| draft-ietf-dtn-tcpclv4-21.txt | draft-ietf-dtn-tcpclv4-22.txt | |||
|---|---|---|---|---|
| Delay-Tolerant Networking B. Sipos | Delay-Tolerant Networking B. Sipos | |||
| Internet-Draft RKF Engineering | Internet-Draft RKF Engineering | |||
| Intended status: Standards Track M. Demmer | Intended status: Standards Track M. Demmer | |||
| Expires: December 11, 2020 UC Berkeley | Expires: April 29, 2021 UC Berkeley | |||
| J. Ott | J. Ott | |||
| Aalto University | Aalto University | |||
| S. Perreault | S. Perreault | |||
| June 9, 2020 | October 26, 2020 | |||
| Delay-Tolerant Networking TCP Convergence Layer Protocol Version 4 | Delay-Tolerant Networking TCP Convergence Layer Protocol Version 4 | |||
| draft-ietf-dtn-tcpclv4-21 | draft-ietf-dtn-tcpclv4-22 | |||
| Abstract | Abstract | |||
| This document describes a TCP-based convergence layer (TCPCL) for | This document describes a TCP-based convergence layer (TCPCL) for | |||
| Delay-Tolerant Networking (DTN). This version of the TCPCL protocol | Delay-Tolerant Networking (DTN). This version of the TCPCL protocol | |||
| resolves implementation issues in the earlier TCPCL Version 3 of | resolves implementation issues in the earlier TCPCL Version 3 of | |||
| RFC7242 and updates to the Bundle Protocol (BP) contents, encodings, | RFC7242 and updates to the Bundle Protocol (BP) contents, encodings, | |||
| and convergence layer requirements in BP Version 7. Specifically, | and convergence layer requirements in BP Version 7. Specifically, | |||
| the TCPCLv4 uses CBOR-encoded BPv7 bundles as its service data unit | the TCPCLv4 uses CBOR-encoded BPv7 bundles as its service data unit | |||
| being transported and provides a reliable transport of such bundles. | being transported and provides a reliable transport of such bundles. | |||
| skipping to change at page 1, line 42 ¶ | skipping to change at page 1, line 42 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on December 11, 2020. | This Internet-Draft will expire on April 29, 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2020 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 37 ¶ | skipping to change at page 2, line 37 ¶ | |||
| 3.6. Transfer Segmentation Policies . . . . . . . . . . . . . 21 | 3.6. Transfer Segmentation Policies . . . . . . . . . . . . . 21 | |||
| 3.7. Example Message Exchange . . . . . . . . . . . . . . . . 22 | 3.7. Example Message Exchange . . . . . . . . . . . . . . . . 22 | |||
| 4. Session Establishment . . . . . . . . . . . . . . . . . . . . 23 | 4. Session Establishment . . . . . . . . . . . . . . . . . . . . 23 | |||
| 4.1. TCP Connection . . . . . . . . . . . . . . . . . . . . . 24 | 4.1. TCP Connection . . . . . . . . . . . . . . . . . . . . . 24 | |||
| 4.2. Contact Header . . . . . . . . . . . . . . . . . . . . . 25 | 4.2. Contact Header . . . . . . . . . . . . . . . . . . . . . 25 | |||
| 4.3. Contact Validation and Negotiation . . . . . . . . . . . 26 | 4.3. Contact Validation and Negotiation . . . . . . . . . . . 26 | |||
| 4.4. Session Security . . . . . . . . . . . . . . . . . . . . 27 | 4.4. Session Security . . . . . . . . . . . . . . . . . . . . 27 | |||
| 4.4.1. Entity Identification . . . . . . . . . . . . . . . . 28 | 4.4.1. Entity Identification . . . . . . . . . . . . . . . . 28 | |||
| 4.4.2. TLS Handshake . . . . . . . . . . . . . . . . . . . . 29 | 4.4.2. TLS Handshake . . . . . . . . . . . . . . . . . . . . 29 | |||
| 4.4.3. TLS Authentication . . . . . . . . . . . . . . . . . 30 | 4.4.3. TLS Authentication . . . . . . . . . . . . . . . . . 30 | |||
| 4.4.4. Example TLS Initiation . . . . . . . . . . . . . . . 31 | 4.4.4. Example TLS Initiation . . . . . . . . . . . . . . . 32 | |||
| 4.5. Message Header . . . . . . . . . . . . . . . . . . . . . 32 | 4.5. Message Header . . . . . . . . . . . . . . . . . . . . . 33 | |||
| 4.6. Session Initialization Message (SESS_INIT) . . . . . . . 34 | 4.6. Session Initialization Message (SESS_INIT) . . . . . . . 34 | |||
| 4.7. Session Parameter Negotiation . . . . . . . . . . . . . . 35 | 4.7. Session Parameter Negotiation . . . . . . . . . . . . . . 36 | |||
| 4.8. Session Extension Items . . . . . . . . . . . . . . . . . 36 | 4.8. Session Extension Items . . . . . . . . . . . . . . . . . 37 | |||
| 5. Established Session Operation . . . . . . . . . . . . . . . . 37 | 5. Established Session Operation . . . . . . . . . . . . . . . . 38 | |||
| 5.1. Upkeep and Status Messages . . . . . . . . . . . . . . . 37 | 5.1. Upkeep and Status Messages . . . . . . . . . . . . . . . 38 | |||
| 5.1.1. Session Upkeep (KEEPALIVE) . . . . . . . . . . . . . 37 | 5.1.1. Session Upkeep (KEEPALIVE) . . . . . . . . . . . . . 38 | |||
| 5.1.2. Message Rejection (MSG_REJECT) . . . . . . . . . . . 38 | 5.1.2. Message Rejection (MSG_REJECT) . . . . . . . . . . . 39 | |||
| 5.2. Bundle Transfer . . . . . . . . . . . . . . . . . . . . . 39 | 5.2. Bundle Transfer . . . . . . . . . . . . . . . . . . . . . 40 | |||
| 5.2.1. Bundle Transfer ID . . . . . . . . . . . . . . . . . 40 | 5.2.1. Bundle Transfer ID . . . . . . . . . . . . . . . . . 41 | |||
| 5.2.2. Data Transmission (XFER_SEGMENT) . . . . . . . . . . 40 | 5.2.2. Data Transmission (XFER_SEGMENT) . . . . . . . . . . 41 | |||
| 5.2.3. Data Acknowledgments (XFER_ACK) . . . . . . . . . . . 42 | 5.2.3. Data Acknowledgments (XFER_ACK) . . . . . . . . . . . 43 | |||
| 5.2.4. Transfer Refusal (XFER_REFUSE) . . . . . . . . . . . 43 | 5.2.4. Transfer Refusal (XFER_REFUSE) . . . . . . . . . . . 44 | |||
| 5.2.5. Transfer Extension Items . . . . . . . . . . . . . . 46 | 5.2.5. Transfer Extension Items . . . . . . . . . . . . . . 47 | |||
| 6. Session Termination . . . . . . . . . . . . . . . . . . . . . 48 | 6. Session Termination . . . . . . . . . . . . . . . . . . . . . 49 | |||
| 6.1. Session Termination Message (SESS_TERM) . . . . . . . . . 48 | 6.1. Session Termination Message (SESS_TERM) . . . . . . . . . 49 | |||
| 6.2. Idle Session Shutdown . . . . . . . . . . . . . . . . . . 51 | 6.2. Idle Session Shutdown . . . . . . . . . . . . . . . . . . 52 | |||
| 7. Implementation Status . . . . . . . . . . . . . . . . . . . . 51 | 7. Implementation Status . . . . . . . . . . . . . . . . . . . . 52 | |||
| 8. Security Considerations . . . . . . . . . . . . . . . . . . . 51 | 8. Security Considerations . . . . . . . . . . . . . . . . . . . 52 | |||
| 8.1. Threat: Passive Leak of Node Data . . . . . . . . . . . . 52 | 8.1. Threat: Passive Leak of Node Data . . . . . . . . . . . . 53 | |||
| 8.2. Threat: Passive Leak of Bundle Data . . . . . . . . . . . 52 | 8.2. Threat: Passive Leak of Bundle Data . . . . . . . . . . . 53 | |||
| 8.3. Threat: TCPCL Version Downgrade . . . . . . . . . . . . . 52 | 8.3. Threat: TCPCL Version Downgrade . . . . . . . . . . . . . 53 | |||
| 8.4. Threat: Transport Security Stripping . . . . . . . . . . 52 | 8.4. Threat: Transport Security Stripping . . . . . . . . . . 53 | |||
| 8.5. Threat: Weak TLS Configurations . . . . . . . . . . . . . 53 | 8.5. Threat: Weak TLS Configurations . . . . . . . . . . . . . 54 | |||
| 8.6. Threat: Certificate Validation Vulnerabilities . . . . . 53 | 8.6. Threat: Certificate Validation Vulnerabilities . . . . . 54 | |||
| 8.7. Threat: Symmetric Key Limits . . . . . . . . . . . . . . 53 | 8.7. Threat: Symmetric Key Limits . . . . . . . . . . . . . . 54 | |||
| 8.8. Threat: BP Node Impersonation . . . . . . . . . . . . . . 53 | 8.8. Threat: BP Node Impersonation . . . . . . . . . . . . . . 54 | |||
| 8.9. Threat: Denial of Service . . . . . . . . . . . . . . . . 54 | 8.9. Threat: Denial of Service . . . . . . . . . . . . . . . . 55 | |||
| 8.10. Alternate Uses of TLS . . . . . . . . . . . . . . . . . . 55 | 8.10. Alternate Uses of TLS . . . . . . . . . . . . . . . . . . 56 | |||
| 8.10.1. TLS Without Authentication . . . . . . . . . . . . . 55 | 8.10.1. TLS Without Authentication . . . . . . . . . . . . . 56 | |||
| 8.10.2. Non-Certificate TLS Use . . . . . . . . . . . . . . 55 | 8.10.2. Non-Certificate TLS Use . . . . . . . . . . . . . . 56 | |||
| 8.11. Predictability of Transfer IDs . . . . . . . . . . . . . 55 | 8.11. Predictability of Transfer IDs . . . . . . . . . . . . . 56 | |||
| 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 56 | 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 57 | |||
| 9.1. Port Number . . . . . . . . . . . . . . . . . . . . . . . 56 | 9.1. Port Number . . . . . . . . . . . . . . . . . . . . . . . 57 | |||
| 9.2. Protocol Versions . . . . . . . . . . . . . . . . . . . . 56 | 9.2. Protocol Versions . . . . . . . . . . . . . . . . . . . . 57 | |||
