• typically have small radar cross sections;
• make noise that is quite noticeable at short ranges but difficult to detect at distances they can quickly close (500 meters in under 13 seconds by the fastest consumer mass-market drones available in early 2021);
• typically fly at low altitudes (e.g., under 400 feet Above Ground Level (AGL) for UA to which RID applies in the US, as per [Part107]); and
• are highly maneuverable and thus can fly under trees and between buildings.

               +-----+    +-----+
               | UA1 |    | UA2 |
               +-----+    +-----+

   +----------+                   +----------+
   | General  |                   | Public   |
   | Public   |                   | Safety   |
   | Observer o------\     /------o Observer |
   +----------+      |     |      +----------+
                     |     |
                  *************
+----------+      *           *      +----------+
| UA1      |      *           *      | UA2      |
| Pilot/   o------*  Internet *------o Pilot/   |
| Operator |      *           *      | Operator |
+----------+      *           *      +----------+
                  *************
                    |   |   |
     +----------+   |   |   |   +----------+
     | Public   o---/   |   \---o Private  |
     | Registry |       |       | Registry |
     +----------+       |       +----------+
                     +--o--+
                     | DNS |
                     +-----+

• multiple Observers, some of them members of the general public and others government officers with public safety and security responsibilities,
• multiple UA in flight within observation range, each with its own pilot/operator,
• at least one registry each for lookup of public and (by authorized parties only) private information regarding the UAS and their pilots/operators, and
• in the DRIP vision, DNS resolving various identifiers and locators of the entities involved.

• Taskable: can ask it to do something useful.
• Low Concern: can reasonably assume it is not malicious and would cooperate with requests to modify its flight plans for safety concerns that arise.
• High Concern or Unidentified: can focus surveillance on it.

                     xxxxxxx
                    x       x   No  +--------------+
                   x   ID?   x+---->| Unidentified |
                    x       x       +--------------+
                     xxxxxxx
                        +
                        | Yes
                        v
                     xxxxxxx
                    x       x
        .---------+x  Type?  x+----------.
        |           x       x            |
        |            xxxxxxx             |
        |               +                |
        v               v                v
+--------------+ +--------------+ +--------------+
|  Taskable    | | Low Concern  | | High Concern |
+--------------+ +--------------+ +--------------+

• C1 ([Delegated], Part 2)
• C2 ([Delegated], Part 3)
• C3 ([Delegated], Part 4)
• C5 ([Amended], Part 16)
• C6 ([Amended], Part 17)

1. the UAS operator registration number;
2. the [CTA2063A]-compliant unique serial number of the UA;
3. a time stamp, the geographical position of the UA, and its height AGL or above its takeoff point;
4. the UA ground speed and route course measured clockwise from true north;
5. the geographical position of the Remote Pilot, or if that is not available, the geographical position of the UA takeoff point; and
6. for classes C1, C2, C3, the UAS emergency status.

4-D

Four-dimensional. Latitude, Longitude, Altitude, Time. Used especially to delineate an airspace volume in which an operation is being or will be conducted.

AAA

Attestation, Authentication, Authorization, Access Control, Accounting, Attribution, Audit, or any subset thereof (uses differ by application, author, and context). (DRIP)

ABDAA

AirBorne DAA. Accomplished using systems onboard the aircraft involved. Supports "self-separation" (remaining "well clear" of other aircraft) and collision avoidance.

ADS-B

Automatic Dependent Surveillance - Broadcast. "ADS-B Out" equipment obtains aircraft position from other on-board systems (typically GNSS) and periodically broadcasts it to "ADS-B In" equipped entities, including other aircraft, ground stations, and satellite-based monitoring systems.

AGL

Above Ground Level. Relative altitude, above the variously defined local ground level, typically of a UA, measured in feet or meters. Should be explicitly specified as either barometric (pressure) or geodetic (GNSS) altitude.

ATC

Air Traffic Control. Explicit flight direction to pilots from ground controllers. Contrast with ATM.

ATM

Air Traffic Management. A broader functional and geographic scope and/or a higher layer of abstraction than ATC. [ICAOATM] defines ATM as the following: "The dynamic, integrated management of air traffic and airspace including air traffic services, airspace management and air traffic flow management -- safely, economically and efficiently -- through the provision of facilities and seamless services in collaboration with all parties and involving airborne and ground-based functions".

Authentication Message

[F3411-19] Message Type 2. Provides framing for authentication data only; the only message that can be extended in length by segmenting it across more than one page.

Basic ID Message

[F3411-19] Message Type 0. Provides UA Type, ID Type (and Specific Session ID subtype if applicable), and UAS ID only.

