[dtn-security] Re(2): Is there a "secure" reference implementation of the DTN stack?

Peter Lovell <plovell@mac.com> Sun, 28 June 2009 05:24 UTC

Received: from asmtpout020.mac.com (asmtpout020.mac.com [17.148.16.95]) by maillists.intel-research.net (8.13.8/8.13.8) with ESMTP id n5S5OaJD016829 for <dtn-security@maillists.intel-research.net>; Sat, 27 Jun 2009 22:24:36 -0700
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=ISO-8859-1
Received: from [192.168.1.107] (pa-67-234-153-81.dhcp.embarqhsd.net [67.234.153.81]) by asmtp020.mac.com (Sun Java(tm) System Messaging Server 6.3-8.01 (built Dec 16 2008; 32bit)) with ESMTPSA id <0KLX00H64OA7F750@asmtp020.mac.com> for dtn-security@maillists.intel-research.net; Sat, 27 Jun 2009 22:22:58 -0700 (PDT)
From: Peter Lovell <plovell@mac.com>
To: "Graham Keellings (Leonix Solutions Pte Ltd)" <Graham@LeonixSolutions.com>
Date: Sun, 28 Jun 2009 01:22:55 -0400
Message-id: <20090628052255.640550503@smtp.mac.com>
In-reply-to: <4A46FBB2.3080205@LeonixSolutions.com>
References: <89E48AE60E64EF4E8EB32B0B7EC74920A1B0F5@EVS-EC1-NODE2.surrey.ac.uk> <4A12195A.6000207@LeonixSolutions.com> <3A5AA67A8B120B48825BFFCF5443856137E0B06196@NDJSSCC03.ndc.nasa.gov> <4A1DD73F.50000@bbn.com> <023601c9df2a$694fd5b0$3bef8110$@com> <4A2DF7FD.5020104@LeonixSolutions.com> <3A5AA67A8B120B48825BFFCF5443856137E3553C4B@NDJSSCC03.ndc.nasa.gov> <029d01c9e925$1e354880$5a9fd980$@com> <4A46C257.3040006@LeonixSolutions.com> <20090628050243.1566215671@smtp.mac.com> <4A46FBB2.3080205@LeonixSolutions.com>
X-Mailer: CTM PowerMail version 5.6.5 build 4509 English (intel) <http://www.ctmdev.com>
Cc: dtn-security@maillists.intel-research.net
Subject: [dtn-security] Re(2): Is there a "secure" reference implementation of the DTN stack?
X-BeenThere: dtn-security@maillists.intel-research.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DTN Security Discussion <dtn-security.maillists.intel-research.net>
List-Unsubscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=unsubscribe>
List-Archive: <http://maillists.intel-research.net/pipermail/dtn-security>
List-Post: <mailto:dtn-security@maillists.intel-research.net>
List-Help: <mailto:dtn-security-request@maillists.intel-research.net?subject=help>
List-Subscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=subscribe>
X-List-Received-Date: Sun, 28 Jun 2009 05:24:36 -0000

Hi Graham,

>  there is an agreed upon standard "reference implementation" of DTN 2.6
>and Oasys 1.3, but  it lacks security features.

what security features do you find missing? The RI is not a turnkey
solution but more of a "reference framework".

I'm trying to help but am unsure of what's lacking.

Regards.....Peter



On Sun, Jun 28, 2009, Graham Keellings (Leonix Solutions Pte Ltd)
<Graham@LeonixSolutions.com> wrote:

>hi, Peter,
>
>  there is an agreed upon standard "reference implementation" of DTN 2.6
>and Oasys 1.3, but  it lacks security features.
>
>Now, let us say that someone wants a "secure" implementation - but
>doesn't care about the details of "secure", just that it is generally
>agreed to be "secure" (or (much) more so than the standard
>implementation. Is there a reference build for that which can be downloaded?
>
>My guess is that everyone's perception of "secure" differs and that even
>for one person it is a matter of trade-offs, but I just though that I
>would  ask if there is some consensus on what it means for DTN to be
>"secure".
>
>Thanks very much for taking the time to reply.
>
>With best wishes,
>
>Graham
>
>
>Peter Lovell wrote:
>> On Sun, Jun 28, 2009, Graham Keellings (Leonix Solutions Pte Ltd)
>> <Graham@leonixsolutions.com> wrote:
>>
>>
>>> Is there a "secure" reference implementation of the DTN stack available
>>> for download? Is there even agreement of what a "secure" implementation
>>> should be, or is it all a question of trade-offs?
>>>
>>> Thanks in advance for any help.
>>>
>>> Graham
>>>
>>
>>
>> Hi Graham,
>>
>> I'm not sure what you're expecting when you refer to a "secure"
>> reference implementation. Do you mean one with the security protocols,
>> or one that had been hardened, or one that has been certified by some
>> organization or other?
>>
>> If you can give a little more context we can help fill in what you need.
>>
>> Cheers.....Peter
>>
>>
>>
>
>
>--
>Technical Director
>Leonix Solutions (Pte) Ltd
>18 Boon Lay Way
>#09-95 TradeHub 21
>Singapore 609966
>Telephone:+65 6316 9968
>Fax: +65 6316 9208
>