| 9.3. Session Extension Types . . . . . . . . . . . . . . . . . 57 | 9.3. Session Extension Types . . . . . . . . . . . . . . . . . 58 | |||
| 9.4. Transfer Extension Types . . . . . . . . . . . . . . . . 58 | 9.4. Transfer Extension Types . . . . . . . . . . . . . . . . 59 | |||
| 9.5. Message Types . . . . . . . . . . . . . . . . . . . . . . 59 | 9.5. Message Types . . . . . . . . . . . . . . . . . . . . . . 60 | |||
| 9.6. XFER_REFUSE Reason Codes . . . . . . . . . . . . . . . . 60 | 9.6. XFER_REFUSE Reason Codes . . . . . . . . . . . . . . . . 61 | |||
| 9.7. SESS_TERM Reason Codes . . . . . . . . . . . . . . . . . 61 | 9.7. SESS_TERM Reason Codes . . . . . . . . . . . . . . . . . 62 | |||
| 9.8. MSG_REJECT Reason Codes . . . . . . . . . . . . . . . . . 62 | 9.8. MSG_REJECT Reason Codes . . . . . . . . . . . . . . . . . 63 | |||
| 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 63 | 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 64 | |||
| 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 63 | 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 64 | |||
| 11.1. Normative References . . . . . . . . . . . . . . . . . . 63 | 11.1. Normative References . . . . . . . . . . . . . . . . . . 64 | |||
| 11.2. Informative References . . . . . . . . . . . . . . . . . 65 | 11.2. Informative References . . . . . . . . . . . . . . . . . 66 | |||
| Appendix A. Significant changes from RFC7242 . . . . . . . . . . 66 | Appendix A. Significant changes from RFC7242 . . . . . . . . . . 67 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 68 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 69 | |||
| 1. Introduction | 1. Introduction | |||
| This document describes the TCP-based convergence-layer protocol for | This document describes the TCP-based convergence-layer protocol for | |||
| Delay-Tolerant Networking. Delay-Tolerant Networking is an end-to- | Delay-Tolerant Networking. Delay-Tolerant Networking is an end-to- | |||
| end architecture providing communications in and/or through highly | end architecture providing communications in and/or through highly | |||
| stressed environments, including those with intermittent | stressed environments, including those with intermittent | |||
| connectivity, long and/or variable delays, and high bit error rates. | connectivity, long and/or variable delays, and high bit error rates. | |||
| More detailed descriptions of the rationale and capabilities of these | More detailed descriptions of the rationale and capabilities of these | |||
| networks can be found in "Delay-Tolerant Network Architecture" | networks can be found in "Delay-Tolerant Network Architecture" | |||
| skipping to change at page 21, line 23 ¶ | skipping to change at page 21, line 23 ¶ | |||
| Many other policies can be established in a TCPCL network between the | Many other policies can be established in a TCPCL network between the | |||
| two extremes of single persistent sessions and only ephemeral | two extremes of single persistent sessions and only ephemeral | |||
| sessions. Different policies can be applied to each peer entity and | sessions. Different policies can be applied to each peer entity and | |||
| to each bundle as it needs to be transferred (e.g for quality of | to each bundle as it needs to be transferred (e.g for quality of | |||
| service). Additionally, future session extension types can apply | service). Additionally, future session extension types can apply | |||
| further nuance to session policies and policy negotiation. | further nuance to session policies and policy negotiation. | |||
| 3.6. Transfer Segmentation Policies | 3.6. Transfer Segmentation Policies | |||
| Each TCPCL session allows a negotiated transfer segmentation polcy to | Each TCPCL session allows a negotiated transfer segmentation policy | |||
| be applied in each transfer direction. A receiving node can set the | to be applied in each transfer direction. A receiving node can set | |||
| Segment MRU in its SESS_INIT message to determine the largest | the Segment MRU in its SESS_INIT message to determine the largest | |||
| acceptable segment size, and a transmitting node can segment a | acceptable segment size, and a transmitting node can segment a | |||
| transfer into any sizes smaller than the receiver's Segment MRU. It | transfer into any sizes smaller than the receiver's Segment MRU. It | |||
| is a network administration matter to determine an appropriate | is a network administration matter to determine an appropriate | |||
| segmentation policy for entities operating TCPCL, but guidance given | segmentation policy for entities operating TCPCL, but guidance given | |||
| here can be used to steer policy toward performance goals. It is | here can be used to steer policy toward performance goals. It is | |||
| also advised to consider the Segment MRU in relation to chunking/ | also advised to consider the Segment MRU in relation to chunking/ | |||
| packetization performed by TLS, TCP, and any intermediate network- | packetization performed by TLS, TCP, and any intermediate network- | |||
| layer nodes. | layer nodes. | |||
| Minimum Overhead: For a simple network expected to exchange | Minimum Overhead: For a simple network expected to exchange | |||
| skipping to change at page 25, line 15 ¶ | skipping to change at page 25, line 15 ¶ | |||
| 4.2. Contact Header | 4.2. Contact Header | |||
| This section describes the format of the Contact Header and the | This section describes the format of the Contact Header and the | |||
| meaning of its fields. | meaning of its fields. | |||
| If an entity is capable of exchanging messages according to TLS 1.3 | If an entity is capable of exchanging messages according to TLS 1.3 | |||
| [RFC8446] or any successors which are compatible with that TLS | [RFC8446] or any successors which are compatible with that TLS | |||
| ClientHello, the the CAN_TLS flag within its Contact Header SHALL be | ClientHello, the the CAN_TLS flag within its Contact Header SHALL be | |||
| set to 1. This behavior prefers the use of TLS when possible, even | set to 1. This behavior prefers the use of TLS when possible, even | |||
| if security policy does not allow or require authentication. This | if security policy does not allow or require authentication. This | |||
| follows the opportunistic security model of [RFC7435]. | follows the opportunistic security model of [RFC7435], though an | |||
| active attacker could interfere with the exchange in such cases. | ||||
| Upon receipt of the Contact Header, both entities perform the | Upon receipt of the Contact Header, both entities perform the | |||
| validation and negotiation procedures defined in Section 4.3. After | validation and negotiation procedures defined in Section 4.3. After | |||
| receiving the Contact Header from the other entity, either entity MAY | receiving the Contact Header from the other entity, either entity MAY | |||
| refuse the session by sending a SESS_TERM message with an appropriate | refuse the session by sending a SESS_TERM message with an appropriate | |||
| reason code. | reason code. | |||
| The format for the Contact Header is as follows: | The format for the Contact Header is as follows: | |||
| 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 | 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 | |||
| skipping to change at page 26, line 11 ¶ | skipping to change at page 26, line 11 ¶ | |||
| to the descriptions in Table 1. All reserved header flag bits | to the descriptions in Table 1. All reserved header flag bits | |||
| SHALL be set to 0 by the sender. All reserved header flag bits | SHALL be set to 0 by the sender. All reserved header flag bits | |||
| SHALL be ignored by the receiver. | SHALL be ignored by the receiver. | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| | Name | Code | Description | | | Name | Code | Description | | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| | CAN_TLS | 0x01 | If bit is set, indicates that the sending | | | CAN_TLS | 0x01 | If bit is set, indicates that the sending | | |||
| | | | peer is capable of TLS security. | | | | | peer is capable of TLS security. | | |||
| | | | | | | | | | | |||
| | Reserved | others | | | Reserved | others | | | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| Table 1: Contact Header Flags | Table 1: Contact Header Flags | |||
| 4.3. Contact Validation and Negotiation | 4.3. Contact Validation and Negotiation | |||
| Upon reception of the Contact Header, each node follows the following | Upon reception of the Contact Header, each node follows the following | |||