Broadcast Authentication Verifier Service

System component designed to handle any authentication of Broadcast RID by offloading signature verification to a web service [F3411-19].

BVLOS

Beyond Visual Line Of Sight. See VLOS.

byte

Used here in its now-customary sense as a synonym for "octet", as "byte" is used exclusively in definitions of data structures specified in [F3411-19].

CAA

Civil Aviation Authority of a regulatory jurisdiction. Often so named, but other examples include the United States Federal Aviation Administration (FAA) and the Japan Civil Aviation Bureau.

CSWaP

Cost, Size, Weight, and Power

C2

Command and Control. Previously mostly used in military contexts. Properly refers to a function that is exercisable over arbitrary communications, but in the small UAS context, often refers to the communications (typically RF data link) over which the GCS controls the UA.

DAA

Detect And Avoid, formerly "Sense And Avoid (SAA)". A means of keeping aircraft "well clear" of each other and obstacles for safety. [ICAOUAS] defines DAA as the following: "The capability to see, sense or detect conflicting traffic or other hazards and take the appropriate action to comply with the applicable rules of flight".

DRI (not to be confused with DRIP)

Direct Remote Identification. EU regulatory requirement for "a system that ensures the local broadcast of information about a UA in operation, including the marking of the UA, so that this information can be obtained without physical access to the UA" [Delegated]. This requirement can presumably be satisfied with appropriately configured [F3411-19] Broadcast RID.

DSS

Discovery and Synchronization Service. The UTM system overlay network backbone. Most importantly, it enables one USS to learn which other USS have UAS operating in a given 4-D airspace volume, for strategic deconfliction of planned operations and Network RID surveillance of active operations. See [F3411-19].

EUROCAE

European Organisation for Civil Aviation Equipment. Aviation SDO, originally European, now with broader membership. Cooperates extensively with RTCA.

GBDAA

Ground-Based DAA. Accomplished with the aid of ground-based functions.

GCS

Ground Control Station. The part of the UAS that the Remote Pilot uses to exercise C2 over the UA, whether by remotely exercising UA flight controls to fly the UA, by setting GNSS waypoints, or by otherwise directing its flight.

GNSS

Global Navigation Satellite System. Satellite-based timing and/or positioning with global coverage, often used to support navigation.

GPS

Global Positioning System. A specific GNSS, but in the UAS context, the term is typically misused in place of the more generic term "GNSS".

GRAIN

Global Resilient Aviation Interoperable Network. ICAO-managed IPv6 overlay internetwork based on IATF that is dedicated to aviation (but not just aircraft). As currently (2021) designed, it accommodates the proposed DRIP identifier.

IATF

International Aviation Trust Framework. ICAO effort to develop a resilient and secure by design framework for networking in support of all aspects of aviation.

ICAO

International Civil Aviation Organization. A specialized agency of the United Nations that develops and harmonizes international standards relating to aviation.

IFF

Identification Friend or Foe. Originally, and in its narrow sense still, a self-identification broadcast in response to interrogation via radar to reduce friendly fire incidents, which led to military and commercial transponder systems such as ADS-B. In the broader sense used here, any process intended to distinguish friendly from potentially hostile UA or other entities encountered.

LAANC

Low Altitude Authorization and Notification Capability. Supports ATC authorization requirements for UAS operations: Remote Pilots can apply to receive a near real-time authorization for operations under 400 feet in controlled airspace near airports. FAA- authorized partial stopgap in the US until UTM comes.

Location/Vector Message

[F3411-19] Message Type 1. Provides UA location, altitude, heading, speed, and status.

LOS

Line Of Sight. An adjectival phrase describing any information transfer that travels in a nearly straight line (e.g., electromagnetic energy, whether in the visual light, RF, or other frequency range) and is subject to blockage. A term to be avoided due to ambiguity, in this context, between RF LOS and VLOS.

Message Pack

[F3411-19] Message Type 15. The framed concatenation, in message type index order, of at most one message of each type of any subset of the other types. Required to be sent in Wi-Fi NAN and in Bluetooth 5 Extended Advertisements, if those media are used; cannot be sent in Bluetooth 4.

MSL

Mean Sea Level. Shorthand for relative altitude, above the variously defined mean sea level, typically of a UA (but in [FRUR], also for a GCS), measured in feet or meters. Should be explicitly specified as either barometric (pressure) or geodetic (e.g., as indicated by GNSS, referenced to the WGS84 ellipsoid).

Net-RID DP

Network RID Display Provider. [F3411-19] logical entity that aggregates data from Net-RID SPs as needed in response to user queries regarding UAS operating within specified airspace volumes to enable display by a user application on a user device. Potentially could provide not only information sent via UAS RID but also information retrieved from UAS RID registries or information beyond UAS RID. Under superseded [NPRM], not recognized as a distinct entity, but as a service provided by USS, including public safety USS that may exist primarily for this purpose rather than to manage any subscribed UAS.

