5D
: 7D 49 D3 94 6B 22 36 74 73 B8 4A EC
: 2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A
: B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA
: F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A
: 76 AE EB 9B DB 49 B0 22
: }
BobRSASignByCarl =
0 30 551: SEQUENCE {
4 30 400: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E
: CD 5D 71 D0
Hoffman, Ed. Informational [Page 19]
RFC 4134 Examples of S/MIME Messages July 2005
31 30 13: SEQUENCE {
33 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
44 05 0: NULL
: }
46 30 18: SEQUENCE {
48 31 16: SET {
50 30 14: SEQUENCE {
52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
57 13 7: PrintableString 'CarlRSA'
: }
: }
: }
66 30 30: SEQUENCE {
68 17 13: UTCTime '990919010902Z'
83 17 13: UTCTime '391231235959Z'
: }
98 30 17: SEQUENCE {
100 31 15: SET {
102 30 13: SEQUENCE {
104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
109 13 6: PrintableString 'BobRSA'
: }
: }
: }
117 30 159: SEQUENCE {
120 30 13: SEQUENCE {
122 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
133 05 0: NULL
: }
135 03 141: BIT STRING 0 unused bits, encapsulates {
139 30 137: SEQUENCE {
142 02 129: INTEGER
: 00 A9 E1 67 98 3F 39 D5 5F F2 A0 93
: 41 5E A6 79 89 85 C8 35 5D 9A 91 5B
: FB 1D 01 DA 19 70 26 17 0F BD A5 22
: D0 35 85 6D 7A 98 66 14 41 5C CF B7
: B7 08 3B 09 C9 91 B8 19 69 37 6D F9
: 65 1E 7B D9 A9 33 24 A3 7F 3B BB AF
: 46 01 86 36 34 32 CB 07 03 59 52 FC
: 85 8B 31 04 B8 CC 18 08 14 48 E6 4F
: 1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53
: D8 69 01 F1 05 F8 7A 70 D1 BE 83 C6
Hoffman, Ed. Informational [Page 20]
RFC 4134 Examples of S/MIME Messages July 2005
: 5F 38 CF 1C 2C AA 6A A7 EB
274 02 3: INTEGER 65537
: }
: }
: }
279 A3 127: [3] {
281 30 125: SEQUENCE {
283 30 12: SEQUENCE {
285 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
290 01 1: BOOLEAN TRUE
293 04 2: OCTET STRING, encapsulates {
295 30 0: SEQUENCE {}
: }
: }
297 30 14: SEQUENCE {
299 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
304 01 1: BOOLEAN TRUE
307 04 4: OCTET STRING, encapsulates {
309 03 2: BIT STRING 5 unused bits
: '100'B (bit 2)
: }
: }
313 30 31: SEQUENCE {
315 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
320 04 24: OCTET STRING, encapsulates {
322 30 22: SEQUENCE {
324 80 20: [0]
: E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
: 42 37 4E 22 AE 9E 38 BB
: }
: }
: }
346 30 29: SEQUENCE {
348 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
353 04 22: OCTET STRING, encapsulates {
355 04 20: OCTET STRING
: E8 F4 B8 67 D8 B3 96 A4 2A F3 11 AA
: 29 D3 95 5A 86 16 B4 24
: }
: }
377 30 29: SEQUENCE {
Hoffman, Ed. Informational [Page 21]
RFC 4134 Examples of S/MIME Messages July 2005
379 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
384 04 22: OCTET STRING, encapsulates {
386 30 20: SEQUENCE {
388 81 18: [1] 'BobRSA@example.com>.
[RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
"Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
DOI 10.17487/RFC4861, September 2007,
<https://www.rfc-editor.org/info/rfc4861>.
[RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
Address Autoconfiguration", RFC 4862,
DOI 10.17487/RFC4862, September 2007,
<https://www.rfc-editor.org/info/rfc4862>.
Templin & Whyman Expires June 13, 2021 [Page 49]
Internet-Draft IPv6 over OMNI Interfaces December 2020
[RFC6088] Tsirtsis, G., Giarreta, G., Soliman, H., and N. Montavont,
"Traffic Selectors for Flow Bindings", RFC 6088,
DOI 10.17487/RFC6088, January 2011,
<https://www.rfc-editor.org/info/rfc6088>.