| procedures to ensure the validity of the TCPCL session and to | procedures to ensure the validity of the TCPCL session and to | |||
| negotiate values for the session parameters. | negotiate values for the session parameters. | |||
| skipping to change at page 28, line 28 ¶ | skipping to change at page 28, line 28 ¶ | |||
| defines a prioritized list of what a certificate can identify about a | defines a prioritized list of what a certificate can identify about a | |||
| TCPCL entity: | TCPCL entity: | |||
| Node ID: The ideal certificate identity is the Node ID of the entity | Node ID: The ideal certificate identity is the Node ID of the entity | |||
| using the NODE-ID definition below. When the Node ID is | using the NODE-ID definition below. When the Node ID is | |||
| identified, there is no need for any lower-level identification to | identified, there is no need for any lower-level identification to | |||
| take place. | take place. | |||
| DNS Name: If CA policy forbids a certificate to contain an arbitrary | DNS Name: If CA policy forbids a certificate to contain an arbitrary | |||
| NODE-ID but allows a DNS-ID to be identified then one or more | NODE-ID but allows a DNS-ID to be identified then one or more | |||
| stable host names can be identified in the certificate. The use | stable DNS names can be identified in the certificate. The use of | |||
| of wildcard DNS-ID is discouraged due to the complex rules for | wildcard DNS-ID is discouraged due to the complex rules for | |||
| matching and dependence on implementation support for wildcard | matching and dependence on implementation support for wildcard | |||
| matching (see Section 6.4.3 of [RFC6125]). | matching (see Section 6.4.3 of [RFC6125]). | |||
| Network Address: If no stable host name is available but a stable | Network Address: If no stable DNS name is available but a stable | |||
| network address is available and CA policy allows a certificate to | network address is available and CA policy allows a certificate to | |||
| contain a NETWORK-ID (as defined below) then one or more network | contain a IPADDR-ID (as defined below) then one or more network | |||
| addresses can be identified in the certificate. | addresses can be identified in the certificate. | |||
| When only a DNS-ID or NETWORK-ID can be identified by a certificate, | When only a DNS-ID or IPADDR-ID can be identified by a certificate, | |||
| it is implied that an entity which authenticates using that | it is implied that an entity which authenticates using that | |||
| certificate is trusted to provide a valid Node ID in its SESS_INIT; | certificate is trusted to provide a valid Node ID in its SESS_INIT; | |||
| the certificate itself does not actually authenticate that Node ID. | the certificate itself does not actually authenticate that Node ID. | |||
| The RECOMMENDED security policy of an entity is to validate a peer | The RECOMMENDED security policy of an entity is to validate a peer | |||
| which authenticates its Node ID regardless of an authenticated host | which authenticates its Node ID regardless of an authenticated DNS | |||
| name or address, and only consider the host/address authentication in | name or address, and only consider the host/address authentication in | |||
| the absence of an authenticated Node ID. | the absence of an authenticated Node ID. | |||
| This specification defines a NODE-ID of a certificate as being the | This specification defines a NODE-ID of a certificate as being the | |||
| subjectAltName entry of type uniformResourceIdentifier whose value is | subjectAltName entry of type uniformResourceIdentifier whose value is | |||
| a URI consistent with the requirements of [RFC3986] and the URI | a URI consistent with the requirements of [RFC3986] and the URI | |||
| schemes of the IANA "Bundle Protocol URI Scheme Type" registry. This | schemes of the IANA "Bundle Protocol URI Scheme Type" registry. This | |||
| is similar to the URI-ID of [RFC6125] but does not require any | is similar to the URI-ID of [RFC6125] but does not require any | |||
| structure to the scheme-specific-part of the URI. Unless specified | structure to the scheme-specific-part of the URI. Unless specified | |||
| otherwise by the definition of the URI scheme being authenticated, | otherwise by the definition of the URI scheme being authenticated, | |||
| URI matching of a NODE-ID SHALL use the URI comparison logic of | URI matching of a NODE-ID SHALL use the URI comparison logic of | |||
| [RFC3986] and scheme-based normalization of those schemes specified | [RFC3986] and scheme-based normalization of those schemes specified | |||
| in [I-D.ietf-dtn-bpbis]. A URI scheme can refine this "exact match" | in [I-D.ietf-dtn-bpbis]. A URI scheme can refine this "exact match" | |||
| logic with rules about how Node IDs within that scheme are to be | logic with rules about how Node IDs within that scheme are to be | |||
| compared with the certificate-authenticated NODE-ID. | compared with the certificate-authenticated NODE-ID. | |||
| This specification defines a NETWORK-ID of a certificate as being the | This specification defines a IPADDR-ID of a certificate as being the | |||
| subjectAltName entry of type iPAddress whose value is encoded | subjectAltName entry of type iPAddress whose value is encoded | |||
| according to [RFC5280]. | according to [RFC5280]. | |||
| 4.4.2. TLS Handshake | 4.4.2. TLS Handshake | |||
| The use of TLS is negotiated using the Contact Header as described in | The use of TLS is negotiated using the Contact Header as described in | |||
| Section 4.3. After negotiating an Enable TLS parameter of true, and | Section 4.3. After negotiating an Enable TLS parameter of true, and | |||
| before any other TCPCL messages are sent within the session, the | before any other TCPCL messages are sent within the session, the | |||
| session entities SHALL begin a TLS handshake in accordance with | session entities SHALL begin a TLS handshake in accordance with | |||
| [RFC8446]. By convention, this protocol uses the entity which | [RFC8446]. By convention, this protocol uses the entity which | |||
| skipping to change at page 29, line 37 ¶ | skipping to change at page 29, line 37 ¶ | |||
| The TLS handshake, if it occurs, is considered to be part of the | The TLS handshake, if it occurs, is considered to be part of the | |||
| contact negotiation before the TCPCL session itself is established. | contact negotiation before the TCPCL session itself is established. | |||
| Specifics about sensitive data exposure are discussed in Section 8. | Specifics about sensitive data exposure are discussed in Section 8. | |||
| The parameters within each TLS negotiation are implementation | The parameters within each TLS negotiation are implementation | |||
| dependent but any TCPCL node SHALL follow all recommended practices | dependent but any TCPCL node SHALL follow all recommended practices | |||
| of BCP 195 [RFC7525], or any updates or successors that become part | of BCP 195 [RFC7525], or any updates or successors that become part | |||
| of BCP 195. Within each TLS handshake, the following requirements | of BCP 195. Within each TLS handshake, the following requirements | |||
| apply (using the rough order in which they occur): | apply (using the rough order in which they occur): | |||
| Client Hello: When a resolved host name was used to establish the | Client Hello: When a resolved DNS name was used to establish the TCP | |||
| TCP connection, the TLS ClientHello SHOULD include a Server Name | connection, the TLS ClientHello SHOULD include a Server Name | |||
| Indication (SNI) in accordance with [RFC6066] containing that host | Indication (SNI) in accordance with [RFC6066]. When present, the | |||
| name (of the passive entity) which was resolved. Note: The SNI | "server_name" extension SHALL contain a "HostName" value taken | |||
| text is the network-layer name for the passive entity, which is | from the DNS name (of the passive entity) which was resolved. | |||
| not the Node ID of that entity. | Note: The 'HostName in the "server_name" extension is the network | |||
| name for the passive entity, not the Node ID of that entity. | ||||
| Server Certificate: The passive entity SHALL supply a certificate | Server Certificate: The passive entity SHALL supply a certificate | |||
| within the TLS handshake to allow authentication of its side of | within the TLS handshake to allow authentication of its side of | |||
