<font size=2 face="sans-serif">Dear Peter, </font>
<br><font size=2 face="sans-serif"> it
is true that the Space Data documents do not specify a management system.</font>
<br><font size=2 face="sans-serif">It is also true that the Space Data
documents never claim that they specify a management system.</font>
<br><font size=2 face="sans-serif">In CCSDS 132.0-B-1.3 the term "</font><font size=3>management
system</font><font size=2 face="sans-serif">" is used twice - always
in NOTES; i.e. non normative statements - and the second occurrence makes
clear that "These parameters are defined in an abstract sense and
are not intended to imply any particular implementation of a management
system. " Moreover section 1.2 states that this book does not specify
"the management activities required to configure and control the protocol."</font>
<br><font size=2 face="sans-serif">The same is true for CCSDS 232.0-B-2.2.</font>
<br><font size=2 face="sans-serif">The same is true for CCSDS 732.0-B-2.3
with the difference that, dislike 132.0 and 232.0, the mentioning in not
in NOTES rather in plain text in the (non normative) section named "OVERVIEW
OF MANAGED PARAMETERS".</font>
<br><font size=2 face="sans-serif">The same is true for CCSDS 355.0-B-0
with the difference that, dislike 132.0 and 232.0, the first mentioning
in not in a NOTE rather in plain text in the (non normative) section named
"OVERVIEW" while the second one is a note as for 132.0 and 232.0.</font>
<br><font size=2 face="sans-serif">I think all this consistently does "</font><font size=2 face="Calibri">make
clear in this section that these are the set of managed parameters that
are intended to be included in any system that manages security associations,
but that no specification for such a system is provided nor implied.</font><font size=2 face="sans-serif">"</font>
<br>
<br><font size=2 face="sans-serif">So adding a word (i.e. unspecified)
in a single book is not necessary and would not cure the problem you see.</font>
<br><font size=2 face="sans-serif">Having said this I do continue supporting
the WG in rejecting this particular condition at this point in time.</font>
<br>
<br><font size=2 face="sans-serif">Best regards</font>
<br>
<br><font size=2 face="sans-serif">Gian Paolo</font>
<br>
<br><font size=2 face="sans-serif">PS It may be that in the future the
WG's will work and agree to e.g. adding an exhaustive non normative annex
that explains with more details the limitations and issues you see in the
current versions.</font>
<br>
<br>
<br>
<br>
<br><font size=1 color=#5f5f5f face="sans-serif">From:
</font><font size=1 face="sans-serif">"Shames, Peter
M (312B)" <peter.m.shames@jpl.nasa.gov></font>
<br><font size=1 color=#5f5f5f face="sans-serif">To:
</font><font size=1 face="sans-serif">"Gian.Paolo.Calzolari@esa.int"
<Gian.Paolo.Calzolari@esa.int>, </font>
<br><font size=1 color=#5f5f5f face="sans-serif">Cc:
</font><font size=1 face="sans-serif">"CCSDS CESG --"
<cesg@mailman.ccsds.org>, "howie.weiss@sparta.com" <howie.weiss@sparta.com>,
"Biggerstaff, Craig\(JSC-CD221\)\[LOCKHEED
MARTIN CORP\]" <craig.biggerstaff@nasa.gov></font>
<br><font size=1 color=#5f5f5f face="sans-serif">Date:
</font><font size=1 face="sans-serif">29/08/2015 01:41</font>
<br><font size=1 color=#5f5f5f face="sans-serif">Subject:
</font><font size=1 face="sans-serif">Re: Unspecified
Management System: [CESG] Re: Results of CESG Polls
closing 14 August 2015</font>
<br><font size=1 color=#5f5f5f face="sans-serif">Sent by:
</font><font size=1 face="sans-serif">cesg-bounces@mailman.ccsds.org</font>
<br>
<hr noshade>
<br>
<br>
<br><font size=2 face="Calibri">Ciao Gippo,</font>
<br>
<br><font size=2 face="Calibri">The issue I have with how this Management
System is specified in these documents is that it is not really specified
at all as a system. It is, instead, described in Sec 6 as a set of
managed parameters. This is useful, since it does provide the implementer
with some concrete guidance on what is expected to be managed and a possible
range of values, but it does not constitute a Management System. There
is no spec for the system, no defined behavior for the system, and no interfaces
for the system, not even in the abstract.</font>
<br>
<br><font size=2 face="Calibri">I would recommend, therefore, that you
make clear in this section that these are the set of managed parameters
that are intended to be included in any system that manages security associations,
but that no specification for such a system is provided nor implied.</font>
<br>
<br><font size=2 face="Calibri">CCSDS does indeed provide service systems,