[RFC8028] Baker, F. and B. Carpenter, "First-Hop Router Selection by
Hosts in a Multi-Prefix Network", RFC 8028,
DOI 10.17487/RFC8028, November 2016,
<https://www.rfc-editor.org/info/rfc8028>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", STD 86, RFC 8200,
DOI 10.17487/RFC8200, July 2017,
<https://www.rfc-editor.org/info/rfc8200>.
[RFC8201] McCann, J., Deering, S., Mogul, J., and R. Hinden, Ed.,
"Path MTU Discovery for IP version 6", STD 87, RFC 8201,
DOI 10.17487/RFC8201, July 2017,
<https://www.rfc-editor.org/info/rfc8201>.
[RFC8415] Mrugalski, T., Siodelski, M., Volz, B., Yourtchenko, A.,
Richardson, M., Jiang, S., Lemon, T., and T. Winters,
"Dynamic Host Configuration Protocol for IPv6 (DHCPv6)",
RFC 8415, DOI 10.17487/RFC8415, November 2018,
<https://www.rfc-editor.org/info/rfc8415>.
23.2. Informative References
[ATN] Maiolla, V., "The OMNI Interface - An IPv6 Air/Ground
Interface for Civil Aviation, IETF Liaison Statement
#1676, https://datatracker.ietf.org/liaison/1676/", March
2020.
[CRC] Jain, R., "Error Characteristics of Fiber Distributed Data
Interface (FDDI), IEEE Transactions on Communications",
August 1990.
[I-D.ietf-6man-rfc4941bis]
Gont, F., Krishnan, S., Narten, T., and R. Draves,
"Temporary Address Extensions for Stateless Address
Autoconfiguration in IPv6", draft-ietf-6man-rfc4941bis-12
(work in progress), November 2020.
Templin & Whyman Expires June 13, 2021 [Page 50]
Internet-Draft IPv6 over OMNI Interfaces December 2020
[I-D.ietf-intarea-tunnels]
Touch, J. and M. Townsley, "IP Tunnels in the Internet
Architecture", draft-ietf-intarea-tunnels-10 (work in
progress), September 2019.
[I-D.ietf-ipwave-vehicular-networking]
Jeong, J., "IPv6 Wireless Access in Vehicular Environments
(IPWAVE): Problem Statement and Use Cases", draft-ietf-
ipwave-vehicular-networking-19 (work in progress), July
2020.
[I-D.templin-6man-dhcpv6-ndopt]
Templin, F., "A Unified Stateful/Stateless Configuration
Service for IPv6", draft-templin-6man-dhcpv6-ndopt-10
(work in progress), June 2020.
[I-D.templin-6man-lla-type]
Templin, F., "The IPv6 Link-Local Address Type Field",
draft-templin-6man-lla-type-02 (work in progress),
November 2020.
[I-D.templin-intarea-6706bis]
Templin, F., "Asymmetric Extended Route Optimization
(AERO)", draft-templin-intarea-6706bis-74 (work in
progress), December 2020.
[RFC1122] Braden, R., Ed., "Requirements for Internet Hosts -
Communication Layers", STD 3, RFC 1122,
DOI 10.17487/RFC1122, October 1989,
<https://www.rfc-editor.org/info/rfc1122>.
[RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191,
DOI 10.17487/RFC1191, November 1990,
<https://www.rfc-editor.org/info/rfc1191>.
[RFC1256] Deering, S., Ed., "ICMP Router Discovery Messages",
RFC 1256, DOI 10.17487/RFC1256, September 1991,
<https://www.rfc-editor.org/info/rfc1256>.
[RFC2131] Droms, R., "Dynamic Host Configuration Protocol",
RFC 2131, DOI 10.17487/RFC2131, March 1997,
<https://www.rfc-editor.org/info/rfc2131>.
[RFC2225] Laubach, M. and J. Halpern, "Classical IP and ARP over
ATM", RFC 2225, DOI 10.17487/RFC2225, April 1998,
<https://www.rfc-editor.org/info/rfc2225>.