| the session. Unless prohibited by CA policy, the passive entity | the session. Unless prohibited by CA policy, the passive entity | |||
| certificate SHALL contain a NODE-ID which authenticates the Node | certificate SHALL contain a NODE-ID which authenticates the Node | |||
| ID of the peer. When assigned a stable host name, the passive | ID of the peer. When assigned a stable DNS name, the passive | |||
| entity certificate SHOULD contain a DNS-ID which authenticates | entity certificate SHOULD contain a DNS-ID which authenticates | |||
| that (fully qualified) name. When assigned a stable network | that (fully qualified) name. When assigned a stable network | |||
| address, the passive entity certificate MAY contain a NETWORK-ID | address, the passive entity certificate MAY contain a IPADDR-ID | |||
| which authenticates that address. The passive entity MAY use the | which authenticates that address. The passive entity MAY use the | |||
| SNI host name to choose an appropriate server-side certificate | SNI DNS name to choose an appropriate server-side certificate | |||
| which authenticates that host name. | which authenticates that DNS name. | |||
| Certificate Request: During TLS handshake, the passive entity SHALL | Certificate Request: During TLS handshake, the passive entity SHALL | |||
| request a client-side certificate. | request a client-side certificate. | |||
| Client Certificate: The active entity SHALL supply a certificate | Client Certificate: The active entity SHALL supply a certificate | |||
| chain within the TLS handshake to allow authentication of its side | chain within the TLS handshake to allow authentication of its side | |||
| of the session. Unless prohibited by CA policy, the active entity | of the session. Unless prohibited by CA policy, the active entity | |||
| certificate SHALL contain a NODE-ID which authenticates the Node | certificate SHALL contain a NODE-ID which authenticates the Node | |||
| ID of the peer. When assigned a stable host name, the active | ID of the peer. When assigned a stable DNS name, the active | |||
| entity certificate SHOULD contain a DNS-ID which authenticates | entity certificate SHOULD contain a DNS-ID which authenticates | |||
| that (fully qualified) name. When assigned a stable network | that (fully qualified) name. When assigned a stable network | |||
| address, the active entity certificate MAY contain a NETWORK-ID | address, the active entity certificate MAY contain a IPADDR-ID | |||
| which authenticates that address. | which authenticates that address. | |||
| All certificates supplied during TLS handshake SHALL conform to | All certificates supplied during TLS handshake SHALL conform to | |||
| [RFC5280], or any updates or successors to that profile. When a | [RFC5280], or any updates or successors to that profile. When a | |||
| certificate is supplied during TLS handshake, the full certification | certificate is supplied during TLS handshake, the full certification | |||
| chain SHOULD be included unless security policy indicates that is | chain SHOULD be included unless security policy indicates that is | |||
| unnecessary. | unnecessary. | |||
| If a TLS handshake cannot negotiate a TLS connection, both entities | If a TLS handshake cannot negotiate a TLS connection, both entities | |||
| of the TCPCL session SHALL close the TCP connection. At this point | of the TCPCL session SHALL close the TCP connection. At this point | |||
| the TCPCL session has not yet been established so there is no TCPCL | the TCPCL session has not yet been established so there is no TCPCL | |||
| session to terminate. | session to terminate. | |||
| After a TLS connection is successfully established, the active entity | After a TLS connection is successfully established, the active entity | |||
| SHALL send a SESS_INIT message to begin session negotiation. This | SHALL send a SESS_INIT message to begin session negotiation. This | |||
| session negotiation and all subsequent messaging are secured. | session negotiation and all subsequent messaging are secured. | |||
| 4.4.3. TLS Authentication | 4.4.3. TLS Authentication | |||
| Using PKIX certificates exchanged during the TLS handshake, each of | Using PKIX certificates exchanged during the TLS handshake, each of | |||
| the entities can attempt to authenticate its peer Node ID directly or | the entities can authenticate a peer Node ID directly or authenticate | |||
| authenticate the peer host name or network address. The Node ID | the peer DNS name or network address. The logic for attempting | |||
| exchanged in the Session Initialization is likely to be used by the | authentication is separate from the logic for handling the result of | |||
| BP agent for making transfer and routing decisions, so attempting | authentication, which is based on local security policy. | |||
| Node ID validation is required while attempting host name validation | ||||
| is optional. The logic for attempting validation is separate from | ||||
| the logic for handling the result of validation, which is based on | ||||
| local security policy. | ||||
| By using the SNI host name (see Section 4.4.2) a single passive | By using the SNI DNS name (see Section 4.4.2) a single passive entity | |||
| entity can act as a convergence layer for multiple BP agents with | can act as a convergence layer for multiple BP agents with distinct | |||
| distinct Node IDs. When this "virtual host" behavior is used, the | Node IDs. When this "virtual host" behavior is used, the DNS name is | |||
| host name is used as the indication of which BP Node the active | used as the indication of which BP Node the active entity is | |||
| entity is attempting to communicate with. A virtual host CL entity | attempting to communicate with. A virtual host CL entity can be | |||
| can be authenticated by a certificate containing all of the host | authenticated by a certificate containing all of the DNS names and/or | |||
| names and/or Node IDs being hosted or by several certificates each | Node IDs being hosted or by several certificates each authenticating | |||
| authenticating a single host name and/or Node ID, using the SNI value | a single DNS name and/or Node ID, using the SNI value from the peer | |||
| from the peer to select which certificate to use. | to select which certificate to use. | |||
| Any certificate received during TLS handshake SHALL be validated up | Any certificate received during TLS handshake SHALL be validated up | |||
| to one or more trusted CA certificates. If certificate validation | to one or more trusted CA certificates. If certificate validation | |||
| fails or if security policy disallows a certificate for any reason, | fails or if security policy disallows a certificate for any reason, | |||
| the entity SHALL terminate the session (with a reason code of | the entity SHALL terminate the session (with a reason code of | |||
| "Contact Failure"). | "Contact Failure"). | |||
| The result of authenticating a peer value against a certificate claim | ||||
| is one of: | ||||
| Absent: Indicating that the claim type is not present in the | ||||
| certificate and cannot be authenticated. | ||||
| Success: Indicating the claim type is present and matches the peer | ||||
| (Node ID / DNS name / address) value. | ||||
| Failure: Indicating the claim type is present but did not match the | ||||
| peer value. | ||||
| Either during or immediately after the TLS handshake, the active | Either during or immediately after the TLS handshake, the active | |||
| entity SHALL attempt to authenticate the host name (of the passive | entity SHALL authenticate the DNS name (of the passive entity) used | |||
| entity) used to initiate the TCP connection using any DNS-ID of the | to initiate the TCP connection using any DNS-ID of the peer | |||
| peer certificate. If host name validation fails (including failure | certificate. If the DNS name authentication result is Failure or if | |||
| because the certificate does not contain any DNS-ID) and security | the result is Absent and security policy requires an authenticated | |||
| policy disallows an unauthenticated host, the entity SHALL terminate | DNS name, the entity SHALL terminate the session (with a reason code | |||
| the session (with a reason code of "Contact Failure"). | of "Contact Failure"). | |||
| Either during or immediately after the TLS handshake, the active | Either during or immediately after the TLS handshake, the active | |||
| entity SHALL attempt to authenticate the IP address of the other side | entity SHALL authenticate the IP address of the other side of the TCP | |||
