Joint draft on ULE security extension
Michael Noisternig <mnoist@cosy.sbg.ac.at> Mon, 29 June 2009 16:32 UTC
Return-Path: <owner-ipdvb@erg.abdn.ac.uk>
X-Original-To: ietfarch-ipdvb-archive@core3.amsl.com
Delivered-To: ietfarch-ipdvb-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D936E28C2C4 for <ietfarch-ipdvb-archive@core3.amsl.com>; Mon, 29 Jun 2009 09:32:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.342
X-Spam-Level:
X-Spam-Status: No, score=-1.342 tagged_above=-999 required=5 tests=[AWL=-1.258, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, HOST_EQ_AT=0.745, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 08-5yd973ekJ for <ietfarch-ipdvb-archive@core3.amsl.com>; Mon, 29 Jun 2009 09:32:13 -0700 (PDT)
Received: from erg.abdn.ac.uk (dee.erg.abdn.ac.uk [IPv6:2001:630:241:204:203:baff:fe9a:8c9b]) by core3.amsl.com (Postfix) with ESMTP id 56B7C28C2BB for <ipdvb-archive@ietf.org>; Mon, 29 Jun 2009 09:32:11 -0700 (PDT)
Received: from dee.erg.abdn.ac.uk (localhost [IPv6:::1]) by erg.abdn.ac.uk (8.13.4/8.13.4) with ESMTP id n5TFvg1R001968 for <ipdvb-subscribed-users@dee.erg.abdn.ac.uk>; Mon, 29 Jun 2009 16:57:42 +0100 (BST)
Received: (from majordomo.lists@localhost) by dee.erg.abdn.ac.uk (8.13.4/8.12.2/Submit) id n5TFvglV001967 for ipdvb-subscribed-users; Mon, 29 Jun 2009 16:57:42 +0100 (BST)
X-Authentication-Warning: dee.erg.abdn.ac.uk: majordomo.lists set sender to owner-ipdvb@erg.abdn.ac.uk using -f
Received: from puma.cosy.sbg.ac.at (puma.cosy.sbg.ac.at [IPv6:2001:628:408:102::30:0]) by erg.abdn.ac.uk (8.13.4/8.13.4) with ESMTP id n5TFvSw1001949 for <ipdvb@erg.abdn.ac.uk>; Mon, 29 Jun 2009 16:57:28 +0100 (BST)
Received: from [192.168.1.3] (d86-32-182-69.cust.tele2.at [86.32.182.69]) by puma.cosy.sbg.ac.at (Postfix) with ESMTP id 0EB1F22835D for <ipdvb@erg.abdn.ac.uk>; Mon, 29 Jun 2009 17:57:29 +0200 (CEST)
Message-ID: <4A48E467.6030900@cosy.sbg.ac.at>
Date: Mon, 29 Jun 2009 17:57:27 +0200
From: Michael Noisternig <mnoist@cosy.sbg.ac.at>
User-Agent: Thunderbird 2.0.0.22 (Windows/20090605)
MIME-Version: 1.0
To: ipdvb@erg.abdn.ac.uk
Subject: Joint draft on ULE security extension
Content-Type: multipart/mixed; boundary="------------050805070006040504020301"
X-ERG-MailScanner: Found to be clean, Found to be clean
Sender: owner-ipdvb@erg.abdn.ac.uk
Precedence: bulk
Reply-To: ipdvb@erg.abdn.ac.uk
X-ERG-MailScanner-From: owner-ipdvb@erg.abdn.ac.uk
Dear all, may I inform you that we have just recently submitted a joint draft under http://tools.ietf.org/html/draft-noisternig-ipdvb-sec-ext-00 describing a new ULE security extension header design. We invite you to review the document and post any comments to the list. Thank you, Michael
--- Begin Message ---A new version of I-D, draft-noisternig-ipdvb-sec-ext-00.txt has been successfuly submitted by Michael Noisternig and posted to the IETF repository. Filename: draft-noisternig-ipdvb-sec-ext Revision: 00 Title: Security Extension for Unidirectional Lightweight Encapsulation Protocol Creation_date: 2009-06-29 WG ID: Independent Submission Number_of_pages: 23 Abstract: The Unidirectional Lightweight Encapsulation (ULE) protocol provides an efficient mechanism for transporting IP and other network layer protocol data over MPEG-2 networks. Such networks, widely used especially for providing digital TV services, often use broadcast wireless transmission media, and are hence vulnerable to various types of security attacks. This document describes a new mandatory ULE extension to protect ULE traffic using security features such as data confidentiality, data integrity, data origin authentication, and prevention against replay attacks. Additionally, destination addresses may be hidden from illegitimate receiver devices using the identity protection feature. The format of the security extension header as well as the processing at receivers and transmitters are described in detail. The extension aims to be lightweight and flexible such that it may be implemented in low-cost, resource-scarce transceivers, and different levels of security may be selected. The security extension may be easily adapted to the Generic Stream Encapsulation (GSE) protocol, which uses a similar extension header mechanism. The IETF Secretariat.--- End Message ---
- Joint draft on ULE security extension Michael Noisternig