Re: [dtn] Mirja Kühlewind's Discuss on draft-ietf-dtn-bpsec-18: (with DISCUSS and COMMENT)

Mehmet Adalier <> Tue, 11 February 2020 16:37 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9E598120255 for <>; Tue, 11 Feb 2020 08:37:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 2MNQpSJRCuq7 for <>; Tue, 11 Feb 2020 08:37:16 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5235812023E for <>; Tue, 11 Feb 2020 08:37:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=s2048; t=1581439034; bh=POlf8WItZW9umtPOthyc0sO4ykMW2zGHn+hvRZtGzLQ=; h=Date:Subject:From:To:References:In-Reply-To:From:Subject; b=XRZzeDw0tCQCVKpOn1cJSQ0e2qvMvIjabon4/9rMa/Ise6DZyR6yg9OcFKpwNB9Cvs0twn0YhrKHAC/aU7JgflczxrQmrDEfl2NZPGS5bL28CV37V++NKxbQ6W5Dsz23i1JciCU06X1jZY8rZQ6j1QbSQXv9i8uu3Ycavcg1iSbjzdjWQ+u2tqEPLBYQKqPRlj23LuPcST/O0Js6Q8cOkJ6y4EJx7l5kKSZ5xjmGm6IPKCqHPnxwZ2hw9sH9tAapfMV412VIhFoHXUEjfYDZdo5ciE4SBUDkhaviQ9lvhTlxdLtlCI+k/LIXfNld6G/QQ0Yd8mqLj8P2ilT8T+KULw==
X-YMail-OSG: WxvH2SMVM1nMUw993Z1HFO1sxo4rmrv8X09FxPpQfhkMs1XjhRTdWnJ9GsbIN5H 2asjf0WA78xPDQ2hXSCbdKJfy6O7qk0RU1POdwrXKMj5MxkEWIcvicbOQ3Lq.OZ9Th7Cp5HOKXwY MQXDxxhnyBYgWR8FTU.rs6AeSz.GPNVnhoESgAkJA3cdpjFFlpKYNZwfPsur6.VTkmPMr7dwIdC_ FCmfzQR34MTWrhVs9Lpo6nTkgcDrrdC9LAxFX3bFPRDQLYaIf6TlDn4vS7zfjcmr5N9yRui3D6xA dSkKkRS.loztGMuYBp.4T262BkCOyMB_4lbCNwYAlJXAc75.9xxcx1IsOJkp4AlC73SM.u78Jnj8 2CYwXhbsNbyk1.Z63h_YW5MqA71SITFIUNitloSqKQOZ8YawT8qGaCc74JkV78HtYiy__Rtg9mla hvEWuRdcksEzkQZQ_mYe7YbL5cfmSZGt.jRwzLtdsCQAvdw8EtjZ2jKW1vzEnDt56rxPuHLJIXau 3Gfi8p1PC_0sMvSMUipVnihanHkePIJiVCumzeWmRHoG.SpVsQO1Q0eDclGcjxD40clrcmILmulN ewxDtWKuSh2VSoB738owiaFL16wCE2bC1.cHOQtbBdDvwDVs2kNeHzl0uuQBKWr_47buONm2NJfT 6GrsFiOe9NKv5oE6F4Ne_ZouFJ_5bOWzlHgToJkFj_4lU.yw9bkuuYUxOEjqxOseqHhxXc4UtY64 9dYOmqhVxyo9TrgEvMK0AapZj1XnIftTl50uasC.du.y7FxI7Z6KAovcVqMqCDclfuqFtNo2ye7d 0pOazFwyaQlpZkTKElm.NcU5QzAzdn.OMUgmnU41ifbe_LnIvL7jmerrU7QY0uRj2ckQmE_F1iST 0xDt5XkA_Vcl8__jUxcZn7O3QMARHjYKAsFCbwDhr5WrJQPAjENuYbvLqCXBN1N4m6CTa7IJt4.N IEQUe3NQ1wbwnpWPbBMwfrA9KNdmaGPkq2UynuZ4l1TcBx6dkBS5B3VKTVuR3oTs.kcSZ4H9dzzh IhvBre33g9eASjt0KW5pEDGwrvH8JiPOsOrQ1WM36bPvnjf1grRDIz1A8hLpz9HvtbYXte7dS4R7 IWlmE1wQaJ9lhzU9FYC7_zCUS5YZoyElz1mlwvQoQtf6Y2I3nM9M5MAARRQVHRwagld.6rpiHY.8 lSEzO5h2w_SGIzCi0.QGI2LroHD.CyWIAZfe8TybG198c3s.Dyl66FecnEe1mQHhP44gCfuMzTkb kzp13JhMF1LhZHz4pfxieOWCZlO.EQ1bHq2wzgX_ZLh9H3HWyukXVFl8.RvT750XQpjVr0_ltQtl l6QMlQ1jihjyBKAx76E1vf8el1zP8Oj06a6EIyrbPGVXBH.r07fuhd8m_Op7dEWJC1XFdstUaleG N61_Z5HSjcxzxX5Gebyp2fd6coMfbOiI-
Received: from by with HTTP; Tue, 11 Feb 2020 16:37:14 +0000
Received: by (Oath Hermes SMTP Server) with ESMTPA ID 8516e4ff8a695a2302fe02e7263719ac; Tue, 11 Feb 2020 16:37:13 +0000 (UTC)
User-Agent: Microsoft-MacOutlook/
Date: Tue, 11 Feb 2020 08:37:09 -0800
From: Mehmet Adalier <>
To: Mirja Kuehlewind <>, "Birrane, Edward J." <>
CC: "" <>, Scott Burleigh <>, The IESG <>, "" <>, "" <>
Message-ID: <>
Thread-Topic: [dtn] Mirja =?UTF-8?B?S8O8aGxld2luZCdz?= Discuss on draft-ietf-dtn-bpsec-18: (with DISCUSS and COMMENT)
References: <> <> <>
In-Reply-To: <>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
X-Mailer: WebService/1.1.15199 hermes Apache-HttpAsyncClient/4.1.4 (Java/1.8.0_181)
Archived-At: <>
Subject: Re: [dtn] =?utf-8?q?Mirja_K=C3=BChlewind=27s_Discuss_on_draft-ietf-d?= =?utf-8?q?tn-bpsec-18=3A_=28with_DISCUSS_and_COMMENT=29?=
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 11 Feb 2020 16:37:19 -0000