| of the TCP connection using any NETWORK-ID of the peer certificate. | connection using any IPADDR-ID of the peer certificate. Either | |||
| Either during or immediately after the TLS handshake, the passive | during or immediately after the TLS handshake, the passive entity | |||
| entity SHALL attempt to authenticate the IP address of the other side | SHALL authenticate the IP address of the other side of the TCP | |||
| of the TCP connection using any NETWORK-ID of the peer certificate. | connection using any IPADDR-ID of the peer certificate. If the | |||
| If host address validation fails (including failure because the | address authentication result is Failure or if the result is Absent | |||
| certificate does not contain any NETWORK-ID) and security policy | and security policy requires an authenticated network address, the | |||
| disallows an unauthenticated host, the entity SHALL terminate the | entity SHALL terminate the session (with a reason code of "Contact | |||
| session (with a reason code of "Contact Failure"). | Failure"). | |||
| Immediately before Session Parameter Negotiation, each side of the | Immediately before Session Parameter Negotiation, each side of the | |||
| session SHALL perform Node ID validation of its peer as described | session SHALL authenticate the Node ID of the peer's SESS_INIT | |||
| below. Node ID validation SHALL succeed if the associated | message using any NODE-ID of the peer certificate. If the Node ID | |||
| certificate includes a NODE-ID whose value matches the Node ID of the | authentication result is Failure or if the result is Absent and | |||
| TCPCL entity. If Node ID validation fails (including failure because | security policy requires an authenticated Node ID, the entity SHALL | |||
| the certificate does not contain any NODE-ID) and security policy | terminate the session (with a reason code of "Contact Failure"). | |||
| disallows an unauthenticated Node ID, the entity SHALL terminate the | ||||
| session (with a reason code of "Contact Failure"). | ||||
| 4.4.4. Example TLS Initiation | 4.4.4. Example TLS Initiation | |||
| A summary of a typical TLS use is shown in the sequence in Figure 17 | A summary of a typical TLS use is shown in the sequence in Figure 17 | |||
| below. In this example the active peer terminates the session but | below. In this example the active peer terminates the session but | |||
| termination can be initiated from either peer. | termination can be initiated from either peer. | |||
| Entity A Entity B | Entity A Entity B | |||
| active peer passive peer | active peer passive peer | |||
| skipping to change at page 32, line 22 ¶ | skipping to change at page 32, line 28 ¶ | |||
| +-------------------------+ | +-------------------------+ | |||
| | Contact Header | -> +-------------------------+ | | Contact Header | -> +-------------------------+ | |||
| +-------------------------+ <- | Contact Header | | +-------------------------+ <- | Contact Header | | |||
| +-------------------------+ | +-------------------------+ | |||
| +-------------------------+ +-------------------------+ | +-------------------------+ +-------------------------+ | |||
| | TLS Negotiation | -> <- | TLS Negotiation | | | TLS Negotiation | -> <- | TLS Negotiation | | |||
| | (as client) | | (as server) | | | (as client) | | (as server) | | |||
| +-------------------------+ +-------------------------+ | +-------------------------+ +-------------------------+ | |||
| Host name validation occurs. | DNS name validation occurs. | |||
| Secured TCPCL messaging can begin. | Secured TCPCL messaging can begin. | |||
| +-------------------------+ | +-------------------------+ | |||
| | SESS_INIT | -> +-------------------------+ | | SESS_INIT | -> +-------------------------+ | |||
| +-------------------------+ <- | SESS_INIT | | +-------------------------+ <- | SESS_INIT | | |||
| +-------------------------+ | +-------------------------+ | |||
| Node ID validation occurs. | Node ID validation occurs. | |||
| Session is established, transfers can begin. | Session is established, transfers can begin. | |||
| skipping to change at page 33, line 20 ¶ | skipping to change at page 34, line 8 ¶ | |||
| Figure 18: Format of the Message Header | Figure 18: Format of the Message Header | |||
| The message header fields are as follows: | The message header fields are as follows: | |||
| Message Type: Indicates the type of the message as per Table 2 | Message Type: Indicates the type of the message as per Table 2 | |||
| below. Encoded values are listed in Section 9.5. | below. Encoded values are listed in Section 9.5. | |||
| +--------------+------+---------------------------------------------+ | +--------------+------+---------------------------------------------+ | |||
| | Name | Code | Description | | | Name | Code | Description | | |||
| +--------------+------+---------------------------------------------+ | +--------------+------+---------------------------------------------+ | |||
| | SESS_INIT | 0x07 | Contains the session parameter | | | SESS_INIT | 0x07 | Contains the session parameter inputs from | | |||
| | | | inputs from one of the entities, | | | | | one of the entities, as described in | | |||
| | | | as described in Section 4.6. | | | | | Section 4.6. | | |||
| | | | | | | | | | | |||
| | SESS_TERM | 0x05 | Indicates that one of the | | | SESS_TERM | 0x05 | Indicates that one of the entities | | |||
| | | | entities participating in the session | | | | | participating in the session wishes to | | |||
| | | | wishes to cleanly terminate the session, as | | | | | cleanly terminate the session, as described | | |||
| | | | described in Section 6.1. | | | | | in Section 6.1. | | |||
| | | | | | | | | | | |||
| | XFER_SEGMENT | 0x01 | Indicates the transmission of | | | XFER_SEGMENT | 0x01 | Indicates the transmission of a segment of | | |||
| | | | a segment of bundle data, as described in | | | | | bundle data, as described in Section 5.2.2. | | |||
| | | | Section 5.2.2. | | ||||
| | | | | | | | | | | |||
| | XFER_ACK | 0x02 | Acknowledges reception of a | | | XFER_ACK | 0x02 | Acknowledges reception of a data segment, | | |||
| | | | data segment, as described in | | | | | as described in Section 5.2.3. | | |||
| | | | Section 5.2.3. | | ||||
| | | | | | | | | | | |||
| | XFER_REFUSE | 0x03 | Indicates that the | | | XFER_REFUSE | 0x03 | Indicates that the transmission of the | | |||
| | | | transmission of the current bundle SHALL be | | | | | current bundle SHALL be stopped, as | | |||
| | | | stopped, as described in | | | | | described in Section 5.2.4. | | |||
| | | | Section 5.2.4. | | ||||
| | | | | | | | | | | |||
| | KEEPALIVE | 0x04 | Used to keep TCPCL session | | | KEEPALIVE | 0x04 | Used to keep TCPCL session active, as | | |||
| | | | active, as described in | | | | | described in Section 5.1.1. | | |||
| | | | Section 5.1.1. | | ||||
| | | | | | | | | | | |||
| | MSG_REJECT | 0x06 | Contains a TCPCL message | | | MSG_REJECT | 0x06 | Contains a TCPCL message rejection, as | | |||
| | | | rejection, as described in | | | | | described in Section 5.1.2. | | |||
| | | | Section 5.1.2. | | ||||
| +--------------+------+---------------------------------------------+ | +--------------+------+---------------------------------------------+ | |||
| Table 2: TCPCL Message Types | Table 2: TCPCL Message Types | |||
| 4.6. Session Initialization Message (SESS_INIT) | 4.6. Session Initialization Message (SESS_INIT) | |||
| Before a session is established and ready to transfer bundles, the | Before a session is established and ready to transfer bundles, the | |||
| session parameters are negotiated between the connected entities. | session parameters are negotiated between the connected entities. | |||
| The SESS_INIT message is used to convey the per-entity parameters | The SESS_INIT message is used to convey the per-entity parameters | |||
| which are used together to negotiate the per-session parameters as | which are used together to negotiate the per-session parameters as | |||
| skipping to change at page 34, line 40 ¶ | skipping to change at page 35, line 30 ¶ | |||
| +-----------------------------+ | +-----------------------------+ | |||
| | Session Extension | | | Session Extension | | |||
| | Items (var.) | | | Items (var.) | | |||
| +-----------------------------+ | +-----------------------------+ | |||
| Figure 19: SESS_INIT Format | Figure 19: SESS_INIT Format | |||
| The fields of the SESS_INIT message are: | The fields of the SESS_INIT message are: | |||