Templin & Whyman Expires June 13, 2021 [Page 51]
Internet-Draft IPv6 over OMNI Interfaces December 2020
[RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet
Networks", RFC 2464, DOI 10.17487/RFC2464, December 1998,
<https://www.rfc-editor.org/info/rfc2464>.
[RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in
IPv6 Specification", RFC 2473, DOI 10.17487/RFC2473,
December 1998, <https://www.rfc-editor.org/info/rfc2473>.
[RFC2492] Armitage, G., Schulter, P., and M. Jork, "IPv6 over ATM
Networks", RFC 2492, DOI 10.17487/RFC2492, January 1999,
<https://www.rfc-editor.org/info/rfc2492>.
[RFC2529] Carpenter, B. and C. Jung, "Transmission of IPv6 over IPv4
Domains without Explicit Tunnels", RFC 2529,
DOI 10.17487/RFC2529, March 1999,
<https://www.rfc-editor.org/info/rfc2529>.
[RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group
MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000,
<https://www.rfc-editor.org/info/rfc2863>.
[RFC3692] Narten, T., "Assigning Experimental and Testing Numbers
Considered Useful", BCP 82, RFC 3692,
DOI 10.17487/RFC3692, January 2004,
<https://www.rfc-editor.org/info/rfc3692>.
[RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener
Discovery Version 2 (MLDv2) for IPv6", RFC 3810,
DOI 10.17487/RFC3810, June 2004,
<https://www.rfc-editor.org/info/rfc3810>.
[RFC3819] Karn, P., Ed., Bormann, C., Fairhurst, G., Grossman, D.,
Ludwig, R., Mahdavi, J., Montenegro, G., Touch, J., and L.
Wood, "Advice for Internet Subnetwork Designers", BCP 89,
RFC 3819, DOI 10.17487/RFC3819, July 2004,
<https://www.rfc-editor.org/info/rfc3819>.
[RFC3879] Huitema, C. and B. Carpenter, "Deprecating Site Local
Addresses", RFC 3879, DOI 10.17487/RFC3879, September
2004, <https://www.rfc-editor.org/info/rfc3879>.
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, DOI 10.17487/RFC4301,
December 2005, <https://www.rfc-editor.org/info/rfc4301>.
Templin & Whyman Expires June 13, 2021 [Page 52]
Internet-Draft IPv6 over OMNI Interfaces December 2020
[RFC4380] Huitema, C., "Teredo: Tunneling IPv6 over UDP through
Network Address Translations (NATs)", RFC 4380,
DOI 10.17487/RFC4380, February 2006,
<https://www.rfc-editor.org/info/rfc4380>.
[RFC4389] Thaler, D., Talwar, M., and C. Patel, "Neighbor Discovery
Proxies (ND Proxy)", RFC 4389, DOI 10.17487/RFC4389, April
2006, <https://www.rfc-editor.org/info/rfc4389>.
[RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD)
for IPv6", RFC 4429, DOI 10.17487/RFC4429, April 2006,
<https://www.rfc-editor.org/info/rfc4429>.
[RFC4541] Christensen, M., Kimball, K., and F. Solensky,
"Considerations for Internet Group Management Protocol
(IGMP) and Multicast Listener Discovery (MLD) Snooping
Switches", RFC 4541, DOI 10.17487/RFC4541, May 2006,
<https://www.rfc-editor.org/info/rfc4541>.
[RFC4605] Fenner, B., He, H., Haberman, B., and H. Sandick,
"Internet Group Management Protocol (IGMP) / Multicast
Listener Discovery (MLD)-Based Multicast Forwarding
("IGMP/MLD Proxying")", RFC 4605, DOI 10.17487/RFC4605,
August 2006, <https://www.rfc-editor.org/info/rfc4605>.
[RFC4821] Mathis, M. and J. Heffner, "Packetization Layer Path MTU
Discovery", RFC 4821, DOI 10.17487/RFC4821, March 2007,
<https://www.rfc-editor.org/info/rfc4821>.
[RFC4963] Heffner, J., Mathis, M., and B. Chandler, "IPv4 Reassembly
Errors at High Data Rates", RFC 4963,
DOI 10.17487/RFC4963, July 2007,
<https://www.rfc-editor.org/info/rfc4963>.