Net-RID SP

Network RID Service Provider. [F3411-19] logical entity that collects RID messages from UAS and responds to Net-RID DP queries for information on UAS of which it is aware. Under superseded [NPRM], the USS to which the UAS is subscribed (i.e., the "Remote ID USS").

Network Identification Service

EU regulatory requirement in [Opinion1], corresponding to the Electronic Identification for which Minimum Operational Performance Standards are specified in [WG105], which presumably can be satisfied with appropriately configured [F3411-19] Network RID.

Observer

An entity (typically, but not necessarily, an individual human) who has directly or indirectly observed a UA and wishes to know something about it, starting with its ID. An Observer typically is on the ground and local (within VLOS of an observed UA), but could be remote (observing via Network RID or other surveillance), operating another UA, aboard another aircraft, etc. (DRIP)

Operation

A flight, or series of flights of the same mission, by the same UAS, separated by, at most, brief ground intervals. (Inferred from UTM usage; no formal definition found.)

Operator

"A person, organization or enterprise engaged in or offering to engage in an aircraft operation" [ICAOUAS].

Operator ID Message

[F3411-19] Message Type 5. Provides CAA-issued Operator ID only. Operator ID is distinct from UAS ID.

page

Payload of a frame, containing a chunk of a message that has been segmented, that allows transport of a message longer than can be encapsulated in a single frame. See [F3411-19].

PIC

Pilot In Command. "The pilot designated by the operator, or in the case of general aviation, the owner, as being in command and charged with the safe conduct of a flight" [ICAOUAS].

PII

Personally Identifiable Information. In the UAS RID context, typically of the UAS Operator, PIC, or Remote Pilot, but possibly of an Observer or other party. This specific term is used primarily in the US; other terms with essentially the same meaning are more common in other jurisdictions (e.g., "personal data" in the EU). Used herein generically to refer to personal information that the person might wish to keep private or may have a statutorily recognized right to keep private (e.g., under the EU [GDPR]), potentially imposing (legally or ethically) a confidentiality requirement on protocols/systems.

Remote Pilot

A pilot using a GCS to exercise proximate control of a UA. Either the PIC or under the supervision of the PIC. "The person who manipulates the flight controls of a remotely-piloted aircraft during flight time" [ICAOUAS].

RF

Radio Frequency. Can be used as an adjective (e.g., "RF link") or as a noun.

RF LOS

RF Line Of Sight. Typically used in describing a direct radio link between a GCS and the UA under its control, potentially subject to blockage by foliage, structures, terrain, or other vehicles, but less so than VLOS.

RTCA

Radio Technical Commission for Aeronautics. US aviation SDO. Cooperates extensively with EUROCAE.

Safety

"The state in which risks associated with aviation activities, related to, or in direct support of the operation of aircraft, are reduced and controlled to an acceptable level" (from Annex 19 of the Chicago Convention, quoted in [ICAODEFS]).

Security

"Safeguarding civil aviation against acts of unlawful interference" (from Annex 17 of the Chicago Convention, quoted in [ICAODEFS]).

Self-ID Message

[F3411-19] Message Type 3. Provides a 1-byte descriptor and 23-byte ASCII free text field, only. Expected to be used to provide context on the operation, e.g., mission intent.

SDO

Standards Development Organization, such as ASTM, IETF, etc.

SDSP

Supplemental Data Service Provider. An entity that participates in the UTM system but provides services (e.g., weather data) beyond those specified as basic UTM system functions. See [FAACONOPS].

System Message

[F3411-19] Message Type 4. Provides general UAS information, including Remote Pilot location, multiple UA group operational area, etc.

U-space

EU concept and emerging framework for integration of UAS into all types of airspace, including but not limited to volumes that are in high-density urban areas and/or shared with manned aircraft [InitialView].

UA

Unmanned Aircraft. In popular parlance, "drone". "An aircraft which is intended to operate with no pilot on board" [ICAOUAS].

UAS

Unmanned Aircraft System. Composed of UA, all required on-board subsystems, payload, control station, other required off-board subsystems, any required launch and recovery equipment, all required crew members, and C2 links between UA and control station [F3411-19].

UAS ID

UAS identifier. Although called "UAS ID", it is actually unique to the UA, neither to the operator (as some UAS registration numbers have been and for exclusively recreational purposes are continuing to be assigned), nor to the combination of GCS and UA that comprise the UAS. Maximum length of 20 bytes [F3411-19]. If the ID Type is 4, the proposed Specific Session ID, then the 20 bytes includes the subtype index, leaving only 19 bytes for the actual identifier.

