[dtn-security] Re(2): Header Encryption
Peter Lovell <plovell@mac.com> Fri, 17 July 2009 18:20 UTC
Received: from asmtpout020.mac.com (asmtpout020.mac.com [17.148.16.95]) by maillists.intel-research.net (8.13.8/8.13.8) with ESMTP id n6HIKrhn018925 for <dtn-security@maillists.intel-research.net>; Fri, 17 Jul 2009 11:20:53 -0700
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; charset="US-ASCII"
Received: from [157.185.80.152] by asmtp020.mac.com (Sun Java(tm) System Messaging Server 6.3-8.01 (built Dec 16 2008; 32bit)) with ESMTPSA id <0KMX009LNUVFTFA0@asmtp020.mac.com> for dtn-security@maillists.intel-research.net; Fri, 17 Jul 2009 11:18:55 -0700 (PDT)
From: Peter Lovell <plovell@mac.com>
To: Sushil Chaudhari <schaudhari@mzeal.com>, dtn-security@maillists.intel-research.net
Date: Fri, 17 Jul 2009 12:20:14 -0400
Message-id: <20090717162014.1496793716@smtp.mac.com>
In-reply-to: <20090717155125.7458.qmail@mzeal.com>
References: <20090717155125.7458.qmail@mzeal.com>
X-Mailer: CTM PowerMail version 5.6.3 build 4504 English (PPC) <http://www.ctmdev.com>
Subject: [dtn-security] Re(2): Header Encryption
X-BeenThere: dtn-security@maillists.intel-research.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DTN Security Discussion <dtn-security.maillists.intel-research.net>
List-Unsubscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=unsubscribe>
List-Archive: <http://maillists.intel-research.net/pipermail/dtn-security>
List-Post: <mailto:dtn-security@maillists.intel-research.net>
List-Help: <mailto:dtn-security-request@maillists.intel-research.net?subject=help>
List-Subscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=subscribe>
X-List-Received-Date: Fri, 17 Jul 2009 18:20:54 -0000
On Fri, Jul 17, 2009, Sushil Chaudhari <schaudhari@mzeal.com> wrote: >We are using BSP and while observing bundles on Wireshark, the header >seems to be unencrypted. Also as per draft-irtf-dtnrg-bundle- >security-08, "every bundle must contain a primary block that contains >the source and destination EID's that can not be encrypted" > >My question is, >1.Do we have some method for header encryption? The nodes need to be able to process the bundle, so you need basic things like addresses. If it's important to encrypt the headers, about your only choice is bundle-in-bundle encapsulation. You then encrypt the encapsulated bundle (PCB). But this new bundle *still* needs a primary block, and addresses, and the like. What goal are you trying to achieve? >2.Does DTN2 can be used with IPSEC? if not do we need additional >convergence layer for the support to IPSEC? I know of no particular reason it would be a problem but I must admit I haven't tried it. I'm sure others have and maybe they'll comment on successes or failure. Regards.....Peter
- Re: [dtn-security] Re(2): Header Encryption Ivancic, William D. (GRC-RHN0)
- Re: [dtn-security] Header Encryption Sushil Chaudhari
- Re: [dtn-security] Header Encryption Sushil Chaudhari
- [dtn-security] Re(2): Header Encryption Peter Lovell
- Re: [dtn-security] Header Encryption Ivancic, William D. (GRC-RHN0)
- Re: [dtn-security] Header Encryption Sushil Chaudhari
- Re: [dtn-security] Header Encryption Sushil Chaudhari