[dtn-security] A comment on BSP draft -03

"Symington, Susan F." <susan@mitre.org> Fri, 20 April 2007 14:55 UTC

Received: from smtp-bedford.mitre.org (smtpproxy1.mitre.org [192.160.51.76]) by webbie.berkeley.intel-research.net (8.11.6/8.11.6) with ESMTP id l3KEtXY03400 for <dtn-security@mailman.dtnrg.org>; Fri, 20 Apr 2007 07:55:33 -0700
Received: from smtp-bedford.mitre.org (localhost.localdomain [127.0.0.1]) by smtp-bedford.mitre.org (8.12.11.20060308/8.12.11) with SMTP id l3KEtXew007967 for <dtn-security@mailman.dtnrg.org>; Fri, 20 Apr 2007 10:55:33 -0400
Received: from smtp-bedford.mitre.org (localhost.localdomain [127.0.0.1]) by smtp-bedford.mitre.org (Postfix) with ESMTP id 14897C023 for <dtn-security@mailman.dtnrg.org>; Fri, 20 Apr 2007 10:55:33 -0400 (EDT)
Received: from imcfe2.MITRE.ORG (imcfe2.mitre.org [129.83.29.4]) by smtp-bedford.mitre.org (8.12.11.20060308/8.12.11) with ESMTP id l3KEtW2J007956 for <dtn-security@mailman.dtnrg.org>; Fri, 20 Apr 2007 10:55:32 -0400
Received: from IMCSRV4.MITRE.ORG ([129.83.20.161]) by imcfe2.MITRE.ORG with Microsoft SMTPSVC(6.0.3790.1830); Fri, 20 Apr 2007 10:55:32 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C7835B.F1981BCE"
Date: Fri, 20 Apr 2007 10:55:31 -0400
Message-ID: <8E507634779E22488719233DB3DF9FF001752B28@IMCSRV4.MITRE.ORG>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: A comment on BSP draft -03
Thread-Index: AceDW/FbZr39NsuHR1KWcYCRkrMDLA==
From: "Symington, Susan F." <susan@mitre.org>
To: <dtn-security@mailman.dtnrg.org>
X-OriginalArrivalTime: 20 Apr 2007 14:55:32.0453 (UTC) FILETIME=[F1C06950:01C7835B]
Subject: [dtn-security] A comment on BSP draft -03
Sender: dtn-security-admin@mailman.dtnrg.org
Errors-To: dtn-security-admin@mailman.dtnrg.org
X-BeenThere: dtn-security@mailman.dtnrg.org
X-Mailman-Version: 2.0.13
Precedence: bulk
Reply-To: dtn-security@mailman.dtnrg.org
List-Unsubscribe: <http://mailman.dtnrg.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=unsubscribe>
List-Id: DTN Security Discussion <dtn-security.mailman.dtnrg.org>
List-Post: <mailto:dtn-security@mailman.dtnrg.org>
List-Help: <mailto:dtn-security-request@mailman.dtnrg.org?subject=help>
List-Subscribe: <http://mailman.dtnrg.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=subscribe>
List-Archive: <http://mailman.dtnrg.org/pipermail/dtn-security/>

Peter, 

 

Below are some comments on the following text from the version -03
draft of the BSP that you recently sent to dtn-dev:

 

- EID references - composite field defined in [2] containing

      references to one or two EIDs.  Presence of EIDs is indicated by

      by the setting of bit 6 ("block contains an EID-reference field")

      of the block processing control flags.  If one or more is
present,

      flags in the ciphersuite ID field, described below, specify
which.

      The possible EIDs are, in order:-

 

      - (optional) Security-source - specifies the security source for

      the service.  If this is omitted, then the source of the bundle
is

      assumed to be the security-source.

 

      - (optional) Security-destination - specifies the security

      destination for the service.  If this is omitted, then the

      destination of the bundle is assumed to be the security-

      destination.

 

      Both EID fields may be omitted, in which case the composite field

      itself is empty, as defined in [2].  In this case neither count

      nor references appear, and bit 6 is not set.

-------------------------------------------------------

 

1. The EID references could contain ZERO, one or two EIDs.

2. I dont' think you should call it bit 6.  Just call it by the flag
name, in case the flags change place sometime in the BP.

3. I don't think that using only the ordering of the EIDs is
sufficient.  What if only one EID is present.  How does the node know
whether this is the security-source or the security-destination? I
think we need some other indicator to be able to tell the difference. 

 

-susan

 

 
*****************************************************************
Susan Symington
The MITRE Corporation
susan@mitre.org
703-983-7209 (voice)
703-983-7142 (fax)
******************************************************************