ID Type

UAS identifier type index. 4 bits. See Section 3, Paragraph 6 for current standard values 0-3 and currently proposed additional value 4. See also [F3411-19].

UAS RID

UAS Remote Identification and tracking. System to enable arbitrary Observers to identify UA during flight.

USS

UAS Service Supplier. "A USS is an entity that assists UAS Operators with meeting UTM operational requirements that enable safe and efficient use of airspace" [FAACONOPS]. In addition, "USSs provide services to support the UAS community, to connect Operators and other entities to enable information flow across the USS Network, and to promote shared situational awareness among UTM participants" [FAACONOPS].

UTM

UAS Traffic Management. "A specific aspect of air traffic management which manages UAS operations safely, economically and efficiently through the provision of facilities and a seamless set of services in collaboration with all parties and involving airborne and ground-based functions" [ICAOUTM]. In the US, according to the FAA, a "traffic management" ecosystem for "uncontrolled" UAS operations at low altitudes, separate from, but complementary to, the FAA's ATC system for "controlled" operations of manned aircraft.

V2V

Vehicle-to-Vehicle. Originally communications between automobiles, now extended to apply to communications between vehicles generally. Often, together with Vehicle-to-Infrastructure (V2I) and similar functions, generalized to V2X.

VLOS

Visual Line Of Sight. Typically used in describing operation of a UA by a "remote" pilot who can clearly and directly (without video cameras or any aids other than glasses or, under some rules, binoculars) see the UA and its immediate flight environment. Potentially subject to blockage by foliage, structures, terrain, or other vehicles, more so than RF LOS.

• Network RID defines a set of information for UAS to make available globally indirectly via the Internet, through servers that can be queried by Observers.
• Broadcast RID defines a set of messages for UA to transmit locally directly one-way over Bluetooth or Wi-Fi (without IP or any other protocols between the data link and application layers), to be received in real time by local Observers.

1

A static, manufacturer-assigned, hardware serial number as defined in "Small Unmanned Aerial Systems Serial Numbers" [CTA2063A].

2

A CAA-assigned (generally static) ID, like the registration number of a manned aircraft.

3

A UTM-system-assigned Universally Unique Identifier (UUID) [RFC 4122], which can but need not be dynamic.

4

A Specific Session ID, of any of an 8-bit range of subtypes defined external to ASTM and registered with ICAO, for which subtype 1 has been reserved by ASTM for the DRIP entity ID.

• must transmit its own serial number (neither the serial number of the UA to which it is attached, nor a Session ID),
• must transmit takeoff location as a proxy for the location of the pilot/GCS,
• need not transmit UA emergency status, and
• is allowed to be used only for operations within VLOS of the Remote Pilot.

+-------------+     ******************
|     UA      |     *    Internet    *
+--o-------o--+     *                *
   |       |        *                *
   |       |        *                *     +------------+
   |       '--------*--(+)-----------*-----o            |
   |                *   |            *     |            |
   |       .--------*--(+)-----------*-----o Net-RID SP |
   |       |        *                *     |            |
   |       |        *         .------*-----o            |
   |       |        *         |      *     +------------+
   |       |        *         |      *
   |       |        *         |      *     +------------+
   |       |        *         '------*-----o            |
   |       |        *                *     | Net-RID DP |
   |       |        *         .------*-----o            |
   |       |        *         |      *     +------------+
   |       |        *         |      *
   |       |        *         |      *     +------------+
+--o-------o--+     *         '------*-----o Observer's |
|     GCS     |     *                *     | Device     |
+-------------+     ******************     +------------+

1. The UAS operator pushes an "operational intent" (the current term in UTM corresponding to a flight plan in manned aviation) to the USS (call it USS#1) that will serve that UAS (call it UAS#1) for that operation, primarily to enable deconfliction with other operations potentially impinging upon that operation's 4-D airspace volume (call it Volume#1).
2. Assuming the operation is approved and commences, UAS#1 periodically pushes location/status updates to USS#1, which serves inter alia as the Network RID Service Provider (Net-RID SP) for that operation.
3. When users of any other USS (whether they be other UAS operators or Observers) develop an interest in any 4-D airspace volume (e.g., because they wish to submit an operational intent or because they have observed a UA), they query their own USS on the volumes in which they are interested.
4. Their USS query, via the UTM Discovery and Synchronization Service (DSS), all other USS in the UTM system and learn of any USS that have operations in those volumes (including any volumes intersecting them); thus, those USS whose query volumes intersect Volume#1 (call them USS#2 through USS#n) learn that USS#1 has such operations.
5. Interested parties can then subscribe to track updates on that operation of UAS#1, via their own USS, which serve as Network RID Display Providers (Net-RID DPs) for that operation.
6. USS#1 (as Net-RID SP) will then publish updates of UAS#1 status and position to all other subscribed USS in USS#2 through USS#n (as Net-RID DP).
7. All Net-RID DP subscribed to that operation of UAS#1 will deliver its track information to their users who subscribed to that operation of UAS#1 (via means unspecified by [F3411-19], etc., but generally presumed to be web browser based).