| Keepalive Interval: A 16-bit unsigned integer indicating the minimum | Keepalive Interval: A 16-bit unsigned integer indicating the minimum | |||
| interval, in seconds, to negotiate the Session Keepalive using the | interval, in seconds, to negotiate as the Session Keepalive using | |||
| method of Section 4.7. | the method of Section 4.7. | |||
| Segment MRU: A 64-bit unsigned integer indicating the largest | Segment MRU: A 64-bit unsigned integer indicating the largest | |||
| allowable single-segment data payload size to be received in this | allowable single-segment data payload size to be received in this | |||
| session. Any XFER_SEGMENT sent to this peer SHALL have a data | session. Any XFER_SEGMENT sent to this peer SHALL have a data | |||
| payload no longer than the peer's Segment MRU. The two entities | payload no longer than the peer's Segment MRU. The two entities | |||
| of a single session MAY have different Segment MRUs, and no | of a single session MAY have different Segment MRUs, and no | |||
| relation between the two is required. | relation between the two is required. | |||
| Transfer MRU: A 64-bit unsigned integer indicating the largest | Transfer MRU: A 64-bit unsigned integer indicating the largest | |||
| allowable total-bundle data size to be received in this session. | allowable total-bundle data size to be received in this session. | |||
| skipping to change at page 35, line 37 ¶ | skipping to change at page 36, line 27 ¶ | |||
| Extension Item is within a consistent data container as described | Extension Item is within a consistent data container as described | |||
| in Section 4.8. The full set of Session Extension Items apply for | in Section 4.8. The full set of Session Extension Items apply for | |||
| the duration of the TCPCL session to follow. The order and | the duration of the TCPCL session to follow. The order and | |||
| multiplicity of these Session Extension Items is significant, as | multiplicity of these Session Extension Items is significant, as | |||
| defined in the associated type specification(s). If the content | defined in the associated type specification(s). If the content | |||
| of the Session Extension Items data disagrees with the Session | of the Session Extension Items data disagrees with the Session | |||
| Extension Length (e.g., the last Item claims to use more octets | Extension Length (e.g., the last Item claims to use more octets | |||
| than are present in the Session Extension Length), the reception | than are present in the Session Extension Length), the reception | |||
| of the SESS_INIT is considered to have failed. | of the SESS_INIT is considered to have failed. | |||
| When the active entity initiates a TCPCL session, it is likely based | ||||
| on routing information which binds a Node ID to CL parameters. If | ||||
| the active entity receives a SESS_INIT with different Node ID than | ||||
| was intended for the TCPCL session, the session MAY be allowed to be | ||||
| established. If allowed, such a session SHALL be associated with the | ||||
| Node ID provided in the SESS_INIT message rather than any intended | ||||
| value. | ||||
| 4.7. Session Parameter Negotiation | 4.7. Session Parameter Negotiation | |||
| An entity calculates the parameters for a TCPCL session by | An entity calculates the parameters for a TCPCL session by | |||
| negotiating the values from its own preferences (conveyed by the | negotiating the values from its own preferences (conveyed by the | |||
| SESS_INIT it sent to the peer) with the preferences of the peer node | SESS_INIT it sent to the peer) with the preferences of the peer node | |||
| (expressed in the SESS_INIT that it received from the peer). The | (expressed in the SESS_INIT that it received from the peer). The | |||
| negotiated parameters defined by this specification are described in | negotiated parameters defined by this specification are described in | |||
| the following paragraphs. | the following paragraphs. | |||
| Transfer MTU and Segment MTU: The maximum transmit unit (MTU) for | Transfer MTU and Segment MTU: The maximum transmit unit (MTU) for | |||
| whole transfers and individual segments are identical to the | whole transfers and individual segments are identical to the | |||
| Transfer MRU and Segment MRU, respectively, of the received | Transfer MRU and Segment MRU, respectively, of the received | |||
| Contact Header. A transmitting peer can send individual segments | SESS_INIT message. A transmitting peer can send individual | |||
| with any size smaller than the Segment MTU, depending on local | segments with any size smaller than the Segment MTU, depending on | |||
| policy, dynamic network conditions, etc. Determining the size of | local policy, dynamic network conditions, etc. Determining the | |||
| each transmitted segment is an implementation matter. If either | size of each transmitted segment is an implementation matter. If | |||
| the Transfer MRU or Segment MRU is unacceptable, the entity SHALL | either the Transfer MRU or Segment MRU is unacceptable, the entity | |||
| terminate the session with a reason code of "Contact Failure". | SHALL terminate the session with a reason code of "Contact | |||
| Failure". | ||||
| Session Keepalive: Negotiation of the Session Keepalive parameter is | Session Keepalive: Negotiation of the Session Keepalive parameter is | |||
| performed by taking the minimum of the two Contact Headers' | performed by taking the minimum of the two Keepalive Interval | |||
| Keepalive Interval values. The Session Keepalive interval is a | values from the two SESS_INIT messages. The Session Keepalive | |||
| parameter for the behavior described in Section 5.1.1. If the | interval is a parameter for the behavior described in | |||
| Session Keepalive interval is unacceptable, the entity SHALL | Section 5.1.1. If the Session Keepalive interval is unacceptable, | |||
| terminate the session with a reason code of "Contact Failure". | the entity SHALL terminate the session with a reason code of | |||
| Note: a negotiated Session Keepalive of zero indicates that | "Contact Failure". Note: a negotiated Session Keepalive of zero | |||
| KEEPALIVEs are disabled. | indicates that KEEPALIVEs are disabled. | |||
| Once this process of parameter negotiation is completed (which | Once this process of parameter negotiation is completed (which | |||
| includes a possible completed TLS handshake of the connection to use | includes a possible completed TLS handshake of the connection to use | |||
| TLS), this protocol defines no additional mechanism to change the | TLS), this protocol defines no additional mechanism to change the | |||
| parameters of an established session; to effect such a change, the | parameters of an established session; to effect such a change, the | |||
| TCPCL session MUST be terminated and a new session established. | TCPCL session MUST be terminated and a new session established. | |||
| 4.8. Session Extension Items | 4.8. Session Extension Items | |||
| Each of the Session Extension Items SHALL be encoded in an identical | Each of the Session Extension Items SHALL be encoded in an identical | |||
| skipping to change at page 37, line 23 ¶ | skipping to change at page 38, line 23 ¶ | |||
| +---------------+---------------+---------------+---------------+ | +---------------+---------------+---------------+---------------+ | |||
| Figure 20: Session Extension Item Format | Figure 20: Session Extension Item Format | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| | Name | Code | Description | | | Name | Code | Description | | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| | CRITICAL | 0x01 | If bit is set, indicates that the receiving | | | CRITICAL | 0x01 | If bit is set, indicates that the receiving | | |||
| | | | peer must handle the extension item. | | | | | peer must handle the extension item. | | |||
| | | | | | | | | | | |||
| | Reserved | others | | | Reserved | others | | | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| Table 3: Session Extension Item Flags | Table 3: Session Extension Item Flags | |||
| 5. Established Session Operation | 5. Established Session Operation | |||
| This section describes the protocol operation for the duration of an | This section describes the protocol operation for the duration of an | |||
| established session, including the mechanism for transmitting bundles | established session, including the mechanism for transmitting bundles | |||
| over the session. | over the session. | |||
