Closed mglt closed 3 years ago
@mglt updated section 4.3 is proposed #27 .
And I agree, Lookup may need a little info. I am asking @Bob now....
RFC7484, cited in -arch, explains how to use DNS to find the definitive RDAP server for a given domain. A numerical representation of the domain is embedded in the HHIT. More details on this are in Adam's embryonic registries draft.
At least we need to be very clear that RDAP and DNS are different protocol and hosting different information. This might be complex since RDAP is part of the DNS ecosystem.
this has been addressed based on newly updated text for section 4.3.
4.3. HHIT for DRIP Identifier Registration and Lookup
Remote ID needs a deterministic lookup mechanism that rapidly
provides actionable information about the identified UA. Given the
size constraints imposed by the Bluetooth 4 broadcast media, the
Remote ID itself needs to be a non-spoofable inquiry input into the
lookup.
A DRIP registration process based on the explicit hierarchy within a
HHIT provides manageable uniqueness of the HI for the HHIT (defense
against a cryptographic hash second pre-image attack on the HHIT;
e.g. multiple HIs yielding the same HHIT). A lookup of the HHIT into
this registration data provides the registered HI for HHIT proof. A
first-come-first-serve registration for a HHIT provides deterministic
access to any other needed actionable information based on inquiry
access authority (more details in Section 5.2).
4.3. HHIT for DRIP Identifier Registration and Lookup
I am reading the section on lookup and registration, but it seems I am missing how the look up is performed. Regarding the registration there are some line mentioning that registries are involved, but that seems to me too few information to justify the section. I am wondering if I am not missing anything.