[dtn-security] Detail of PSB change...

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 23 February 2007 14:00 UTC

Received: from imx2.tcd.ie (wpad.iss.tcd.ie []) by webbie.berkeley.intel-research.net (8.11.6/8.11.6) with ESMTP id l1NE0nY12051 for <dtn-security@mailman.dtnrg.org>; Fri, 23 Feb 2007 06:00:49 -0800
Received: from Vams.imx2 (imx2.tcd.ie []) by imx2.tcd.ie (Postfix) with SMTP id 357D768003 for <dtn-security@mailman.dtnrg.org>; Fri, 23 Feb 2007 14:00:43 +0000 (GMT)
Received: from imx2.tcd.ie ([]) by imx2.tcd.ie ([]) with SMTP (gateway) id A074BA3240F; Fri, 23 Feb 2007 14:00:43 +0000
Received: from [] (csc144016.wlan.tcd.ie []) by imx2.tcd.ie (Postfix) with ESMTP id 2091768003 for <dtn-security@mailman.dtnrg.org>; Fri, 23 Feb 2007 14:00:43 +0000 (GMT)
Message-ID: <45DEF3D9.50701@cs.tcd.ie>
Date: Fri, 23 Feb 2007 14:02:01 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Thunderbird (Windows/20061207)
MIME-Version: 1.0
To: dtn-security@mailman.dtnrg.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-AntiVirus-Status: MessageID = A174BA3240F
X-AntiVirus-Status: Host: imx2.tcd.ie
X-AntiVirus-Status: Action Taken:
X-AntiVirus-Status: NONE
X-AntiVirus-Status: Checked by TCD Vexira. (version=1.57.6 VDF=9.62.8)
Subject: [dtn-security] Detail of PSB change...
Sender: dtn-security-admin@mailman.dtnrg.org
Errors-To: dtn-security-admin@mailman.dtnrg.org
X-BeenThere: dtn-security@mailman.dtnrg.org
X-Mailman-Version: 2.0.13
Precedence: bulk
Reply-To: dtn-security@mailman.dtnrg.org
List-Unsubscribe: <http://mailman.dtnrg.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=unsubscribe>
List-Id: DTN Security Discussion <dtn-security.mailman.dtnrg.org>
List-Post: <mailto:dtn-security@mailman.dtnrg.org>
List-Help: <mailto:dtn-security-request@mailman.dtnrg.org?subject=help>
List-Subscribe: <http://mailman.dtnrg.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=subscribe>
List-Archive: <http://mailman.dtnrg.org/pipermail/dtn-security/>

In a mail to dtn-interest I said:

 > PS: I'm not saying the current BSP spec has got this correct, it
 > probably needs fixing in a few ways. But I do think we can do that
 > in the BSP spec and not re-open the BP spec. E.g. perhaps we need
 > to add a optional "signature number" to the current PSB ciphersuite,
 > with the meaning that this is the n-th signature added or something.

I just had a maybe-better/maybe-worse idea:

We could add a "signature layer" value s.t. signatures with layer
N cover all PSBs with layer < N. I think that's cute and maybe
useful, but we'll have to think through the semantics.