• Persistently Internet-connected UA can consistently directly source RID information; this requires wireless coverage throughout the intended operational airspace volume, plus a buffer (e.g., winds may drive the UA out of the volume).
• Intermittently Internet-connected UA, can usually directly source RID information, but when offline (e.g., due to signal blockage by a large structure being inspected using the UAS), need the GCS to proxy source RID information.
• Indirectly connected UA lack the ability to send IP packets that will be forwarded into and across the Internet but instead have some other form of communications to another node that can relay or proxy RID information to the Internet; typically, this node would be the GCS (which to perform its function must know where the UA is, although C2 link outages do occur).
• Non-connected UA have no means of sourcing RID information, in which case the GCS or some other interface available to the operator must source it. In the extreme case, this could be the pilot or other agent of the operator using a web browser or application to designate, to a USS or other UTM entity, a time-bounded airspace volume in which an operation will be conducted. This is referred to as a "non-equipped network participant" engaging in "area operations". This may impede disambiguation of ID if multiple UAS operate in the same or overlapping 4-D volumes. In most airspace volumes, most classes of UA will not be permitted to fly if non-connected.

• preserve operator privacy,
• enable strong authentication, and
• enable the immediate use of information by authorized parties.

1. by making it trustworthy (despite the severe constraints of Broadcast RID);
2. by enabling verification that a UAS is registered for RID, and, if so, in which registry (for classification of trusted operators on the basis of known registry vetting, even by Observers lacking Internet connectivity at observation time);
3. by facilitating independent reports of UA aeronautical data (location, velocity, etc.) to confirm or refute the operator self-reports upon which UAS RID and UTM tracking are based;
4. by enabling instant establishment, by authorized parties, of secure communications with the Remote Pilot.

GEN-1

Provable Ownership: DRIP MUST enable verification that the asserted entity (typically UAS) ID is that of the actual current sender (i.e., the Entity ID in the DRIP authenticated message set is not a replay attack or other spoof), even on an Observer device lacking Internet connectivity at the time of observation.

GEN-2

Provable Binding: DRIP MUST enable the cryptographic binding of all other [F3411-19] messages from the same actual current sender to the UAS ID asserted in the Basic ID Message.

GEN-3

Provable Registration: DRIP MUST enable cryptographically secure verification that the UAS ID is in a registry and identification of that registry, even on an Observer device lacking Internet connectivity at the time of observation; the same sender may have multiple IDs, potentially in different registries, but each ID must clearly indicate in which registry it can be found.

GEN-4

Readability: DRIP MUST enable information (regulation required elements, whether sent via UAS RID or looked up in registries) to be read and utilized by both humans and software.

GEN-5

Gateway: DRIP MUST enable application-layer gateways from Broadcast RID to Network RID to stamp messages with precise date/time received and receiver location, then relay them to a network service (e.g., SDSP or distributed ledger) whenever the gateway has Internet connectivity.

GEN-6

Contact: DRIP MUST enable dynamically establishing, with AAA, per policy, strongly mutually authenticated, end-to-end strongly encrypted communications with the UAS RID sender and entities looked up from the UAS ID, including at least the (1) pilot (Remote Pilot or Pilot In Command), (2) the USS (if any) under which the operation is being conducted, and (3) registries in which data on the UA and pilot are held. This requirement applies whenever each party to such desired communications has a currently usable means of resolving the other party's DRIP Entity Identifier to a locator (IP address) and currently usable bidirectional IP (not necessarily Internet) connectivity with the other party.

GEN-7

QoS: DRIP MUST enable policy-based specification of performance and reliability parameters.

GEN-8

Mobility: DRIP MUST support physical and logical mobility of UA, GCS, and Observers. DRIP SHOULD support mobility of essentially all participating nodes (UA, GCS, Observers, Net-RID SP, Net-RID DP, Private Registries, SDSP, and potentially others as RID and UTM evolve).

GEN-9

Multihoming: DRIP MUST support multihoming of UA and GCS, for make-before-break smooth handoff and resiliency against path or link failure. DRIP SHOULD support multihoming of essentially all participating nodes.

GEN-10

Multicast: DRIP SHOULD support multicast for efficient and flexible publish-subscribe notifications, e.g., of UAS reporting positions in designated airspace volumes.

