Presentation is loading. Please wait.

Presentation is loading. Please wait.

BPSEC Updates Edward Birrane Edward.Birrane@jhuapl.edu 443-778-7423.

Published byStanley Stewart Modified over 5 years ago

Similar presentations

Presentation on theme: "BPSEC Updates Edward Birrane Edward.Birrane@jhuapl.edu 443-778-7423."— Presentation transcript:

1 BPSEC Updates Edward Birrane

2 Overview Updates Additions TODO
No significant issues or limitations defined to date with BPSec. Updates Editorial cleanup, particularly around multi-target blocks Moved to standards-track document Additions Added guidance on defining other security blocks (OSBs) TODO Updates as needed to track any impactful changes from Bpbis In particular, defer to CBOR encoding for BPbis. Updates references in security and policy considerations areas to include some additional IETF references.

3 Guidance on OSBs (1/2) MUST support unique identifies.
Cannot re-use or override BPSec type codes, etc. MUST address how the OSB interacts with BPSec blocks. Can the OSB be the target of a BIB and/or a BCB? Can the OSB itself target BIBs and BCBs? MUST provide a canonicalization algorithm IF the OSB can be the target of a BIB or BCB May simply default to the standard extension block algorithm already supplied with BPSec. If supplied, a canonicalization algorithm must always be used.

4 Guidance on OSBs (2/2) MUST retain a deterministic processing order compatible with the BPSec processing order. An implementation receving a bundle containing BIBs, BCB, and the OSB should always process blocks Must not require behavior in conflict with BPSec. In particular with regard to security processing requirements. Must address fragmentation How to process bundles representing fragments. How to handle an OSB in a bundle that may no longer, due to fragmentation, contain its security target. Whether an OSB can be added to a bundle that is flagged as being a fragment.

5 TODO Planned changes: Open Questions (from last IETF)
No more major planned changes. Some items identified already: MUST used instead of must in 2 places Section 3.7 needs to identify minimum parameter set and change wording to not apply to fragments. Remove Section 10 “Conformance” Will likely review encoding and security/policy considerations sections as we process feedback. Open Questions (from last IETF) Should BPSec provide an encoding? (NO. BP will do that) If yes, should the encoding be optional or mandatory? Does BPSec really need blocks transmitted in order? (NO) 5

6 What next? Currently have 3 expired drafts that need to be considered
Security Best Practices Expired July 1st, 2016 Suite-B Profile for BPSec Expired July 3rd, 2016 Suite-B Ciphersuites for BPSec 6

7 Thank you! Questions? 7

Download ppt "BPSEC Updates Edward Birrane Edward.Birrane@jhuapl.edu 443-778-7423."

Similar presentations

MPTCP Application Considerations draft-scharf-mptcp-api-01 Michael Scharf Alan Ford IETF 77, March 2010.

MPTCP Application Considerations draft-scharf-mptcp-api-01 Michael Scharf Alan Ford IETF 77, March 2010.
E-Portfolio July2014 Managing Multi-source Feedback.

E-Portfolio July2014 Managing Multi-source Feedback.
Request History – Solution Mary Barnes SIP WG Meeting IETF-57 draft-ietf-sip-history-info-00.txt.

Request History – Solution Mary Barnes SIP WG Meeting IETF-57 draft-ietf-sip-history-info-00.txt.
Version 18 Upgrade: Web OPAC. Version 18 Upgrade: Web OPAC Customization 2 All of the information in this document is the property of Ex Libris Ltd. It.

Version 18 Upgrade: Web OPAC. Version 18 Upgrade: Web OPAC Customization 2 All of the information in this document is the property of Ex Libris Ltd. It.
Framework & Requirements for an Access Node Control Mechanism in Broadband Multi-Service Networks ANCP WG IETF 70 – Vancouver draft-ietf-ancp-framework-04.txt.

Framework & Requirements for an Access Node Control Mechanism in Broadband Multi-Service Networks ANCP WG IETF 70 – Vancouver draft-ietf-ancp-framework-04.txt.
INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007.

INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007.
1 Notification Rate Control draft-ietf-sipcore-event-rate-control-04 78th IETF,

1 Notification Rate Control draft-ietf-sipcore-event-rate-control th IETF,
0 NAT/Firewall NSLP IETF 62th – March 2005 draft-ietf-nsis-nslp-natfw-05.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.

0 NAT/Firewall NSLP IETF 62th – March 2005 draft-ietf-nsis-nslp-natfw-05.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
1 Possible Principles and Requirements Frederick Hirsch, Nokia 12 July 2008.

1 Possible Principles and Requirements Frederick Hirsch, Nokia 12 July 2008.
RADEXT WG IETF 91 Rechartering. Why? Current charter doesn’t allow us to take on new work that is waiting in the queue Has an anachronistic Diameter entanglement.

RADEXT WG IETF 91 Rechartering. Why? Current charter doesn’t allow us to take on new work that is waiting in the queue Has an anachronistic Diameter entanglement.
Design Guidelines Thursday July 26, 2007 Bernard Aboba IETF 69 Chicago, IL.

Design Guidelines Thursday July 26, 2007 Bernard Aboba IETF 69 Chicago, IL.
Lightweight Key Establishment & Management Protocol (KEMP) in Dynamic Sensor Networks Update draft-qiu-roll-kemp-01 Ying QIU, Jianying ZHOU, Feng BAO.

Lightweight Key Establishment & Management Protocol (KEMP) in Dynamic Sensor Networks Update draft-qiu-roll-kemp-01 Ying QIU, Jianying ZHOU, Feng BAO.
DTN Security Update Stephen Farrell, Trinity College Dublin Susan Symmington, The MITRE Corp. Howard Weiss, Sparta Inc. IETF-65 Dallas March 2006.

DTN Security Update Stephen Farrell, Trinity College Dublin Susan Symmington, The MITRE Corp. Howard Weiss, Sparta Inc. IETF-65 Dallas March 2006.
Draft-ietf-pce-stateful-pce-07 draft-crabbe-pce-pce-initated-lsp-03 Stateful PCE - update Ina Minei Ed Crabbe Jan Medved Robert Varga Siva Sivabalan.

Draft-ietf-pce-stateful-pce-07 draft-crabbe-pce-pce-initated-lsp-03 Stateful PCE - update Ina Minei Ed Crabbe Jan Medved Robert Varga Siva Sivabalan.
Slide 1 November 2005, Vancouver, BCIETF DNSEXT 2929bis etc. Donald E. Eastlake 3 rd +1-508-786-7554

Slide 1 November 2005, Vancouver, BCIETF DNSEXT 2929bis etc. Donald E. Eastlake 3 rd
Page 1 IETF DRINKS Working Group Data Model and Protocol Requirements for DRINKS IETF 72 - Thursday July 31 2008 Tom Creighton -

Page 1 IETF DRINKS Working Group Data Model and Protocol Requirements for DRINKS IETF 72 - Thursday July Tom Creighton -
Globally Identifiable Number (GIN) Registration Adam Roach draft-martini-roach-gin-01 IETF 77 – Anaheim, CA, USA March 22, 2010.

Globally Identifiable Number (GIN) Registration Adam Roach draft-martini-roach-gin-01 IETF 77 – Anaheim, CA, USA March 22, 2010.
Extensions to Path Computation Element Communication Protocol (PCEP) for Hierarchical Path Computation Elements (PCE) PCE WG, IETF 86th draft-zhang-pce-hierarchy-extensions-03.

Extensions to Path Computation Element Communication Protocol (PCEP) for Hierarchical Path Computation Elements (PCE) PCE WG, IETF 86th draft-zhang-pce-hierarchy-extensions-03.
ITU Liaison on T-MPLS Stewart Bryant

ITU Liaison on T-MPLS Stewart Bryant
SIP wg Items Jonathan Rosenberg dynamicsoft Caller Preferences: Changes Discussion of Redirects –Previous draft only proxy –Nothing different for redirect.

SIP wg Items Jonathan Rosenberg dynamicsoft Caller Preferences: Changes Discussion of Redirects –Previous draft only proxy –Nothing different for redirect.

Similar presentations

Ads by Google