draft-ietf-dtn-bpsec-15.txt   draft-ietf-dtn-bpsec-16.txt 
Delay-Tolerant Networking E. Birrane Delay-Tolerant Networking E. Birrane
Internet-Draft K. McKeever Internet-Draft K. McKeever
Obsoletes: 6257 (if approved) JHU/APL Obsoletes: 6257 (if approved) JHU/APL
Intended status: Standards Track January 16, 2020 Intended status: Standards Track January 21, 2020
Expires: July 19, 2020 Expires: July 24, 2020
Bundle Protocol Security Specification Bundle Protocol Security Specification
draft-ietf-dtn-bpsec-15 draft-ietf-dtn-bpsec-16
Abstract Abstract
This document defines a security protocol providing end to end data This document defines a security protocol providing end to end data
integrity and confidentiality services for the Bundle Protocol. integrity and confidentiality services for the Bundle Protocol.
This document is an update of the protocol described in RFC 6257, This document is an update of the protocol described in RFC 6257,
reflecting lessons learned. For this reason it obsoletes RFC 6257, reflecting lessons learned. For this reason it obsoletes RFC 6257,
an IRTF-stream document. an IRTF-stream document.
Note to the RFC editor: The Internet Research Task Force is requested
to mark RFC6257 as obsolete.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 19, 2020. This Internet-Draft will expire on July 24, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 51 skipping to change at page 3, line 48
contact with a centralized security oracle (such as a certificate contact with a centralized security oracle (such as a certificate
authority). authority).
An end-to-end security service is needed that operates in all of the An end-to-end security service is needed that operates in all of the
environments where the BP operates. environments where the BP operates.
This document is an update of the protocol described in RFC 6257, This document is an update of the protocol described in RFC 6257,
reflecting lessons learned. For this reason it obsoletes RFC 6257, reflecting lessons learned. For this reason it obsoletes RFC 6257,
an IRTF-stream document. an IRTF-stream document.
Note to the RFC editor: The Internet Research Task Force is requested Note to the RFC editor: Please delete below paragraph prior to RFC
to mark RFC6257 as obsolete. publication.
The Internet Research Task Force will be requested to mark RFC6257 as
obsolete.
1.1. Supported Security Services 1.1. Supported Security Services
BPSec provides end-to-end integrity and confidentiality services for BPSec provides end-to-end integrity and confidentiality services for
BP bundles, as defined in this section. BP bundles, as defined in this section.
Integrity services ensure that changes to target data within a bundle Integrity services ensure that changes to target data within a bundle
can be discovered. Data changes may be caused by processing errors, can be discovered. Data changes may be caused by processing errors,
environmental conditions, or intentional manipulation. In the environmental conditions, or intentional manipulation. In the
context of BPSec, integrity services apply to plain-text in the context of BPSec, integrity services apply to plain-text in the
skipping to change at page 33, line 22 skipping to change at page 33, line 22
11.1. Bundle Block Types 11.1. Bundle Block Types
This specification allocates two block types from the existing This specification allocates two block types from the existing
"Bundle Block Types" registry defined in [I-D.ietf-dtn-bpbis]. "Bundle Block Types" registry defined in [I-D.ietf-dtn-bpbis].
Additional Entries for the Bundle Block-Type Codes Registry: Additional Entries for the Bundle Block-Type Codes Registry:
+-------+-----------------------------+---------------+ +-------+-----------------------------+---------------+
| Value | Description | Reference | | Value | Description | Reference |
+-------+-----------------------------+---------------+ +-------+-----------------------------+---------------+
| 11 | Block Integrity Block | This document | | TBA | Block Integrity Block | This document |
| 12 | Block Confidentiality Block | This document | | TBA | Block Confidentiality Block | This document |
+-------+-----------------------------+---------------+ +-------+-----------------------------+---------------+
Table 2 Table 2
The Bundle Block Types namespace notes whether a block type is meant The Bundle Block Types namespace notes whether a block type is meant
for use in BP version 6, BP version 7, or both. The two block types for use in BP version 6, BP version 7, or both. The two block types
defined in this specification are meant for use with BP version 7. defined in this specification are meant for use with BP version 7.
11.2. Security Context Identifiers 11.2. Security Context Identifiers
 End of changes. 6 change blocks. 
11 lines changed or deleted 11 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/