interface, and behavioral specifications. The most prominent of these
are the SLE and CSTS, but even the MOIMS SM&C is starting to develop
system interfaces. The RASIM also provided a set of abstract system
interfaces. Specs such as CFDP and AMS have defined the service characteristics
of a data management service that is intended to do buffer management within
the protocol. I find none of the typical characterizations of a system
or service interface in this spec, only a set of data items that consititue
managed parameters.</font>
<br>
<br><font size=2 face="Calibri">I would not in any way suggest that we
list in every spec all the things that they are not. That would be
foolish. At the same time I think we need to be careful to be clear
in describing what it is that we do define and what the limitations are.</font>
<br>
<br><font size=2 face="Calibri">Best regards, Peter</font>
<br>
<br>
<br><font size=2 face="Calibri"><b>From: </b>Gian Paolo Calzolari <</font><a href=mailto:Gian.Paolo.Calzolari@esa.int><font size=2 color=blue face="Calibri"><u>Gian.Paolo.Calzolari@esa.int</u></font></a><font size=2 face="Calibri">><b><br>
Date: </b>Friday, August 28, 2015 at 12:39 AM<b><br>
To: </b>Peter Shames <</font><a href=mailto:peter.m.shames@jpl.nasa.gov><font size=2 color=blue face="Calibri"><u>peter.m.shames@jpl.nasa.gov</u></font></a><font size=2 face="Calibri">><b><br>
Cc: </b>"Biggerstaff, Craig (JSC-CD221)[LOCKHEED MARTIN CORP]"
<</font><a href=mailto:craig.biggerstaff@nasa.gov><font size=2 color=blue face="Calibri"><u>craig.biggerstaff@nasa.gov</u></font></a><font size=2 face="Calibri">>,
"</font><a href=mailto:howie.weiss@sparta.com><font size=2 color=blue face="Calibri"><u>howie.weiss@sparta.com</u></font></a><font size=2 face="Calibri">"
<</font><a href=mailto:howie.weiss@sparta.com><font size=2 color=blue face="Calibri"><u>howie.weiss@sparta.com</u></font></a><font size=2 face="Calibri">>,
CCSDS Engineering Steering Group - CESG Exec <</font><a href=mailto:cesg@mailman.ccsds.org><font size=2 color=blue face="Calibri"><u>cesg@mailman.ccsds.org</u></font></a><font size=2 face="Calibri">><b><br>
Subject: </b>Unspecified Management System: [CESG] Re: Results of CESG
Polls closing 14 August 2015</font>
<br>
<br><font size=2 face="sans-serif">Dear Peter,</font><font size=2 face="Calibri">
</font><font size=2 face="sans-serif"><br>
I am extremely reluctant to accept your condition
about adding the term "unspecified" in front of "management
system".</font><font size=2 face="Calibri"><br>
</font><font size=2 face="sans-serif"><br>
First of all Craig motivated the non addition of this term in his WinWord
comment stating <</font><font size=2 face="Times New Roman">Using the
word 'unspecified' for management in section 6.1 is not consistent with
the language used with the SLP BBs. Each of the four standards (SDLS,
TC, TM, AOS) contains a statement in section 1.2 where the absence of specification
for the management activities is stated. Otherwise, the word 'unspecified'
does not show up a single time in TC, TM and AOS BBs. <br>
The WG prefers to be consistent with the SLP books, and proposes not to
add the word 'unspecified' here.</font><font size=2 face="sans-serif">></font><font size=2 face="Calibri"><br>
</font><font size=2 face="sans-serif"><br>
Moreover if we accept this trend than each CCSDS document will need to
add the term unspecified in front of whatever is not specified in that
document or outside.<br>
It is also not fully true that the management is unspecified, actually
chapter 6 itself contains a number of requirement (not all requirements,
indeed) to be used when specifying the (agency specific) management system.<br>
Last but not l;east, CCSDS never specifies systems but rather provide standards
to be used for a subset (sometimes large) of the systems specification
to be issued by a given Agency/Company.</font><font size=2 face="Calibri"><br>
</font><font size=2 face="sans-serif"><br>
So I do recommend keeping consistency within the documents of the SLS Area
and not adding the term "unspecified" in front of "management
system" and I kindly ask you to withdraw this specific condition.</font><font size=2 face="Calibri"><br>
</font><font size=2 face="sans-serif"><br>
Best regards</font><font size=2 face="Calibri"> <br>
</font><font size=2 face="sans-serif"><br>
Gian Paolo</font><font size=2 face="Calibri"> <br>
<br>
<br>
</font><font size=1 color=#5f5f5f face="sans-serif"><br>
From: </font><font size=1 face="sans-serif">"Shames,
