draft-ietf-dtn-bpsec-14.txt   draft-ietf-dtn-bpsec-15.txt 
Delay-Tolerant Networking E. Birrane Delay-Tolerant Networking E. Birrane
Internet-Draft K. McKeever Internet-Draft K. McKeever
Obsoletes: 6257 (if approved) JHU/APL Obsoletes: 6257 (if approved) JHU/APL
Intended status: Standards Track January 16, 2020 Intended status: Standards Track January 16, 2020
Expires: July 19, 2020 Expires: July 19, 2020
Bundle Protocol Security Specification Bundle Protocol Security Specification
draft-ietf-dtn-bpsec-14 draft-ietf-dtn-bpsec-15
Abstract Abstract
This document defines a security protocol providing end to end data This document defines a security protocol providing end to end data
integrity and confidentiality services for the Bundle Protocol. integrity and confidentiality services for the Bundle Protocol.
The Internet Research Task Force is advised that this document is an This document is an update of the protocol described in RFC 6257,
update of the protocol described in [RFC6257], reflecting lessons reflecting lessons learned. For this reason it obsoletes RFC 6257,
learned. The Internet Research Task Force is requested to mark an IRTF-stream document.
[RFC6257] as obsolete.
Note to the RFC editor: The Internet Research Task Force is requested
to mark RFC6257 as obsolete.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
skipping to change at page 3, line 44 skipping to change at page 3, line 47
transport security mechanisms may not be sufficient. For example, transport security mechanisms may not be sufficient. For example,
the store-carry-forward nature of the network may require protecting the store-carry-forward nature of the network may require protecting
data at rest, preventing unauthorized consumption of critical data at rest, preventing unauthorized consumption of critical
resources such as storage space, and operating without regular resources such as storage space, and operating without regular
contact with a centralized security oracle (such as a certificate contact with a centralized security oracle (such as a certificate
authority). authority).
An end-to-end security service is needed that operates in all of the An end-to-end security service is needed that operates in all of the
environments where the BP operates. environments where the BP operates.
The Internet Research Task Force is advised that this document is an This document is an update of the protocol described in RFC 6257,
update of the protocol described in [RFC6257], reflecting lessons reflecting lessons learned. For this reason it obsoletes RFC 6257,
learned. The Internet Research Task Force is requested to mark an IRTF-stream document.
[RFC6257] as obsolete.
Note to the RFC editor: The Internet Research Task Force is requested
to mark RFC6257 as obsolete.
1.1. Supported Security Services 1.1. Supported Security Services
BPSec provides end-to-end integrity and confidentiality services for BPSec provides end-to-end integrity and confidentiality services for
BP bundles, as defined in this section. BP bundles, as defined in this section.
Integrity services ensure that changes to target data within a bundle Integrity services ensure that changes to target data within a bundle
can be discovered. Data changes may be caused by processing errors, can be discovered. Data changes may be caused by processing errors,
environmental conditions, or intentional manipulation. In the environmental conditions, or intentional manipulation. In the
context of BPSec, integrity services apply to plain-text in the context of BPSec, integrity services apply to plain-text in the
 End of changes. 3 change blocks. 
9 lines changed or deleted 13 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/