| draft-ietf-dtn-bpsec-15.txt | draft-ietf-dtn-bpsec-16.txt | |||
|---|---|---|---|---|
| Delay-Tolerant Networking E. Birrane | Delay-Tolerant Networking E. Birrane | |||
| Internet-Draft K. McKeever | Internet-Draft K. McKeever | |||
| Obsoletes: 6257 (if approved) JHU/APL | Obsoletes: 6257 (if approved) JHU/APL | |||
| Intended status: Standards Track January 16, 2020 | Intended status: Standards Track January 21, 2020 | |||
| Expires: July 19, 2020 | Expires: July 24, 2020 | |||
| Bundle Protocol Security Specification | Bundle Protocol Security Specification | |||
| draft-ietf-dtn-bpsec-15 | draft-ietf-dtn-bpsec-16 | |||
| Abstract | Abstract | |||
| This document defines a security protocol providing end to end data | This document defines a security protocol providing end to end data | |||
| integrity and confidentiality services for the Bundle Protocol. | integrity and confidentiality services for the Bundle Protocol. | |||
| This document is an update of the protocol described in RFC 6257, | This document is an update of the protocol described in RFC 6257, | |||
| reflecting lessons learned. For this reason it obsoletes RFC 6257, | reflecting lessons learned. For this reason it obsoletes RFC 6257, | |||
| an IRTF-stream document. | an IRTF-stream document. | |||
| Note to the RFC editor: The Internet Research Task Force is requested | ||||
| to mark RFC6257 as obsolete. | ||||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on July 19, 2020. | This Internet-Draft will expire on July 24, 2020. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2020 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 51 ¶ | skipping to change at page 3, line 48 ¶ | |||
| contact with a centralized security oracle (such as a certificate | contact with a centralized security oracle (such as a certificate | |||
| authority). | authority). | |||
| An end-to-end security service is needed that operates in all of the | An end-to-end security service is needed that operates in all of the | |||
| environments where the BP operates. | environments where the BP operates. | |||
| This document is an update of the protocol described in RFC 6257, | This document is an update of the protocol described in RFC 6257, | |||
| reflecting lessons learned. For this reason it obsoletes RFC 6257, | reflecting lessons learned. For this reason it obsoletes RFC 6257, | |||
| an IRTF-stream document. | an IRTF-stream document. | |||
| Note to the RFC editor: The Internet Research Task Force is requested | Note to the RFC editor: Please delete below paragraph prior to RFC | |||
| to mark RFC6257 as obsolete. | publication. | |||
| The Internet Research Task Force will be requested to mark RFC6257 as | ||||
| obsolete. | ||||
| 1.1. Supported Security Services | 1.1. Supported Security Services | |||
| BPSec provides end-to-end integrity and confidentiality services for | BPSec provides end-to-end integrity and confidentiality services for | |||
| BP bundles, as defined in this section. | BP bundles, as defined in this section. | |||
| Integrity services ensure that changes to target data within a bundle | Integrity services ensure that changes to target data within a bundle | |||
| can be discovered. Data changes may be caused by processing errors, | can be discovered. Data changes may be caused by processing errors, | |||
| environmental conditions, or intentional manipulation. In the | environmental conditions, or intentional manipulation. In the | |||
| context of BPSec, integrity services apply to plain-text in the | context of BPSec, integrity services apply to plain-text in the | |||
| skipping to change at page 33, line 22 ¶ | skipping to change at page 33, line 22 ¶ | |||
| 11.1. Bundle Block Types | 11.1. Bundle Block Types | |||
| This specification allocates two block types from the existing | This specification allocates two block types from the existing | |||
| "Bundle Block Types" registry defined in [I-D.ietf-dtn-bpbis]. | "Bundle Block Types" registry defined in [I-D.ietf-dtn-bpbis]. | |||
| Additional Entries for the Bundle Block-Type Codes Registry: | Additional Entries for the Bundle Block-Type Codes Registry: | |||
| +-------+-----------------------------+---------------+ | +-------+-----------------------------+---------------+ | |||
| | Value | Description | Reference | | | Value | Description | Reference | | |||
| +-------+-----------------------------+---------------+ | +-------+-----------------------------+---------------+ | |||
| | 11 | Block Integrity Block | This document | | | TBA | Block Integrity Block | This document | | |||
| | 12 | Block Confidentiality Block | This document | | | TBA | Block Confidentiality Block | This document | | |||
| +-------+-----------------------------+---------------+ | +-------+-----------------------------+---------------+ | |||
| Table 2 | Table 2 | |||
| The Bundle Block Types namespace notes whether a block type is meant | The Bundle Block Types namespace notes whether a block type is meant | |||
| for use in BP version 6, BP version 7, or both. The two block types | for use in BP version 6, BP version 7, or both. The two block types | |||
| defined in this specification are meant for use with BP version 7. | defined in this specification are meant for use with BP version 7. | |||
| 11.2. Security Context Identifiers | 11.2. Security Context Identifiers | |||
| End of changes. 6 change blocks. | ||||
| 11 lines changed or deleted | 11 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||