While it is possible to find such a minimal requirement, I do not believe that one is required at the BPsec protocol level.
I'd also like to recommend that the BPsec RFC does not specify a "minimum" interoperability context.

Depending on the use-case, interoperable contexts can be defined as other specifications. 

An example is appropriate CCSDS books which indicate interoperable contexts. . Another example is the International Communication System Interoperability Standards (ICSIS).


On 2/11/20, 4:04 AM, "dtn on behalf of Mirja Kuehlewind" < on behalf of> wrote:

    Hi Ed,
    Thanks for the new text section 9.1. Reading this text I would to confirm one more thing: I understand that the best choice for the security context can be very different, however, the point of interoperability is to have at least one available, that might not be optimal but it better than none. Having one common security context required would also simply mean that each implementation would need to support that and therefore it becomes much easier for people to reply BPSec if the provided one is suitable. Is it not possible to find such a minimal requirement?
    > On 8. Feb 2020, at 01:23, Birrane, Edward J. <> wrote:
    > Mirja,
    >  Thank you for the review. I have updated a new version of BPSEC  (BPSEC20) which attempts to address your DISCUSS and COMMENTS below.
    >  Specific comments are in-line below.  I have enumerated the Discuss items as **D# and the comment items as **C# to aid in referencing these points going forward.
    > -Ed
    > ---
    > Edward J. Birrane, III, Ph.D.
    > Embedded Applications Group Supervisor
    > Space Exploration Sector
    > Johns Hopkins Applied Physics Laboratory
    > (W) 443-778-7423 / (F) 443-228-3839
    >> -----Original Message-----
    >> From: Mirja Kühlewind via Datatracker <>
    >> Sent: Monday, February 03, 2020 6:17 AM
    >> To: The IESG <>
    >> Cc:; Scott Burleigh
    >> <>ov>;;
    >> Subject: [EXT] Mirja Kühlewind's Discuss on draft-ietf-dtn-bpsec-18: (with
    >> APL external email warning: Verify sender before clicking
    >> links or attachments
    >> Mirja Kühlewind has entered the following ballot position for
    >> draft-ietf-dtn-bpsec-18: Discuss
    >> When responding, please keep the subject line intact and reply to all email
    >> addresses included in the To and CC lines. (Feel free to cut this introductory
    >> paragraph, however.)
    >> Please refer to
    >> for more information about IESG DISCUSS and COMMENT positions.
    >> The document, along with other ballot positions, can be found here:
    >> ----------------------------------------------------------------------
    >> DISCUSS:
    >> ----------------------------------------------------------------------
    >> Sec 1.2 says:
    >> "A sample security
    >>   context has been defined ([I-D.ietf-dtn-bpsec-interop-sc]) to support
    >>   interoperability testing and serve as an exemplar for how security
    >>   contexts should be defined for this specification."
    >> However I don't really understand how interoperability can be reached if
    >> there is not at least one security context that is mandatory to implement in
    >> this draft (especially as ietf-dtn-bpsec-interop-sc is expired for more than
    >> half a year already)...?
    > **D1: I have added a new Section 9.1 to BPSEC20 which describes the desired approach to BPSec and security contexts.  I have also updated ietf-dtn-bpsec-interop-sc which should be going into WG last call.
    >> ----------------------------------------------------------------------
    >> COMMENT:
    >> ----------------------------------------------------------------------
    >> Please use the updated disclaimer in rfc8174.
    > **C1: Agreed. The disclaimer has been updated in BPSEC20.
    > -Ed
    dtn mailing list