IETF Logo Mail Archive

Re: [dtn] [EXTERNAL] WGLC on draft-ietf-dtn-bpsec-interop-sc

"Burleigh, Scott C (US 312B)" <scott.c.burleigh@jpl.nasa.gov> Mon, 05 August 2019 16:22 UTC

Return-Path: <scott.c.burleigh@jpl.nasa.gov>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50A7C12022C for <dtn@ietfa.amsl.com>; Mon, 5 Aug 2019 09:22:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jpl.nasa.gov
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wUTRWowh4m-4 for <dtn@ietfa.amsl.com>; Mon, 5 Aug 2019 09:22:54 -0700 (PDT)
Received: from ppa02.jpl.nasa.gov (ppa02.jpl.nasa.gov [128.149.137.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2B8D120162 for <dtn@ietf.org>; Mon, 5 Aug 2019 09:22:54 -0700 (PDT)
Received: from pps.filterd (ppa02.jpl.nasa.gov [127.0.0.1]) by ppa02.jpl.nasa.gov (8.16.0.27/8.16.0.27) with SMTP id x75GJv64066224 for <dtn@ietf.org>; Mon, 5 Aug 2019 09:22:54 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jpl.nasa.gov; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=InSight1906; bh=xAgdTO+C6PnOGYJv6oQlAavyMbii5xJX3l+RGDF9Aj8=; b=SfuLuseKpUDrgpRt9RewPFBPeyDLywLXAiCTseV2stJCCfT+jHRKZdKbMiW/VPzOJw8X +EUfTcPmk2+v+7WB053RVjZJl5Gh97KBrwhtMX+w2PphdivZRjky0KAdBfOGzhzmQ7sh H+Zfj+nqc6WyYL9/jjiZOsj7Rhsuqva9r0O6SB7Gf1ADGBKRNRqJZksV+yy3VDnJlJbh CQI1yfruqtODLZM1Dp86ZtCI8Ihq/7wgJoYQ3Emhic9Aq/2+bXJepRa1fYviUyRwszzq D4MB0eQdcajcEVApEXfJFq1ReliAX1Lfl/gNLGP5ZlnHrJSXVLXm33jBYIwVrTxR2sfF 0w==
Received: from mail.jpl.nasa.gov (altphysenclup02.jpl.nasa.gov [128.149.137.53]) by ppa02.jpl.nasa.gov with ESMTP id 2u59etysh0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <dtn@ietf.org>; Mon, 05 Aug 2019 09:22:53 -0700
Received: from ap-embx16-sp50.RES.AD.JPL (ap-embx16-sp50.jpl.nasa.gov [128.149.137.140]) by smtp.jpl.nasa.gov (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id x75GMrAq020338 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128 bits) verified FAIL) for <dtn@ietf.org>; Mon, 5 Aug 2019 09:22:53 -0700
Received: from ap-embx16-sp10.RES.AD.JPL (2002:8095:8953::8095:8953) by ap-embx16-sp50.RES.AD.JPL (2002:8095:898c::8095:898c) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1591.10; Mon, 5 Aug 2019 09:22:52 -0700
Received: from ap-embx16-sp10.RES.AD.JPL ([fe80::4:f430:47b5:767b]) by ap-embx16-sp10.RES.AD.JPL ([fe80::4:f430:47b5:767b%17]) with mapi id 15.01.1591.008; Mon, 5 Aug 2019 09:22:53 -0700
From: "Burleigh, Scott C (US 312B)" <scott.c.burleigh@jpl.nasa.gov>
To: DTN WG <dtn@ietf.org>
Thread-Topic: [EXTERNAL] [dtn] WGLC on draft-ietf-dtn-bpsec-interop-sc
Thread-Index: AQHVQ9ZmbVFyAyNPQkunzNW5UCdWh6bsyOsg
Date: Mon, 05 Aug 2019 16:22:52 +0000
Message-ID: <a9eefaad218f43ca8e369cc1471ee4d8@jpl.nasa.gov>
References: <624BF3AA-9BB6-459C-A7CB-F33D95926BD3@viagenie.ca>
In-Reply-To: <624BF3AA-9BB6-459C-A7CB-F33D95926BD3@viagenie.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [207.151.104.72]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Source-IP: ap-embx16-sp50.jpl.nasa.gov [128.149.137.140]
X-Source-Sender: scott.c.burleigh@jpl.nasa.gov
X-AUTH: Authorized
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-08-05_08:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908050181
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/EEa3hyUcJ69SRVWzR-VoB2bvjGI>
Subject: Re: [dtn] [EXTERNAL] WGLC on draft-ietf-dtn-bpsec-interop-sc
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Aug 2019 16:22:56 -0000

A couple of comments on draft-ietf-dtn-bpsec-interop-sc-00:

1.  In the Introduction, "inter-bundle" is confusing.  Is "intra-bundle" intended?  Or "inter-node"?  I don't see how bpsec provides security features that operate between bundles.

2.  In 3.3: it's critical that Primary Blocks be protected by BIBs.  I think this section should specify the way in which the security context applies to the primary block (which lacks block type code, block number, block processing control flags, and block-type-specific data fields) in addition to the way it applies to canonical blocks.

3.  Also in 3.3: it sounds like there is no integrity protection for the block header of a canonical block.  What's the rationale for that?  Does it imply that CRCs are always mandatory for all canonical blocks?

4.  In 4.1: the last sentence says that the size of the target block is modified by encryption, but 4.4.1 and 4.6 seem to say that it isn't.  Which is correct?

5.  In 4.3: is "hashing" correct here?

6.  Also in 4.3: does encryption provide no authentication of the block header of a canonical block?

7.  In 5.1:  should "block types" (in the section header and first sentence) be "security contexts" instead?

Scott

-----Original Message-----
From: dtn <dtn-bounces@ietf.org> On Behalf Of Marc Blanchet
Sent: Friday, July 26, 2019 10:20 AM
To: DTN WG <dtn@ietf.org>
Subject: [EXTERNAL] [dtn] WGLC on draft-ietf-dtn-bpsec-interop-sc

Hello,
  this is a WGLC on draft-ietf-dtn-bpsec-interop-sc. Given vacation time in some areas, this WGLC last until August 31st. Please send your comments to the list.

Context: this document is a needed companion document to BPsec.

Marc&Rick, co-chair.

_______________________________________________
dtn mailing list
dtn@ietf.org
https://www.ietf.org/mailman/listinfo/dtn

v2.23.0 | Report a Bug | By Email