GEN-11

Management: DRIP SHOULD support monitoring of the health and coverage of Broadcast and Network RID services.

ID-1

Length: The DRIP Entity Identifier MUST NOT be longer than 19 bytes, to fit in the Specific Session ID subfield of the UAS ID field of the Basic ID Message of the proposed revision of [F3411-19] (at the time of writing).

ID-2

Registry ID: The DRIP identifier MUST be sufficient to identify a registry in which the entity identified therewith is listed.

ID-3

Entity ID: The DRIP identifier MUST be sufficient to enable lookups of other data associated with the entity identified therewith in that registry.

ID-4

Uniqueness: The DRIP identifier MUST be unique within the applicable global identifier space from when it is first registered therein until it is explicitly deregistered therefrom (due to, e.g., expiration after a specified lifetime, revocation by the registry, or surrender by the operator).

ID-5

Non-spoofability: The DRIP identifier MUST NOT be spoofable within the context of a minimal Remote ID broadcast message set (to be specified within DRIP to be sufficient collectively to prove sender ownership of the claimed identifier).

ID-6

Unlinkability: The DRIP identifier MUST NOT facilitate adversarial correlation over multiple operations. If this is accomplished by limiting each identifier to a single use or brief period of usage, the DRIP identifier MUST support well-defined, scalable, timely registration methods.

PRIV-1

Confidential Handling: DRIP MUST enable confidential handling of private information (i.e., any and all information that neither the cognizant authority nor the information owner has designated as public, e.g., personal data).

PRIV-2

Encrypted Transport: DRIP MUST enable selective strong encryption of private data in motion in such a manner that only authorized actors can recover it. If transport is via IP, then encryption MUST be end-to-end, at or above the IP layer. DRIP MUST NOT encrypt safety critical data to be transmitted over Broadcast RID in any situation where it is unlikely that local Observers authorized to access the plaintext will be able to decrypt it or obtain it from a service able to decrypt it. DRIP MUST NOT encrypt data when/where doing so would conflict with applicable regulations or CAA policies/procedures, i.e., DRIP MUST support configurable disabling of encryption.

PRIV-3

Encrypted Storage: DRIP SHOULD facilitate selective strong encryption of private data at rest in such a manner that only authorized actors can recover it.

PRIV-4

Public/Private Designation: DRIP SHOULD facilitate designation, by cognizant authorities and information owners, of which information is public and which is private. By default, all information required to be transmitted via Broadcast RID, even when actually sent via Network RID or stored in registries, is assumed to be public; all other information held in registries for lookup using the UAS ID is assumed to be private.

PRIV-5

Pseudonymous Rendezvous: DRIP MAY enable mutual discovery of and communications among participating UAS operators whose UA are in 4-D proximity, using the UAS ID without revealing pilot/operator identity or physical location.

REG-1

Public Lookup: DRIP MUST enable lookup, from the UAS ID, of information designated by cognizant authority as public and MUST NOT restrict access to this information based on identity or role of the party submitting the query.

REG-2

Private Lookup: DRIP MUST enable lookup of private information (i.e., any and all information in a registry, associated with the UAS ID, that is designated by neither cognizant authority nor the information owner as public), and MUST, according to applicable policy, enforce AAA, including restriction of access to this information based on identity or role of the party submitting the query.

REG-3

Provisioning: DRIP MUST enable provisioning registries with static information on the UAS and its operator, dynamic information on its current operation within the U-space/UTM (including means by which the USS under which the UAS is operating may be contacted for further, typically even more dynamic, information), and Internet direct contact information for services related to the foregoing.

REG-4

AAA Policy: DRIP AAA MUST be specifiable by policies; the definitive copies of those policies must be accessible in registries; administration of those policies and all DRIP registries must be protected by AAA.

• Sybil attacks
• confusion created by many spoofed unsigned messages
• processing overload induced by attempting to verify many spoofed signed messages (where verification will fail but still consume cycles)
• malicious or malfunctioning registries
• interception by on-path attacker of (i.e., man-in-the-middle attacks on) registration messages
• UA impersonation through private key extraction, improper key sharing, or carriage of a small (presumably harmless) UA, i.e., as a "false flag", by a larger (malicious) UA

• message integrity
• non-repudiation
• defense against replay attacks
• defense against spoofing

• that which, to achieve the purpose, must be published openly as cleartext, for the benefit of any Observer (e.g., the basic UAS ID itself); and
• that which must be protected (e.g., PII of pilots) but made available to properly authorized parties (e.g., public safety personnel who urgently need to contact pilots in emergencies).

[F3411-19]

ASTM International, "Standard Specification for Remote ID and Tracking", ASTM F3411-19, DOI 10.1520/F3411-19, 02 2020,
<http://www.astm.org/cgi-bin/resolver.cgi?F3411>.