[RFC5175] Haberman, B., Ed. and R. Hinden, "IPv6 Router
Advertisement Flags Option", RFC 5175,
DOI 10.17487/RFC5175, March 2008,
<https://www.rfc-editor.org/info/rfc5175>.
[RFC5213] Gundavelli, S., Ed., Leung, K., Devarapalli, V.,
Chowdhury, K., and B. Patil, "Proxy Mobile IPv6",
RFC 5213, DOI 10.17487/RFC5213, August 2008,
<https://www.rfc-editor.org/info/rfc5213>.
[RFC5214] Templin, F., Gleeson, T., and D. Thaler, "Intra-Site
Automatic Tunnel Addressing Protocol (ISATAP)", RFC 5214,
DOI 10.17487/RFC5214, March 2008,
<https://www.rfc-editor.org/info/rfc5214>.
Templin & Whyman Expires June 13, 2021 [Page 53]
Internet-Draft IPv6 over OMNI Interfaces December 2020
[RFC5558] Templin, F., Ed., "Virtual Enterprise Traversal (VET)",
RFC 5558, DOI 10.17487/RFC5558, February 2010,
<https://www.rfc-editor.org/info/rfc5558>.
[RFC5798] Nadas, S., Ed., "Virtual Router Redundancy Protocol (VRRP)
Version 3 for IPv4 and IPv6", RFC 5798,
DOI 10.17487/RFC5798, March 2010,
<https://www.rfc-editor.org/info/rfc5798>.
[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010,
<https://www.rfc-editor.org/info/rfc5880>.
[RFC6081] Thaler, D., "Teredo Extensions", RFC 6081,
DOI 10.17487/RFC6081, January 2011,
<https://www.rfc-editor.org/info/rfc6081>.
[RFC6221] Miles, D., Ed., Ooghe, S., Dec, W., Krishnan, S., and A.
Kavanagh, "Lightweight DHCPv6 Relay Agent", RFC 6221,
DOI 10.17487/RFC6221, May 2011,
<https://www.rfc-editor.org/info/rfc6221>.
[RFC6355] Narten, T. and J. Johnson, "Definition of the UUID-Based
DHCPv6 Unique Identifier (DUID-UUID)", RFC 6355,
DOI 10.17487/RFC6355, August 2011,
<https://www.rfc-editor.org/info/rfc6355>.
[RFC6543] Gundavelli, S., "Reserved IPv6 Interface Identifier for
Proxy Mobile IPv6", RFC 6543, DOI 10.17487/RFC6543, May
2012, <https://www.rfc-editor.org/info/rfc6543>.
[RFC7084] Singh, H., Beebee, W., Donley, C., and B. Stark, "Basic
Requirements for IPv6 Customer Edge Routers", RFC 7084,
DOI 10.17487/RFC7084, November 2013,
<https://www.rfc-editor.org/info/rfc7084>.
[RFC7421] Carpenter, B., Ed., Chown, T., Gont, F., Jiang, S.,
Petrescu, A., and A. Yourtchenko, "Analysis of the 64-bit
Boundary in IPv6 Addressing", RFC 7421,
DOI 10.17487/RFC7421, January 2015,
<https://www.rfc-editor.org/info/rfc7421>.
[RFC7526] Troan, O. and B. Carpenter, Ed., "Deprecating the Anycast
Prefix for 6to4 Relay Routers", BCP 196, RFC 7526,
DOI 10.17487/RFC7526, May 2015,
<https://www.rfc-editor.org/info/rfc7526>.
Templin & Whyman Expires June 13, 2021 [Page 54]
Internet-Draft IPv6 over OMNI Interfaces December 2020
[RFC7542] DeKok, A., "The Network Access Identifier", RFC 7542,
DOI 10.17487/RFC7542, May 2015,
<https://www.rfc-editor.org/info/rfc7542>.
[RFC7739] Gont, F., "Security Implications of Predictable Fragment
Identification Values", RFC 7739, DOI 10.17487/RFC7739,
February 2016, <https://www.rfc-editor.org/info/rfc7739>.
