[dtn-security] A comment on BSP draft -03

["Symington, Susan F." <susan@mitre.org>]

Peter, 

 

Below are some comments on the following text from the version -03
draft of the BSP that you recently sent to dtn-dev:

 

- EID references - composite field defined in [2] containing

      references to one or two EIDs.  Presence of EIDs is indicated by

      by the setting of bit 6 ("block contains an EID-reference field")

      of the block processing control flags.  If one or more is
present,

      flags in the ciphersuite ID field, described below, specify
which.

      The possible EIDs are, in order:-

 

      - (optional) Security-source - specifies the security source for

      the service.  If this is omitted, then the source of the bundle
is

      assumed to be the security-source.

 

      - (optional) Security-destination - specifies the security

      destination for the service.  If this is omitted, then the

      destination of the bundle is assumed to be the security-

      destination.

 

      Both EID fields may be omitted, in which case the composite field

      itself is empty, as defined in [2].  In this case neither count

      nor references appear, and bit 6 is not set.

-------------------------------------------------------

 

1. The EID references could contain ZERO, one or two EIDs.

2. I dont' think you should call it bit 6.  Just call it by the flag
name, in case the flags change place sometime in the BP.

3. I don't think that using only the ordering of the EIDs is
sufficient.  What if only one EID is present.  How does the node know
whether this is the security-source or the security-destination? I
think we need some other indicator to be able to tell the difference. 

 

-susan

 

 
*****************************************************************
Susan Symington
The MITRE Corporation
susan@mitre.org
703-983-7209 (voice)
703-983-7142 (fax)
******************************************************************