Re: [dtn-security] Issue implementing security source/destination with ESB blocks
ahennes1@math.umd.edu Mon, 06 August 2012 15:51 UTC
Return-Path: <ahennes1@math.umd.edu>
X-Original-To: dtn-security@ietfa.amsl.com
Delivered-To: dtn-security@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91D0721F85B8 for <dtn-security@ietfa.amsl.com>; Mon, 6 Aug 2012 08:51:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.999
X-Spam-Level:
X-Spam-Status: No, score=-3.999 tagged_above=-999 required=5 tests=[BAYES_50=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VBI7cZ6oA-dt for <dtn-security@ietfa.amsl.com>; Mon, 6 Aug 2012 08:51:20 -0700 (PDT)
Received: from mailfilter.ece.umd.edu (mailfilter.ece.umd.edu [129.2.90.4]) by ietfa.amsl.com (Postfix) with ESMTP id 123BB21F85C4 for <dtn-security@irtf.org>; Mon, 6 Aug 2012 08:51:19 -0700 (PDT)
X-ASG-Debug-ID: 1344268277-04739d104d3eb800001-NoPDhg
Received: from svr4.math.umd.edu (svr4.math.umd.edu [129.2.56.14]) by mailfilter.ece.umd.edu with ESMTP id uQKp41Tgvqp1ZMoz; Mon, 06 Aug 2012 11:51:17 -0400 (EDT)
X-Barracuda-Envelope-From: ahennes1@math.umd.edu
X-Barracuda-Apparent-Source-IP: 129.2.56.14
Received: by svr4.math.umd.edu (Postfix, from userid 48) id 086EE6FC83; Mon, 6 Aug 2012 11:51:17 -0400 (EDT)
Received: from 63.239.65.11 by webmail.math.umd.edu with HTTP; Mon, 6 Aug 2012 11:51:17 -0400
Message-ID: <e5f316d31c243f6f6758ffc0a81303ca.squirrel@webmail.math.umd.edu>
In-Reply-To: <20120803221701.223057816@smtp.mail.me.com>
References: <20120802214016.1861780438@smtp.mail.me.com> <501B3B2F.5090508@folly.org.uk> <329D879C76FDD04AAAE84BB1D89B397006842FE3A0@aplesfreedom.dom1.jhuapl.edu> <20120803221701.223057816@smtp.mail.me.com>
Date: Mon, 06 Aug 2012 11:51:17 -0400
From: ahennes1@math.umd.edu
X-ASG-Orig-Subj: Re: [dtn-security] Issue implementing security source/destination with ESB blocks
To: Peter Lovell <plovell@mac.com>, aloomis@sarn.org, cherita.corbett@jhuapl.edu, stephen.farrell@cs.tcd.ie
User-Agent: SquirrelMail/1.4.20
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-Barracuda-Connect: svr4.math.umd.edu[129.2.56.14]
X-Barracuda-Start-Time: 1344268277
X-Barracuda-URL: http://mailfilter.ece.umd.edu:8000/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at ece.umd.edu
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=7.0 KILL_LEVEL=1000.0 tests=NO_REAL_NAME
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.104863 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 NO_REAL_NAME From: does not include a real name
Cc: dtn-security@irtf.org
Subject: Re: [dtn-security] Issue implementing security source/destination with ESB blocks
X-BeenThere: dtn-security@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The Delay-Tolerant Networking Research Group \(DTNRG\) - Security." <dtn-security.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/dtn-security>
List-Post: <mailto:dtn-security@irtf.org>
List-Help: <mailto:dtn-security-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Aug 2012 15:51:20 -0000
All, I'm trying to summarize the issues with RFC6257 for an errata list. How does this sound: 1. In Section 2.1, in the description of the EID-references, it should mention that the EID-refs are preceded by a count field. 2. Also in Section 2.1, it states that there can be at most 2 eid refs in an Abstract Security Block. An exception should be added for ESB, which can have an arbitrary number of eid refs based on the number in the original extension block and how many times it has been encapsulated. 3. In Section 2.5, in the discussion of ESB, there needs to be some language describing how the eid-ref list in the encapsulated block is appended to the (optional) security src/dest of the encapsulating ESB. As a result, the eid-ref list in the ESB may be of arbitrary length. Also in Section 2.5, the statement that eid list entries should be handled analogously to PCB should be removed (along with the reference to Section 2.4). 4. In Section 4.4, in the description of ESB-RSA-AES128-EXT, the statement that eid list entries should be handled analogously to PCB should be removed (along with the reference to Section 2.4). Thanks, Angela
- [dtn-security] Issue implementing security source… ahennes1
- Re: [dtn-security] Issue implementing security so… Stephen Farrell
- Re: [dtn-security] Issue implementing security so… ahennes1
- Re: [dtn-security] Issue implementing security so… Birrane, Edward J.
- Re: [dtn-security] Issue implementing security so… Birrane, Edward J.
- Re: [dtn-security] Issue implementing security so… ahennes1
- Re: [dtn-security] Issue implementing security so… Peter Lovell
- Re: [dtn-security] Issue implementing security so… Birrane, Edward J.
- Re: [dtn-security] Issue implementing security so… Elwyn Davies
- Re: [dtn-security] Issue implementing security so… Birrane, Edward J.
- [dtn-security] Re(2): Issue implementing security… Peter Lovell
- Re: [dtn-security] Issue implementing security so… ahennes1
- [dtn-security] Re(2): Issue implementing security… Peter Lovell
- Re: [dtn-security] Re(2): Issue implementing secu… ahennes1
- Re: [dtn-security] Issue implementing security so… Peter Lovell
- [dtn-security] Re(4): Issue implementing security… Peter Lovell
- Re: [dtn-security] Issue implementing security so… Stephen Farrell
- Re: [dtn-security] Issue implementing security so… Peter Lovell
- Re: [dtn-security] Issue implementing security so… Birrane, Edward J.
- Re: [dtn-security] Issue implementing security so… Stephen Farrell
- Re: [dtn-security] Issue implementing security so… Birrane, Edward J.
- Re: [dtn-security] Issue implementing security so… ahennes1
- Re: [dtn-security] Issue implementing security so… Stephen Farrell