An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID)
RFC 4843
Document | Type |
RFC - Experimental
(April 2007; No errata)
Obsoleted by RFC 7343
Was draft-laganier-ipv6-khi (individual in int area)
|
|
---|---|---|---|
Authors | Pekka Nikander , Julien Laganier , Francis Dupont | ||
Last updated | 2018-12-20 | ||
Stream | Internent Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4843 (Experimental) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Jari Arkko | ||
Send notices to | (None) |
Network Working Group P. Nikander Request for Comments: 4843 Ericsson Research Nomadic Lab Category: Experimental J. Laganier DoCoMo Euro-Labs F. Dupont CELAR April 2007 An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID) Status of This Memo This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract This document introduces Overlay Routable Cryptographic Hash Identifiers (ORCHID) as a new, experimental class of IPv6-address- like identifiers. These identifiers are intended to be used as endpoint identifiers at applications and Application Programming Interfaces (API) and not as identifiers for network location at the IP layer, i.e., locators. They are designed to appear as application layer entities and at the existing IPv6 APIs, but they should not appear in actual IPv6 headers. To make them more like vanilla IPv6 addresses, they are expected to be routable at an overlay level. Consequently, while they are considered non-routable addresses from the IPv6 layer point-of-view, all existing IPv6 applications are expected to be able to use them in a manner compatible with current IPv6 addresses. This document requests IANA to allocate a temporary prefix out of the IPv6 addressing space for Overlay Routable Cryptographic Hash Identifiers. By default, the prefix will be returned to IANA in 2014, with continued use requiring IETF consensus. Nikander, et al. Experimental [Page 1] RFC 4843 Cryptographic Hash IDentifiers (ORCHID) April 2007 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Rationale and Intent . . . . . . . . . . . . . . . . . . . 3 1.2. ORCHID Properties . . . . . . . . . . . . . . . . . . . . 4 1.3. Expected use of ORCHIDs . . . . . . . . . . . . . . . . . 4 1.4. Action Plan . . . . . . . . . . . . . . . . . . . . . . . 4 1.5. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 2. Cryptographic Hash Identifier Construction . . . . . . . . . . 5 3. Routing Considerations . . . . . . . . . . . . . . . . . . . . 6 3.1. Overlay Routing . . . . . . . . . . . . . . . . . . . . . 6 4. Collision Considerations . . . . . . . . . . . . . . . . . . . 7 5. Design Choices . . . . . . . . . . . . . . . . . . . . . . . . 9 6. Security Considerations . . . . . . . . . . . . . . . . . . . 9 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 11 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11 9.1. Normative References . . . . . . . . . . . . . . . . . . . 11 9.2. Informative References . . . . . . . . . . . . . . . . . . 11 1. Introduction This document introduces Overlay Routable Cryptographic Hash Identifiers (ORCHID), a new class of IP address-like identifiers. These identifiers are intended to be globally unique in a statistical sense (see Section 4), non-routable at the IP layer, and routable at some overlay layer. The identifiers are securely bound, via a secure hash function, to the concatenation of an input bitstring and a context tag. Typically, but not necessarily, the input bitstring will include a suitably encoded public cryptographic key. 1.1. Rationale and Intent These identifiers are expected to be used at the existing IPv6 Application Programming Interfaces (API) and application protocols between consenting hosts. They may be defined and used in different contexts, suitable for different overlay protocols. Examples of these include Host Identity Tags (HIT) in the Host Identity Protocol (HIP) [HIP-BASE] and Temporary Mobile Identifiers (TMI) for Mobile IPv6 Privacy Extension [PRIVACYTEXT]. As these identifiers are expected to be used along with IPv6 addresses at both applications and APIs, co-ordination is desired to make sure that an ORCHID is not inappropriately taken for a vanilla IPv6 address and vice versa. In practice, allocation of a separate prefix for ORCHIDs seems to suffice, making them compatible with IPv6 addresses at the upper layers while simultaneously making it trivial to prevent their usage at the IP layer.Show full document text