An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID)
RFC 4843
| Document | Type |
RFC - Experimental
(April 2007; No errata)
Obsoleted by RFC 7343
Was draft-laganier-ipv6-khi (individual in int area)
|
|
|---|---|---|---|
| Authors | Pekka Nikander , Julien Laganier , Francis Dupont | ||
| Last updated | 2018-12-20 | ||
| Stream | Internent Engineering Task Force (IETF) | ||
| Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 4843 (Experimental) | |
| Action Holders |
(None)
|
||
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Jari Arkko | ||
| Send notices to | (None) | ||
Network Working Group P. Nikander
Request for Comments: 4843 Ericsson Research Nomadic Lab
Category: Experimental J. Laganier
DoCoMo Euro-Labs
F. Dupont
CELAR
April 2007
An IPv6 Prefix for
Overlay Routable Cryptographic Hash Identifiers (ORCHID)
Status of This Memo
This memo defines an Experimental Protocol for the Internet
community. It does not specify an Internet standard of any kind.
Discussion and suggestions for improvement are requested.
Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Abstract
This document introduces Overlay Routable Cryptographic Hash
Identifiers (ORCHID) as a new, experimental class of IPv6-address-
like identifiers. These identifiers are intended to be used as
endpoint identifiers at applications and Application Programming
Interfaces (API) and not as identifiers for network location at the
IP layer, i.e., locators. They are designed to appear as application
layer entities and at the existing IPv6 APIs, but they should not
appear in actual IPv6 headers. To make them more like vanilla IPv6
addresses, they are expected to be routable at an overlay level.
Consequently, while they are considered non-routable addresses from
the IPv6 layer point-of-view, all existing IPv6 applications are
expected to be able to use them in a manner compatible with current
IPv6 addresses.
This document requests IANA to allocate a temporary prefix out of the
IPv6 addressing space for Overlay Routable Cryptographic Hash
Identifiers. By default, the prefix will be returned to IANA in
2014, with continued use requiring IETF consensus.
Nikander, et al. Experimental [Page 1]
RFC 4843 Cryptographic Hash IDentifiers (ORCHID) April 2007
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Rationale and Intent . . . . . . . . . . . . . . . . . . . 3
1.2. ORCHID Properties . . . . . . . . . . . . . . . . . . . . 4
1.3. Expected use of ORCHIDs . . . . . . . . . . . . . . . . . 4
1.4. Action Plan . . . . . . . . . . . . . . . . . . . . . . . 4
1.5. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4
2. Cryptographic Hash Identifier Construction . . . . . . . . . . 5
3. Routing Considerations . . . . . . . . . . . . . . . . . . . . 6
3.1. Overlay Routing . . . . . . . . . . . . . . . . . . . . . 6
4. Collision Considerations . . . . . . . . . . . . . . . . . . . 7
5. Design Choices . . . . . . . . . . . . . . . . . . . . . . . . 9
6. Security Considerations . . . . . . . . . . . . . . . . . . . 9
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 11
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
9.1. Normative References . . . . . . . . . . . . . . . . . . . 11
9.2. Informative References . . . . . . . . . . . . . . . . . . 11
1. Introduction
This document introduces Overlay Routable Cryptographic Hash
Identifiers (ORCHID), a new class of IP address-like identifiers.
These identifiers are intended to be globally unique in a statistical
sense (see Section 4), non-routable at the IP layer, and routable at
some overlay layer. The identifiers are securely bound, via a secure
hash function, to the concatenation of an input bitstring and a
context tag. Typically, but not necessarily, the input bitstring
will include a suitably encoded public cryptographic key.
1.1. Rationale and Intent
These identifiers are expected to be used at the existing IPv6
Application Programming Interfaces (API) and application protocols
between consenting hosts. They may be defined and used in different
contexts, suitable for different overlay protocols. Examples of
these include Host Identity Tags (HIT) in the Host Identity Protocol
(HIP) [HIP-BASE] and Temporary Mobile Identifiers (TMI) for Mobile
IPv6 Privacy Extension [PRIVACYTEXT].
As these identifiers are expected to be used along with IPv6
addresses at both applications and APIs, co-ordination is desired to
make sure that an ORCHID is not inappropriately taken for a vanilla
IPv6 address and vice versa. In practice, allocation of a separate
prefix for ORCHIDs seems to suffice, making them compatible with IPv6
addresses at the upper layers while simultaneously making it trivial
to prevent their usage at the IP layer.
Show full document text