| skipping to change at page 42, line 19 ¶ | skipping to change at page 43, line 19 ¶ | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| | Name | Code | Description | | | Name | Code | Description | | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| | END | 0x01 | If bit is set, indicates that this is the | | | END | 0x01 | If bit is set, indicates that this is the | | |||
| | | | last segment of the transfer. | | | | | last segment of the transfer. | | |||
| | | | | | | | | | | |||
| | START | 0x02 | If bit is set, indicates that this is the | | | START | 0x02 | If bit is set, indicates that this is the | | |||
| | | | first segment of the transfer. | | | | | first segment of the transfer. | | |||
| | | | | | | | | | | |||
| | Reserved | others | | | Reserved | others | | | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| Table 5: XFER_SEGMENT Flags | Table 5: XFER_SEGMENT Flags | |||
| The flags portion of the message contains two flag values in the two | The flags portion of the message contains two flag values in the two | |||
| low-order bits, denoted 'START' and 'END' in Table 5. The 'START' | low-order bits, denoted 'START' and 'END' in Table 5. The 'START' | |||
| flag SHALL be set to 1 when transmitting the first segment of a | flag SHALL be set to 1 when transmitting the first segment of a | |||
| transfer. The 'END' flag SHALL be set to 1 when transmitting the | transfer. The 'END' flag SHALL be set to 1 when transmitting the | |||
| last segment of a transfer. In the case where an entire transfer is | last segment of a transfer. In the case where an entire transfer is | |||
| accomplished in a single segment, both the 'START' and 'END' flags | accomplished in a single segment, both the 'START' and 'END' flags | |||
| skipping to change at page 47, line 11 ¶ | skipping to change at page 48, line 11 ¶ | |||
| +---------------+---------------+---------------+---------------+ | +---------------+---------------+---------------+---------------+ | |||
| Figure 25: Transfer Extension Item Format | Figure 25: Transfer Extension Item Format | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| | Name | Code | Description | | | Name | Code | Description | | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| | CRITICAL | 0x01 | If bit is set, indicates that the receiving | | | CRITICAL | 0x01 | If bit is set, indicates that the receiving | | |||
| | | | peer must handle the extension item. | | | | | peer must handle the extension item. | | |||
| | | | | | | | | | | |||
| | Reserved | others | | | Reserved | others | | | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| Table 7: Transfer Extension Item Flags | Table 7: Transfer Extension Item Flags | |||
| 5.2.5.1. Transfer Length Extension | 5.2.5.1. Transfer Length Extension | |||
| The purpose of the Transfer Length extension is to allow entities to | The purpose of the Transfer Length extension is to allow entities to | |||
| preemptively refuse bundles that would exceed their resources or to | preemptively refuse bundles that would exceed their resources or to | |||
| prepare storage on the receiving node for the upcoming bundle data. | prepare storage on the receiving node for the upcoming bundle data. | |||
| skipping to change at page 49, line 38 ¶ | skipping to change at page 50, line 38 ¶ | |||
| Reason Code: A one-octet refusal reason code interpreted according | Reason Code: A one-octet refusal reason code interpreted according | |||
| to the descriptions in Table 9. | to the descriptions in Table 9. | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| | Name | Code | Description | | | Name | Code | Description | | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| | REPLY | 0x01 | If bit is set, indicates that this message is | | | REPLY | 0x01 | If bit is set, indicates that this message is | | |||
| | | | an acknowledgement of an earlier SESS_TERM | | | | | an acknowledgement of an earlier SESS_TERM | | |||
| | | | message. | | | | | message. | | |||
| | | | | | | | | | | |||
| | Reserved | others | | | Reserved | others | | | |||
| +----------+--------+-----------------------------------------------+ | +----------+--------+-----------------------------------------------+ | |||
| Table 8: SESS_TERM Flags | Table 8: SESS_TERM Flags | |||
| +--------------+------+---------------------------------------------+ | +--------------+------+---------------------------------------------+ | |||
| | Name | Code | Description | | | Name | Code | Description | | |||
| +--------------+------+---------------------------------------------+ | +--------------+------+---------------------------------------------+ | |||
| | Unknown | 0x00 | A termination reason is not available. | | | Unknown | 0x00 | A termination reason is not available. | | |||
| | | | | | | | | | | |||
| | Idle timeout | 0x01 | The session is being closed due to | | | Idle timeout | 0x01 | The session is being closed due to | | |||
| skipping to change at page 53, line 39 ¶ | skipping to change at page 54, line 39 ¶ | |||
| used by the CA. The configuration and use of particular certificate | used by the CA. The configuration and use of particular certificate | |||
| validation methods are outside of the scope of this document. | validation methods are outside of the scope of this document. | |||
| 8.7. Threat: Symmetric Key Limits | 8.7. Threat: Symmetric Key Limits | |||
| Even with a secure block cipher and securely-established session | Even with a secure block cipher and securely-established session | |||
| keys, there are limits to the amount of plaintext which can be safely | keys, there are limits to the amount of plaintext which can be safely | |||
| encrypted with a given set of keys as described in [AEAD-LIMITS]. | encrypted with a given set of keys as described in [AEAD-LIMITS]. | |||
| When permitted by the negotiated TLS version (see [RFC8446]), it is | When permitted by the negotiated TLS version (see [RFC8446]), it is | |||
| advisable to take advantage of session key updates to avoid those | advisable to take advantage of session key updates to avoid those | |||
| limits. When key updates are not possible, renegotiation of the TLS | limits. | |||
| connection or establishing new TCPCL/TLS session are alternatives to | ||||
| limit session key use. | ||||
| 8.8. Threat: BP Node Impersonation | 8.8. Threat: BP Node Impersonation | |||
| The certificates exchanged by TLS enable authentication of peer host | The certificates exchanged by TLS enable authentication of peer DNS | |||
| name and Node ID, but it is possible that a peer either not provide a | name and Node ID, but it is possible that a peer either not provide a | |||
| valid certificate or that the certificate does not validate either | valid certificate or that the certificate does not validate either | |||
| the host name or Node ID of the peer (see Section 3.4). Having a CA- | the DNS name or Node ID of the peer (see Section 3.4). Having a CA- | |||
| validated certificate does not alone guarantee the identity of the | validated certificate does not alone guarantee the identity of the | |||
| network host or BP node from which the certificate is provided; | network host or BP node from which the certificate is provided; | |||
| additional validation procedures in Section 4.4.2 bind the host name | additional validation procedures in Section 4.4.2 bind the DNS name | |||
| or node ID based on the contents of the certificate. | or node ID based on the contents of the certificate. | |||
| The host name validation is a weaker form of authentication, because | The DNS name validation is a weaker form of authentication, because | |||
| even if a peer is operating on an authenticated network host name it | even if a peer is operating on an authenticated network DNS name it | |||
| can provide an invalid Node ID and cause bundles to be "leaked" to an | can provide an invalid Node ID and cause bundles to be "leaked" to an | |||
| invalid node. Especially in DTN environments, network names and | invalid node. Especially in DTN environments, network names and | |||
| addresses of nodes can be time-variable so binding a certificate to a | addresses of nodes can be time-variable so binding a certificate to a | |||
| Node ID is a more stable identity. | Node ID is a more stable identity. | |||
| Node ID validation ensures that the peer to which a bundle is | Node ID validation ensures that the peer to which a bundle is | |||
| transferred is in fact the node which the BP Agent expects it to be. | transferred is in fact the node which the BP Agent expects it to be. | |||