[RFC2119]

S. Bradner, "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.

[RFC8174]

B. Leiba, "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017,
<https://www.rfc-editor.org/info/rfc8174>.

[Amended]

European Parliament and Council, "Commission Delegated Regulation (EU) 2020/1058 of 27 April 2020 amending Delegated Regulation (EU) 2019/945 as regards the introduction of two new unmanned aircraft systems classes", 04 2020,
<https://eur-lex.europa.eu/eli/reg_del/2020/1058/oj>.

[ASDRI]

ASD-STAN, "Introduction to the European UAS Digital Remote ID Technical Standard", 01 2021,
<https://asd-stan.org/wp-content/uploads/ASD-STAN_DRI_Introduction_to_the_European_digital_RID_UAS_Standard.pdf>.

[ASDSTAN4709-002]

ASD-STAN, "Aerospace series - Unmanned Aircraft Systems - Part 002: Direct Remote Identification", ASD-STAN prEN 4709-002 P1, 10 2021,
<https://asd-stan.org/downloads/asd-stan-pren-4709-002-p1/>.

[CPDLC]

A. Gurtov, T. Polishchuk, and M. Wernberg, "Controller-Pilot Data Link Communication Security", DOI 10.3390/s18051636, 2018,
<https://www.mdpi.com/1424-8220/18/5/1636>.

[CTA2063A]

ANSI, "Small Unmanned Aerial Systems Serial Numbers", ANSI/CTA 2063-A, 09 2019,
<https://shop.cta.tech/products/small-unmanned-aerial-systems-serial-numbers>.

[Delegated]

European Parliament and Council, "Commission Delegated Regulation (EU) 2019/945 of 12 March 2019 on unmanned aircraft systems and on third-country operators of unmanned aircraft systems", 03 2019,
<https://eur-lex.europa.eu/eli/reg_del/2019/945/oj>.

[DRIP-ARCH]

S Card, A Wiethuechter, R Moskowitz, S Zhao, and A Gurtov, "Drone Remote Identification Protocol (DRIP) Architecture", Internet-Draft draft-ietf-drip-arch-20, January 2022,
<https://datatracker.ietf.org/doc/html/draft-ietf-drip-arch-20>.

[ENISACSIRT]

European Union Agency for Cybersecurity (ENISA), "Actionable information for Security Incident Response", 11 2014,
<https://www.enisa.europa.eu/topics/csirt-cert-services/reactive-services/copy_of_actionable-information/actionable-information>.

[EU2018]

European Parliament and Council, "2015/0277 (COD) PE-CONS 2/18", June 2018,
<https://www.consilium.europa.eu/media/35805/easa-regulation-june-2018.pdf>.

[FAACONOPS]

FAA Office of NextGen, "UTM Concept of Operations v2.0", 03 2020,
<https://www.faa.gov/uas/research_development/traffic_management/media/UTM_ConOps_v2.pdf>.

[FR24]

Flightradar24, "About Flightradar24",
<https://www.flightradar24.com/about>.

[FRUR]

Federal Aviation Administration (FAA), "Remote Identification of Unmanned Aircraft", 01 2021,
<https://www.federalregister.gov/documents/2021/01/15/2020-28948/remote-identification-of-unmanned-aircraft>.

[GDPR]

European Parliament and Council, "Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)", 04 2016,
<https://eur-lex.europa.eu/eli/reg/2016/679/oj>.

[ICAOATM]

International Civil Aviation Organization, "Procedures for Air Navigation Services: Air Traffic Management", Doc 4444, 11 2016,
<https://store.icao.int/en/procedures-for-air-navigation-services-air-traffic-management-doc-4444>.

[ICAODEFS]

International Civil Aviation Organization, "Defined terms from the Annexes to the Chicago Convention and ICAO guidance material", 07 2017,
<https://www.icao.int/safety/cargosafety/Documents/Draft%20Glossary%20of%20terms.docx>.

[ICAOUAS]

International Civil Aviation Organization, "Unmanned Aircraft Systems", Circular 328, 2011,
<https://www.icao.int/meetings/uas/documents/circular%20328_en.pdf>.

[ICAOUTM]

International Civil Aviation Organization, "Unmanned Aircraft Systems Traffic Management (UTM) - A Common Framework with Core Principles for Global Harmonization, Edition 3", 10 2020,
<https://www.icao.int/safety/UA/Documents/UTM%20Framework%20Edition%203.pdf>.

[Implementing]

European Parliament and Council, "Commission Implementing Regulation (EU) 2019/947 of 24 May 2019 on the rules and procedures for the operation of unmanned aircraft", 05 2019,
<https://eur-lex.europa.eu/eli/reg_impl/2019/947/oj>.