[RFC7847] Melia, T., Ed. and S. Gundavelli, Ed., "Logical-Interface
Support for IP Hosts with Multi-Access Support", RFC 7847,
DOI 10.17487/RFC7847, May 2016,
<https://www.rfc-editor.org/info/rfc7847>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>.
[RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L.,
Decraene, B., Litkowski, S., and R. Shakir, "Segment
Routing Architecture", RFC 8402, DOI 10.17487/RFC8402,
July 2018, <https://www.rfc-editor.org/info/rfc8402>.
[RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J.,
Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header
(SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020,
<https://www.rfc-editor.org/info/rfc8754>.
[RFC8900] Bonica, R., Baker, F., Huston, G., Hinden, R., Troan, O.,
and F. Gont, "IP Fragmentation Considered Fragile",
BCP 230, RFC 8900, DOI 10.17487/RFC8900, September 2020,
<https://www.rfc-editor.org/info/rfc8900>.
Appendix A. Interface Attribute Preferences Bitmap Encoding
Adaptation of the OMNI option Interface Attributes Preferences Bitmap
encoding to specific Internetworks such as the Aeronautical
Telecommunications Network with Internet Protocol Services (ATN/IPS)
may include link selection preferences based on other traffic
classifiers (e.g., transport port numbers, etc.) in addition to the
existing DSCP-based preferences. Nodes on specific Internetworks
maintain a map of traffic classifiers to additional P[*] preference
fields beyond the first 64. For example, TCP port 22 maps to P[67],
TCP port 443 maps to P[70], UDP port 8060 maps to P[76], etc.
Implementations use Simplex or Indexed encoding formats for P[*]
encoding in order to encode a given set of traffic classifiers in the
most efficient way. Some use cases may be more efficiently coded
Templin & Whyman Expires June 13, 2021 [Page 55]
Internet-Draft IPv6 over OMNI Interfaces December 2020
using Simplex form, while others may be more efficient using Indexed.
Once a format is selected for preparation of a single Interface
Attribute the same format must be used for the entire Interface
Attribute sub-option. Different sub-options may use different
formats.
The following figures show coding examples for various Simplex and
Indexed formats:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sub-Type=2 | Sub-length=N | ifIndex | ifType |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Provider ID | Link |R| API | Bitmap(0)=0xff|P00|P01|P02|P03|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|P04|P05|P06|P07|P08|P09|P10|P11|P12|P13|P14|P15|P16|P17|P18|P19|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|P20|P21|P22|P23|P24|P25|P26|P27|P28|P29|P30|P31| Bitmap(1)=0xff|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|P32|P33|P34|P35|P36|P37|P38|P39|P40|P41|P42|P43|P44|P45|P46|P47|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|P48|P49|P50|P51|P52|P53|P54|P55|P56|P57|P58|P59|P60|P61|P62|P63|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Bitmap(2)=0xff|P64|P65|P67|P68| ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
Figure 19: Example 1: Dense Simplex Encoding
Templin & Whyman Expires June 13, 2021 [Page 56]
Internet-Draft IPv6 over OMNI Interfaces December 2020
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sub-Type=2 | Sub-length=N | ifIndex | ifType |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Provider ID | Link |R| API | Bitmap(0)=0x00| Bitmap(1)=0x0f|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|P48|P49|P50|P51|P52|P53|P54|P55|P56|P57|P58|P59|P60|P61|P62|P63|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Bitmap(2)=0x00| Bitmap(3)=0x00| Bitmap(4)=0x00| Bitmap(5)=0x00|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Bitmap(6)=0xf0|192|193|194|195|196|197|198|199|200|201|202|203|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|204|205|206|207| Bitmap(7)=0x00| Bitmap(8)=0x0f|272|273|274|275|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|276|277|278|279|280|281|282|283|284|285|286|287| Bitmap(9)=0x00|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Bitmap(10)=0x00| ...