| It is a reasonable policy to skip host name validation if | It is a reasonable policy to skip DNS name validation if certificates | |||
| certificates can be guaranteed to validate the peer's Node ID. In | can be guaranteed to validate the peer's Node ID. In circumstances | |||
| circumstances where certificates can only be issued to network host | where certificates can only be issued to DNS names, Node ID | |||
| names, Node ID validation is not possible but it could be reasonable | validation is not possible but it could be reasonable to assume that | |||
| to assume that a trusted host is not going to present an invalid Node | a trusted host is not going to present an invalid Node ID. | |||
| ID. Determining of when a host name authentication can be trusted to | Determining of when a DNS name authentication can be trusted to | |||
| validate a Node ID is also a policy matter outside the scope of this | validate a Node ID is also a policy matter outside the scope of this | |||
| document. | document. | |||
| 8.9. Threat: Denial of Service | 8.9. Threat: Denial of Service | |||
| The behaviors described in this section all amount to a potential | The behaviors described in this section all amount to a potential | |||
| denial-of-service to a TCPCL entity. The denial-of-service could be | denial-of-service to a TCPCL entity. The denial-of-service could be | |||
| limited to an individual TCPCL session, could affect other well- | limited to an individual TCPCL session, could affect other well- | |||
| behaving sessions on an entity, or could affect all sessions on a | behaving sessions on an entity, or could affect all sessions on a | |||
| host. | host. | |||
| skipping to change at page 55, line 30 ¶ | skipping to change at page 56, line 30 ¶ | |||
| specification, but are outside of the scope of this document. The | specification, but are outside of the scope of this document. The | |||
| following subsections give examples of alternate TLS uses. | following subsections give examples of alternate TLS uses. | |||
| 8.10.1. TLS Without Authentication | 8.10.1. TLS Without Authentication | |||
| In environments where PKI is available but there are restrictions on | In environments where PKI is available but there are restrictions on | |||
| the issuance of certificates (including the contents of | the issuance of certificates (including the contents of | |||
| certificates), it may be possible to make use of TLS in a way which | certificates), it may be possible to make use of TLS in a way which | |||
| authenticates only the passive entity of a TCPCL session or which | authenticates only the passive entity of a TCPCL session or which | |||
| does not authenticate either entity. Using TLS in a way which does | does not authenticate either entity. Using TLS in a way which does | |||
| not authenticate both peer entities of each TCPCL session is outside | not successfully authenticate some claim of both peer entities of a | |||
| of the scope of this document but does have similar properties to the | TCPCL session is outside of the scope of this document but does have | |||
| opportunistic security model of [RFC7435]. | similar properties to the opportunistic security model of [RFC7435]. | |||
| 8.10.2. Non-Certificate TLS Use | 8.10.2. Non-Certificate TLS Use | |||
| In environments where PKI is unavailable, alternate uses of TLS which | In environments where PKI is unavailable, alternate uses of TLS which | |||
| do not require certificates such as pre-shared key (PSK) | do not require certificates such as pre-shared key (PSK) | |||
| authentication [RFC5489] and the use of raw public keys [RFC7250] are | authentication [RFC5489] and the use of raw public keys [RFC7250] are | |||
| available and can be used to ensure confidentiality within TCPCL. | available and can be used to ensure confidentiality within TCPCL. | |||
| Using non-PKI node authentication methods is outside of the scope of | Using non-PKI node authentication methods is outside of the scope of | |||
| this document. | this document. | |||
| skipping to change at page 57, line 18 ¶ | skipping to change at page 58, line 18 ¶ | |||
| | 0 | Reserved | [RFC7242] | | | 0 | Reserved | [RFC7242] | | |||
| | | | | | | | | | | |||
| | 1 | Reserved | [RFC7242] | | | 1 | Reserved | [RFC7242] | | |||
| | | | | | | | | | | |||
| | 2 | Reserved | [RFC7242] | | | 2 | Reserved | [RFC7242] | | |||
| | | | | | | | | | | |||
| | 3 | TCPCL | [RFC7242] | | | 3 | TCPCL | [RFC7242] | | |||
| | | | | | | | | | | |||
| | 4 | TCPCLv4 | This specification. | | | 4 | TCPCLv4 | This specification. | | |||
| | | | | | | | | | | |||
| | 5-255 | Unassigned | | | 5-255 | Unassigned | | | |||
| +-------+-------------+-----------------------------------+ | +-------+-------------+-----------------------------------+ | |||
| 9.3. Session Extension Types | 9.3. Session Extension Types | |||
| EDITOR NOTE: sub-registry to-be-created upon publication of this | EDITOR NOTE: sub-registry to-be-created upon publication of this | |||
| specification. | specification. | |||
| IANA will create, under the "Bundle Protocol" registry [IANA-BUNDLE], | IANA will create, under the "Bundle Protocol" registry [IANA-BUNDLE], | |||
| a sub-registry titled "Bundle Protocol TCP Convergence-Layer Version | a sub-registry titled "Bundle Protocol TCP Convergence-Layer Version | |||
| 4 Session Extension Types" and initialize it with the contents of | 4 Session Extension Types" and initialize it with the contents of | |||
| skipping to change at page 63, line 34 ¶ | skipping to change at page 64, line 34 ¶ | |||
| This specification is based on comments on implementation of | This specification is based on comments on implementation of | |||
| [RFC7242] provided from Scott Burleigh. | [RFC7242] provided from Scott Burleigh. | |||
| 11. References | 11. References | |||
| 11.1. Normative References | 11.1. Normative References | |||
| [I-D.ietf-dtn-bpbis] | [I-D.ietf-dtn-bpbis] | |||
| Burleigh, S., Fall, K., and E. Birrane, "Bundle Protocol | Burleigh, S., Fall, K., and E. Birrane, "Bundle Protocol | |||
| Version 7", draft-ietf-dtn-bpbis-25 (work in progress), | Version 7", draft-ietf-dtn-bpbis-26 (work in progress), | |||
| May 2020. | July 2020. | |||
| [IANA-BUNDLE] | [IANA-BUNDLE] | |||
| IANA, "Bundle Protocol", | IANA, "Bundle Protocol", | |||
| <https://www.iana.org/assignments/bundle/>. | <https://www.iana.org/assignments/bundle/>. | |||
| [IANA-PORTS] | [IANA-PORTS] | |||
| IANA, "Service Name and Transport Protocol Port Number | IANA, "Service Name and Transport Protocol Port Number | |||
| Registry", <https://www.iana.org/assignments/service- | Registry", <https://www.iana.org/assignments/service- | |||
| names-port-numbers/>. | names-port-numbers/>. | |||
| skipping to change at page 65, line 26 ¶ | skipping to change at page 66, line 26 ¶ | |||
| [github-dtn-bpbis-tcpcl] | [github-dtn-bpbis-tcpcl] | |||
| Sipos, B., "TCPCL Example Implementation", | Sipos, B., "TCPCL Example Implementation", | |||
| <https://github.com/BSipos-RKF/dtn-bpbis-tcpcl/>. | <https://github.com/BSipos-RKF/dtn-bpbis-tcpcl/>. | |||
| [I-D.ietf-dtn-bibect] | [I-D.ietf-dtn-bibect] | |||
| Burleigh, S., "Bundle-in-Bundle Encapsulation", draft- | Burleigh, S., "Bundle-in-Bundle Encapsulation", draft- | |||
| ietf-dtn-bibect-03 (work in progress), February 2020. | ietf-dtn-bibect-03 (work in progress), February 2020. | |||
| [I-D.ietf-dtn-bpsec] | [I-D.ietf-dtn-bpsec] | |||
| Birrane, E. and K. McKeever, "Bundle Protocol Security | Birrane, E. and K. McKeever, "Bundle Protocol Security | |||
| Specification", draft-ietf-dtn-bpsec-22 (work in | Specification", draft-ietf-dtn-bpsec-23 (work in | |||
| progress), March 2020. | progress), October 2020. | |||
| [RFC2595] Newman, C., "Using TLS with IMAP, POP3 and ACAP", | [RFC2595] Newman, C., "Using TLS with IMAP, POP3 and ACAP", | |||
| RFC 2595, DOI 10.17487/RFC2595, June 1999, | RFC 2595, DOI 10.17487/RFC2595, June 1999, | |||
| <https://www.rfc-editor.org/info/rfc2595>. | <https://www.rfc-editor.org/info/rfc2595>. | |||
| [RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC | [RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC | |||
| Text on Security Considerations", BCP 72, RFC 3552, | Text on Security Considerations", BCP 72, RFC 3552, | |||
| DOI 10.17487/RFC3552, July 2003, | DOI 10.17487/RFC3552, July 2003, | |||
| <https://www.rfc-editor.org/info/rfc3552>. | <https://www.rfc-editor.org/info/rfc3552>. | |||
| End of changes. 53 change blocks. | ||||
| 179 lines changed or deleted | 189 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||