[dtn] Martin Duke's Discuss on draft-ietf-dtn-bpsec-24: (with DISCUSS and COMMENT)
Martin Duke via Datatracker <noreply@ietf.org> Mon, 30 November 2020 23:08 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: dtn@ietf.org
Delivered-To: dtn@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 677D73A1252; Mon, 30 Nov 2020 15:08:27 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Martin Duke via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-dtn-bpsec@ietf.org, dtn-chairs@ietf.org, dtn@ietf.org, Scott Burleigh <Scott.C.Burleigh@jpl.nasa.gov>, Scott.C.Burleigh@jpl.nasa.gov
X-Test-IDTracker: no
X-IETF-IDTracker: 7.23.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Martin Duke <martin.h.duke@gmail.com>
Message-ID: <160677770739.25234.13578066782905891111@ietfa.amsl.com>
Date: Mon, 30 Nov 2020 15:08:27 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/uAL8O5p4DqJhWVxWSWGv9vQ9n5s>
Subject: [dtn] Martin Duke's Discuss on draft-ietf-dtn-bpsec-24: (with DISCUSS and COMMENT)
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Nov 2020 23:08:28 -0000
Martin Duke has entered the following ballot position for draft-ietf-dtn-bpsec-24: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dtn-bpsec/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- - Is this meant to obsolete RFC 6257? - Section 3.8 says "BCB blocks MUST NOT have the 'block must be removed from bundle if it can't be processed' flag set." However, the notes for this section ask that "designers carefully consider the effect" of setting this flag. I presume the latter should have been deleted? - Sec 11.3 specifies an unsigned integer with certain meanings attached to negative values. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Sec 3.1 While there is no formal IETF policy, there has been some concern that "MITM" is exclusionary. How would you feel about replacing this with "On-Path Attacker" and "Mallory" with a suitable replacement (Olive?)? I am somewhat unsure of the implications of Section 3.9, where the waypoint is supposed to delete the BIB and replace it with another BIB. Presumably, policies will generally require authentication from a specific source? I kept waiting for some discussion of these issues in 3.9, 7, and/or 8.2.2, and was disappointed. There are many ways to resolve this, including just explaining that I'm wrong, but text in 3.9 like "this technique is incompatible with policies that require integrity checking with the bundle source as security source" or something to that effect would be one way.
- [dtn] Martin Duke's Discuss on draft-ietf-dtn-bps… Martin Duke via Datatracker
- Re: [dtn] [EXT] Martin Duke's Discuss on draft-ie… Birrane, Edward J.
- Re: [dtn] [EXT] Martin Duke's Discuss on draft-ie… Martin Duke