+-+-+-+-+-+-+-+-+-+-+-
Figure 20: Example 2: Sparse Simplex Encoding
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sub-Type=2 | Sub-length=N | ifIndex | ifType |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Provider ID | Link |R| API | Index = 0x00 | Bitmap = 0x80 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|P00|P01|P02|P03| Index = 0x01 | Bitmap = 0x01 |P60|P61|P62|P63|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Index = 0x10 | Bitmap = 0x80 |512|513|514|515| Index = 0x18 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Bitmap = 0x01 |796|797|798|799| ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
Figure 21: Example 3: Indexed Encoding
Appendix B. VDL Mode 2 Considerations
ICAO Doc 9776 is the "Technical Manual for VHF Data Link Mode 2"
(VDLM2) that specifies an essential radio frequency data link service
for aircraft and ground stations in worldwide civil aviation air
traffic management. The VDLM2 link type is "multicast capable"
[RFC4861], but with considerable differences from common multicast
links such as Ethernet and IEEE 802.11.
Templin & Whyman Expires June 13, 2021 [Page 57]
Internet-Draft IPv6 over OMNI Interfaces December 2020
First, the VDLM2 link data rate is only 31.5Kbps - multiple orders of
magnitude less than most modern wireless networking gear. Second,
due to the low available link bandwidth only VDLM2 ground stations
(i.e., and not aircraft) are permitted to send broadcasts, and even
so only as compact layer 2 "beacons". Third, aircraft employ the
services of ground stations by performing unicast RS/RA exchanges
upon receipt of beacons instead of listening for multicast RA
messages and/or sending multicast RS messages.
This beacon-oriented unicast RS/RA approach is necessary to conserve
the already-scarce available link bandwidth. Moreover, since the
numbers of beaconing ground stations operating within a given spatial
range must be kept as sparse as possible, it would not be feasible to
have different classes of ground stations within the same region
observing different protocols. It is therefore highly desirable that
all ground stations observe a common language of RS/RA as specified
in this document.
Note that links of this nature may benefit from compression
techniques that reduce the bandwidth necessary for conveying the same
amount of data. The IETF lpwan working group is considering possible
alternatives: [https://datatracker.ietf.org/wg/lpwan/documents].
Appendix C. MN / AR Isolation Through L2 Address Mapping
Per [RFC4861], IPv6 ND messages may be sent to either a multicast or
unicast link-scoped IPv6 destination address. However, IPv6 ND
messaging should be coordinated between the MN and AR only without
invoking other nodes on the ANET. This implies that MN / AR control
messaging should be isolated and not overheard by other nodes on the
link.
To support MN / AR isolation on some ANET links, ARs can maintain an
OMNI-specific unicast L2 address ("MSADDR"). For Ethernet-compatible
ANETs, this specification reserves one Ethernet unicast address TBD2
(see: Section 19). For non-Ethernet statically-addressed ANETs,
MSADDR is reserved per the assigned numbers authority for the ANET
addressing space. For still other ANETs, MSADDR may be dynamically
discovered through other means, e.g., L2 beacons.
MNs map the L3 addresses of all IPv6 ND messages they send (i.e.,
both multicast and unicast) to MSADDR instead of to an ordinary
unicast or multicast L2 address. In this way, all of the MN's IPv6
ND messages will be received by ARs that are configured to accept
packets destined to MSADDR. Note that multiple ARs on the link could
be configured to accept packets destined to MSADDR, e.g., as a basis
for supporting redundancy.
Templin & Whyman Expires June 13, 2021 [Page 58]
Internet-Draft IPv6 over OMNI Interfaces December 2020
Therefore, ARs must accept and process packets destined to MSADDR,
while all other devices must not process packets destined to MSADDR.
This model has well-established operational experience in Proxy
Mobile IPv6 (PMIP) [RFC5213][RFC6543].
Appendix D. Change Log
<< RFC Editor - remove prior to publication >>
Differences from draft-templin-6man-omni-interface-35 to draft-
templin-6man-omni-interface-36:
o Major clarifications on aspects such as "hard/soft" PTB error
messages
o Made generic so that either IP protocol version (IPv4 or IPv6) can
be used in the data plane.
Differences from draft-templin-6man-omni-interface-31 to draft-
templin-6man-omni-interface-32:
o MTU
o Support for multi-hop ANETS such as ISATAP.
Differences from draft-templin-6man-omni-interface-29 to draft-
templin-6man-omni-interface-30:
o Moved link-layer addressing information into the OMNI option on a
per-ifIndex basis
o Renamed "ifIndex-tuple" to "Interface Attributes"
Differences from draft-templin-6man-omni-interface-27 to draft-
templin-6man-omni-interface-28:
o Updates based on implementation expereince.