[InitialView]

SESAR Joint Undertaking, "Initial view on Principles for the U-space architecture", 07 2019,
<https://www.sesarju.eu/sites/default/files/documents/u-space/SESAR%20principles%20for%20U-space%20architecture.pdf>.

[LDACS]

N Maeurer, T Graeupl, and C Schmitt, "L-band Digital Aeronautical Communications System (LDACS)", Internet-Draft draft-ietf-raw-ldacs-09, October 2021,
<https://datatracker.ietf.org/doc/html/draft-ietf-raw-ldacs-09>.

[NPRM]

United States Federal Aviation Administration (FAA), "Notice of Proposed Rule Making on Remote Identification of Unmanned Aircraft Systems", 12 2019,
<https://www.federalregister.gov/documents/2019/12/31/2019-28100/remote-identification-of-unmanned-aircraft-systems>.

[OpenDroneID]

"The Open Drone ID specification", commit c4c8bb8, 03 2020,
<https://github.com/opendroneid/specs>.

[OpenSky]

OpenSky Network, "About the OpenSky Network",
<https://opensky-network.org/about/about-us>.

[Opinion1]

European Union Aviation Safety Agency (EASA), "High-level regulatory framework for the U-space", Opinion No 01/2020, 03 2020,
<https://www.easa.europa.eu/document-library/opinions/opinion-012020>.

[Part107]

Code of Federal Regulations, "Part 107 - SMALL UNMANNED AIRCRAFT SYSTEMS", 06 2016,
<https://www.ecfr.gov/cgi-bin/text-idx?node=pt14.2.107>.

[Recommendations]

FAA UAS Identification and Tracking (UAS ID) Aviation Rulemaking Committee (ARC), "UAS Identification and Tracking (UAS ID) Aviation Rulemaking Committee (ARC): ARC Recommendations Final Report", 09 2017,
<https://www.faa.gov/regulations_policies/rulemaking/committees/documents/media/UAS%20ID%20ARC%20Final%20Report%20with%20Appendices.pdf>.

[RFC4122]

P. Leach, M. Mealling, and R. Salz, "A Universally Unique IDentifier (UUID) URN Namespace", RFC 4122, DOI 10.17487/RFC4122, July 2005,
<https://www.rfc-editor.org/info/rfc4122>.

[RFC4949]

R. Shirey, "Internet Security Glossary, Version 2", FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007,
<https://www.rfc-editor.org/info/rfc4949>.

[RFC6347]

E. Rescorla, and N. Modadugu, "Datagram Transport Layer Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, January 2012,
<https://www.rfc-editor.org/info/rfc6347>.

[RFC6973]

A. Cooper, H. Tschofenig, B. Aboba, J. Peterson, J. Morris, M. Hansen, and R. Smith, "Privacy Considerations for Internet Protocols", RFC 6973, DOI 10.17487/RFC6973, July 2013,
<https://www.rfc-editor.org/info/rfc6973>.

[RFC7401]

R. Moskowitz, T. Heer, P. Jokela, and T. Henderson, "Host Identity Protocol Version 2 (HIPv2)", RFC 7401, DOI 10.17487/RFC7401, April 2015,
<https://www.rfc-editor.org/info/rfc7401>.

[RFC8280]

N. ten Oever, and C. Cath, "Research into Human Rights Protocol Considerations", RFC 8280, DOI 10.17487/RFC8280, October 2017,
<https://www.rfc-editor.org/info/rfc8280>.

[RFC9063]

R. Moskowitz, and M. Komu, "Host Identity Protocol Architecture", RFC 9063, DOI 10.17487/RFC9063, July 2021,
<https://www.rfc-editor.org/info/rfc9063>.

[Roadmap]

ANSI Unmanned Aircraft Systems Standardization Collaborative (UASSC), "Standardization Roadmap for Unmanned Aircraft Systems", 04 2020,
<https://share.ansi.org/Shared Documents/Standards Activities/UASSC/UASSC_20-001_WORKING_DRAFT_ANSI_UASSC_Roadmap_v2.pdf>.

[Stranger]

R. Heinlein, "Stranger in a Strange Land", 06 1961.

[WG105]

EUROCAE, "Minimum Operational Performance Standards (MOPS) for Unmanned Aircraft System (UAS) Electronic Identification", 06 2020.

[WiFiNAN]

Wi-Fi Alliance, "Wi-Fi Aware", 10 2020,
<https://www.wi-fi.org/discover-wi-fi/wi-fi-aware>.

Stuart W. Card

Adam Wiethuechter

Robert Moskowitz

Andrei Gurtov