Re: [dtn-security] BSP mutable canonicalization of CBHE
"Burleigh, Scott C (313B)" <scott.c.burleigh@jpl.nasa.gov> Fri, 10 May 2013 15:26 UTC
Return-Path: <scott.c.burleigh@jpl.nasa.gov>
X-Original-To: dtn-security@ietfa.amsl.com
Delivered-To: dtn-security@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D208D21F8521 for <dtn-security@ietfa.amsl.com>; Fri, 10 May 2013 08:26:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nibhJy3n1ksq for <dtn-security@ietfa.amsl.com>; Fri, 10 May 2013 08:25:56 -0700 (PDT)
Received: from mail.jpl.nasa.gov (sentrion2.jpl.nasa.gov [128.149.139.106]) by ietfa.amsl.com (Postfix) with ESMTP id 6234E21F81FE for <dtn-security@irtf.org>; Fri, 10 May 2013 08:25:54 -0700 (PDT)
Received: from mail.jpl.nasa.gov (ap-ehub-sp02.jpl.nasa.gov [128.149.137.149]) by smtp.jpl.nasa.gov (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r4AFPrsx008417 (using TLSv1/SSLv3 with cipher AES128-SHA (128 bits) verified NO); Fri, 10 May 2013 08:25:53 -0700
Received: from AP-EMBX-SP40.RES.AD.JPL ([169.254.7.50]) by ap-ehub-sp02.RES.AD.JPL ([fe80::dd85:7b07:1e36:7e3c%15]) with mapi id 14.02.0342.003; Fri, 10 May 2013 08:25:53 -0700
From: "Burleigh, Scott C (313B)" <scott.c.burleigh@jpl.nasa.gov>
To: "Zoller, David A. (MSFC-EO50)[HOSC SERVICES CONTRACT]" <david.a.zoller@nasa.gov>, dtn-security <dtn-security@irtf.org>
Thread-Topic: BSP mutable canonicalization of CBHE
Thread-Index: Ac5NjSKhKlX5lVhbTO6In/E8TlBZPAABGsPA
Date: Fri, 10 May 2013 15:25:52 +0000
Message-ID: <A5BEAD028815CB40A32A5669CF737C3B235CACE0@ap-embx-sp40.RES.AD.JPL>
References: <04E3D99A62496240BCD6A576813E6E31E0C71676EC@NDMSSCC05.ndc.nasa.gov>
In-Reply-To: <04E3D99A62496240BCD6A576813E6E31E0C71676EC@NDMSSCC05.ndc.nasa.gov>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [128.149.137.26]
Content-Type: multipart/alternative; boundary="_000_A5BEAD028815CB40A32A5669CF737C3B235CACE0apembxsp40RESAD_"
MIME-Version: 1.0
X-Source-Sender: scott.c.burleigh@jpl.nasa.gov
X-AUTH: Authorized
Subject: Re: [dtn-security] BSP mutable canonicalization of CBHE
X-BeenThere: dtn-security@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The Delay-Tolerant Networking Research Group \(DTNRG\) - Security." <dtn-security.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/dtn-security>
List-Post: <mailto:dtn-security@irtf.org>
List-Help: <mailto:dtn-security-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 May 2013 15:26:02 -0000
Interesting question, David. I would say there's no problem, though, because the CBHE specification says that (formally) the compression happens at the convergence layer, after the bundle has been queued for forwarding. All of the BSP signing and encryption procedures should already have been performed prior to this time - i.e., on the original uncompressed bundle - when all EIDs still existed in string form to support canonicalization. Scott From: dtn-security-bounces@irtf.org [mailto:dtn-security-bounces@irtf.org] On Behalf Of Zoller, David A. (MSFC-EO50)[HOSC SERVICES CONTRACT] Sent: Friday, May 10, 2013 8:05 AM To: dtn-security Subject: [dtn-security] BSP mutable canonicalization of CBHE Noticed while looking through the new DTN2 ciphersuite code... Is there a specification of the BSP mutable canonicalization of a primary header in Compressed Bundle Header Encoding format (RFC 6260)? Would you generate the string "ipn:<scheme offset>:<ssp offset>" and use that for the EIDs and lengths? And use "dtn:none" for the case where the offsets are both zero? Thanks, DZ
- Re: [dtn-security] BSP mutable canonicalization o… Burleigh, Scott C (313B)
- Re: [dtn-security] BSP mutable canonicalization o… Zoller, David A. (MSFC-EO50)[HOSC SERVICES CONTRACT]
- [dtn-security] BSP mutable canonicalization of CB… Zoller, David A. (MSFC-EO50)[HOSC SERVICES CONTRACT]