Differences from draft-templin-6man-omni-interface-25 to draft-
templin-6man-omni-interface-26:
o Further clarification on "aggregate" RA messages.
o Expanded Security Considerations to discuss expectations for
security in the Mobility Service.
Differences from draft-templin-6man-omni-interface-20 to draft-
templin-6man-omni-interface-21:
Templin & Whyman Expires June 13, 2021 [Page 59]
Internet-Draft IPv6 over OMNI Interfaces December 2020
o Safety-Based Multilink (SBM) and Performance-Based Multilink
(PBM).
Differences from draft-templin-6man-omni-interface-18 to draft-
templin-6man-omni-interface-19:
o SEND/CGA.
Differences from draft-templin-6man-omni-interface-17 to draft-
templin-6man-omni-interface-18:
o Teredo
Differences from draft-templin-6man-omni-interface-14 to draft-
templin-6man-omni-interface-15:
o Prefix length discussions removed.
Differences from draft-templin-6man-omni-interface-12 to draft-
templin-6man-omni-interface-13:
o Teredo
Differences from draft-templin-6man-omni-interface-11 to draft-
templin-6man-omni-interface-12:
o Major simplifications and clarifications on MTU and fragmentation.
o Document now updates RFC4443 and RFC8201.
Differences from draft-templin-6man-omni-interface-10 to draft-
templin-6man-omni-interface-11:
o Removed /64 assumption, resulting in new OMNI address format.
Differences from draft-templin-6man-omni-interface-07 to draft-
templin-6man-omni-interface-08:
o OMNI MNs in the open Internet
Differences from draft-templin-6man-omni-interface-06 to draft-
templin-6man-omni-interface-07:
o Brought back L2 MSADDR mapping text for MN / AR isolation based on
L2 addressing.
o Expanded "Transition Considerations".
Templin & Whyman Expires June 13, 2021 [Page 60]
Internet-Draft IPv6 over OMNI Interfaces December 2020
Differences from draft-templin-6man-omni-interface-05 to draft-
templin-6man-omni-interface-06:
o Brought back OMNI option "R" flag, and discussed its use.
Differences from draft-templin-6man-omni-interface-04 to draft-
templin-6man-omni-interface-05:
o Transition considerations, and overhaul of RS/RA addressing with
the inclusion of MSE addresses within the OMNI option instead of
as RS/RA addresses (developed under FAA SE2025 contract number
DTFAWA-15-D-00030).
Differences from draft-templin-6man-omni-interface-02 to draft-
templin-6man-omni-interface-03:
o Added "advisory PTB messages" under FAA SE2025 contract number
DTFAWA-15-D-00030.
Differences from draft-templin-6man-omni-interface-01 to draft-
templin-6man-omni-interface-02:
o Removed "Primary" flag and supporting text.
o Clarified that "Router Lifetime" applies to each ANET interface
independently, and that the union of all ANET interface Router
Lifetimes determines MSE lifetime.
Differences from draft-templin-6man-omni-interface-00 to draft-
templin-6man-omni-interface-01:
o "All-MSEs" OMNI LLA defined. Also reserved fe80::ff00:0000/104
for future use (most likely as "pseudo-multicast").
o Non-normative discussion of alternate OMNI LLA construction form
made possible if the 64-bit assumption were relaxed.
First draft version (draft-templin-atn-aero-interface-00):
o Draft based on consensus decision of ICAO Working Group I Mobility
Subgroup March 22, 2019.
Authors' Addresses
Templin & Whyman Expires June 13, 2021 [Page 61]
Internet-Draft IPv6 over OMNI Interfaces December 2020
Fred L. Templin (editor)
The Boeing Company
P.O. Box 3707
Seattle, WA 98124
USA
Email: fltemplin@acm.org
Tony Whyman
MWA Ltd c/o Inmarsat Global Ltd
99 City Road
London EC1Y 1AX
England
Email: tony.whyman@mccallumwhyman.com
Templin & Whyman Expires June 13, 2021 [Page 62]