BPSEC Updates Edward Birrane Edward.Birrane@jhuapl.edu 443-778-7423.

Slides:



Advertisements
Similar presentations
MPTCP Application Considerations draft-scharf-mptcp-api-01 Michael Scharf Alan Ford IETF 77, March 2010.
Advertisements

E-Portfolio July2014 Managing Multi-source Feedback.
Request History – Solution Mary Barnes SIP WG Meeting IETF-57 draft-ietf-sip-history-info-00.txt.
Version 18 Upgrade: Web OPAC. Version 18 Upgrade: Web OPAC Customization 2 All of the information in this document is the property of Ex Libris Ltd. It.
Framework & Requirements for an Access Node Control Mechanism in Broadband Multi-Service Networks ANCP WG IETF 70 – Vancouver draft-ietf-ancp-framework-04.txt.
INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007.
1 Notification Rate Control draft-ietf-sipcore-event-rate-control th IETF,
0 NAT/Firewall NSLP IETF 62th – March 2005 draft-ietf-nsis-nslp-natfw-05.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
1 Possible Principles and Requirements Frederick Hirsch, Nokia 12 July 2008.
RADEXT WG IETF 91 Rechartering. Why? Current charter doesn’t allow us to take on new work that is waiting in the queue Has an anachronistic Diameter entanglement.
Design Guidelines Thursday July 26, 2007 Bernard Aboba IETF 69 Chicago, IL.
Lightweight Key Establishment & Management Protocol (KEMP) in Dynamic Sensor Networks Update draft-qiu-roll-kemp-01 Ying QIU, Jianying ZHOU, Feng BAO.
DTN Security Update Stephen Farrell, Trinity College Dublin Susan Symmington, The MITRE Corp. Howard Weiss, Sparta Inc. IETF-65 Dallas March 2006.
Draft-ietf-pce-stateful-pce-07 draft-crabbe-pce-pce-initated-lsp-03 Stateful PCE - update Ina Minei Ed Crabbe Jan Medved Robert Varga Siva Sivabalan.
Slide 1 November 2005, Vancouver, BCIETF DNSEXT 2929bis etc. Donald E. Eastlake 3 rd
Page 1 IETF DRINKS Working Group Data Model and Protocol Requirements for DRINKS IETF 72 - Thursday July Tom Creighton -
Globally Identifiable Number (GIN) Registration Adam Roach draft-martini-roach-gin-01 IETF 77 – Anaheim, CA, USA March 22, 2010.
Extensions to Path Computation Element Communication Protocol (PCEP) for Hierarchical Path Computation Elements (PCE) PCE WG, IETF 86th draft-zhang-pce-hierarchy-extensions-03.
ITU Liaison on T-MPLS Stewart Bryant
SIP wg Items Jonathan Rosenberg dynamicsoft Caller Preferences: Changes Discussion of Redirects –Previous draft only proxy –Nothing different for redirect.
IPv6 Node Information Queries Update Bob Hinden Vienna IETF.
“Streamlined” Bundle Security Protocol Edward Birrane
External Provider Control
Switchvox SMB 4.6 for your peace of mind
British Library Document Supply Service (BLDSS) API
Open issues with PANA Protocol
Asynchronous Mgmt Architecture (AMA) & Asynchronous Mgmt Protocol (AMP) Updates Edward Birrane
NASA AES DTN Status Keith Scott CCSDS Meetings, Spring 2016
GeorgiaFIRST Financials V9 Upgrade Web Conference November 21, 2014
Contract Compliance: Contract Terms Tool Overview
Updated SBSP draft-birrane-dtn-sbsp-01.txt Edward Birrane
Kumiko Ono End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-04 draft-ono-sipping-end2middle-security-03 Kumiko Ono.
Multiple Care-of Address Registration
draft-ietf-behave-nat-behavior-discovery-01
draft-ietf-iri-rfc4395bis-irireg
Non contiguous MHz mode for Europe, Japan and global
RADEXT WG RADIUS Attribute Guidelines draft-weber-radius-attr-guidelines-01.txt Greg Weber November 8th, 2005 v1 IETF-64, Vancouver.
DTN Bundle Protocol on the IETF Standards Track
Service Layer Dynamic Authorization [SLDA]
BPSEC Updates Edward Birrane
AMA Data Model Edward Birrane
Discussion on CID2199 Date: Authors: Jan 2014 Name Company
Working Group Re-charter Draft Charter Reference Materials
draft-ipdvb-sec-01.txt ULE Security Requirements
Working Group Draft for TCPCLv4
Updates to Draft Specification for DTN TCPCLv4
Evaluation of the saturation of the 5GHz band
Very simplified ESA ODF workflow
Multi-server Namespace in NFSv4.x Previous and Pending Updates
Recap At IETF 97 we presented the Voucher document for the first time as an ANIMA draft Bootstrapping Design team has met weekly since, about 50% discussion.
Working Group Draft for TCPCLv4
Non contiguous MHz mode for Europe, Japan and global
Non contiguous MHz mode for Europe, Japan and global
Discussion on CID2199 Date: Authors: Jan 2014 Name Company
Non contiguous MHz mode for Europe, Japan and global
Metadata Updates (for S / 4
Sally Floyd and Eddie Kohler draft-floyd-ccid4-01.txt July 2007
Recommended Draft Policy ARIN : Transfers for new entrants
draft-ietf-dtn-bpsec-06
Return Path in SFC OAM
IETF DTN Working Group July 17th, 2017 Chairs:
BPbis Draft Evaluation
Proposed DTN WG Charter Items
BPSec: AD Review Comments and Responses
WG Document Status Compiled By: Matt Hartley, Lou Berger, Vishnu Pavan Beeram IETF TEAS Working Group.
Working Group Draft for TCPCLv4
TCB Control Block Sharing: 2140bis draft-ietf-tcpm-2140bis-00
NETMOD Versioning Design Team Update
Interoperabilty Cipher Suites
Comparison of NMDA datastores draft-ietf-netmod-nmda-diff-02
Presentation transcript:

BPSEC Updates Edward Birrane Edward.Birrane@jhuapl.edu 443-778-7423

Overview Updates Additions TODO No significant issues or limitations defined to date with BPSec. Updates Editorial cleanup, particularly around multi-target blocks Moved to standards-track document Additions Added guidance on defining other security blocks (OSBs) TODO Updates as needed to track any impactful changes from Bpbis In particular, defer to CBOR encoding for BPbis. Updates references in security and policy considerations areas to include some additional IETF references.

Guidance on OSBs (1/2) MUST support unique identifies. Cannot re-use or override BPSec type codes, etc. MUST address how the OSB interacts with BPSec blocks. Can the OSB be the target of a BIB and/or a BCB? Can the OSB itself target BIBs and BCBs? MUST provide a canonicalization algorithm IF the OSB can be the target of a BIB or BCB May simply default to the standard extension block algorithm already supplied with BPSec. If supplied, a canonicalization algorithm must always be used.

Guidance on OSBs (2/2) MUST retain a deterministic processing order compatible with the BPSec processing order. An implementation receving a bundle containing BIBs, BCB, and the OSB should always process blocks Must not require behavior in conflict with BPSec. In particular with regard to security processing requirements. Must address fragmentation How to process bundles representing fragments. How to handle an OSB in a bundle that may no longer, due to fragmentation, contain its security target. Whether an OSB can be added to a bundle that is flagged as being a fragment.

TODO Planned changes: Open Questions (from last IETF) No more major planned changes. Some items identified already: MUST used instead of must in 2 places Section 3.7 needs to identify minimum parameter set and change wording to not apply to fragments. Remove Section 10 “Conformance” Will likely review encoding and security/policy considerations sections as we process feedback. Open Questions (from last IETF) Should BPSec provide an encoding? (NO. BP will do that) If yes, should the encoding be optional or mandatory? Does BPSec really need blocks transmitted in order? (NO) 5

What next? Currently have 3 expired drafts that need to be considered Security Best Practices https://tools.ietf.org/html/draft-birrane-dtn-sec-practices-00 Expired July 1st, 2016 Suite-B Profile for BPSec https://tools.ietf.org/html/draft-birrane-dtn-bpsec-suiteb-profile-00 Expired July 3rd, 2016 Suite-B Ciphersuites for BPSec https://tools.ietf.org/html/draft-birrane-dtn-bpsec-suiteb-ciphersuites-00 6

Thank you! Questions? 7

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.