Peter M (312B)" <</font><a href=mailto:peter.m.shames@jpl.nasa.gov><font size=1 color=blue face="sans-serif"><u>peter.m.shames@jpl.nasa.gov</u></font></a><font size=1 face="sans-serif">></font><font size=1 color=#5f5f5f face="sans-serif"><br>
To: </font><font size=1 face="sans-serif">"Biggerstaff,
Craig (JSC-CD221)[LOCKHEED MARTIN CORP]" <</font><a href=mailto:craig.biggerstaff@nasa.gov><font size=1 color=blue face="sans-serif"><u>craig.biggerstaff@nasa.gov</u></font></a><font size=1 face="sans-serif">>,
"Scott, Keith L (9730-Affiliate)" <</font><a href=mailto:kscott@mitre.org><font size=1 color=blue face="sans-serif"><u>kscott@mitre.org</u></font></a><font size=1 face="sans-serif">>,
"</font><a href=mailto:tomaso.decola@dlr.de><font size=1 color=blue face="sans-serif"><u>tomaso.decola@dlr.de</u></font></a><font size=1 face="sans-serif">"
<</font><a href=mailto:tomaso.decola@dlr.de><font size=1 color=blue face="sans-serif"><u>tomaso.decola@dlr.de</u></font></a><font size=1 face="sans-serif">>,
</font><font size=1 color=#5f5f5f face="sans-serif"><br>
Cc: </font><font size=1 face="sans-serif">"</font><a href=mailto:howie.weiss@sparta.com><font size=1 color=blue face="sans-serif"><u>howie.weiss@sparta.com</u></font></a><font size=1 face="sans-serif">"
<</font><a href=mailto:howie.weiss@sparta.com><font size=1 color=blue face="sans-serif"><u>howie.weiss@sparta.com</u></font></a><font size=1 face="sans-serif">>,
"</font><a href=mailto:cesg@mailman.ccsds.org><font size=1 color=blue face="sans-serif"><u>cesg@mailman.ccsds.org</u></font></a><font size=1 face="sans-serif">"
<</font><a href=mailto:cesg@mailman.ccsds.org><font size=1 color=blue face="sans-serif"><u>cesg@mailman.ccsds.org</u></font></a><font size=1 face="sans-serif">></font><font size=1 color=#5f5f5f face="sans-serif"><br>
Date: </font><font size=1 face="sans-serif">28/08/2015
02:48</font><font size=1 color=#5f5f5f face="sans-serif"><br>
Subject: </font><font size=1 face="sans-serif">[CESG]
Re: Results of CESG Polls closing 14 August 2015</font><font size=1 color=#5f5f5f face="sans-serif"><br>
Sent by: </font><a href="mailto:cesg-bounces@mailman.ccsds.org"><font size=1 color=blue face="sans-serif"><u>cesg-bounces@mailman.ccsds.org</u></font></a><font size=2 face="Calibri"><br>
</font>
<hr noshade><font size=2 face="Calibri"><br>
<br>
</font><font size=2 face="Calibri"><br>
Dear Craig, et al,</font><font size=2 face="Calibri"> <br>
</font><font size=2 face="Calibri"><br>
I have reviewed the proposed changes to the document. I find all
of them acceptable except for one. I really believe that this document
will better represent its functions if a new, simplified, version of "figure
6-1” is included in sec 2.2.2. This would allow you to introduce
in a graphical way exactly what this protocol does relative to the three
space data link protocols. You can then point to the protocol specific
versions as you have.</font><font size=2 face="Calibri"><br>
</font><font size=3 face="Calibri"><br>
And on pg 6-1, sec 6.1 there was a side note about the "management
system” being unspecified. I propose changing the text to read "</font><font size=3 face="Times New Roman">Through
the use of an out of band and unspecified management system…"</font><font size=2 face="Calibri">
<br>
</font><font size=2 face="Calibri"><br>
I think that gets the flavor of what you are describing. Would you
agree?</font><font size=2 face="Calibri"><br>
</font><font size=2 face="Calibri"><br>
There is this further loose end having to do with the “still in work”
</font><font size=3 face="Times New Roman">CCSDS SDLS Extended Procedures
recommendation (reference 355.1-B). </font><font size=3 face="Calibri">It
is mentioned twice in the document in NOTE and overview text. Since
it is not final this is probably appropriate. Tom Gannett will probably
have an opinion about this, but I think you could insert a reference to
the Red Book in the non normative references and mark it as [Future}. We
did that on the SCCS-ARD and no one screamed, and it at least gets a clear
reference to the “to be published” standard into the document.</font><font size=2 face="Calibri">
<br>
</font><font size=3 face="Calibri"><br>
Best regards, Peter</font><font size=2 face="Calibri"> <br>
<br>
<br>
</font><font size=2 face="Calibri"><b><br>
From: </b>"Biggerstaff, Craig (JSC-CD221)[LOCKHEED MARTIN CORP]"
<</font><a href=mailto:craig.biggerstaff@nasa.gov><font size=2 color=blue face="Calibri"><u>craig.biggerstaff@nasa.gov</u></font></a><font size=2 face="Calibri">><b><br>
Date: </b>Thursday, August 27, 2015 at 4:16 PM<b><br>
To: </b>Peter Shames <</font><a href=mailto:peter.m.shames@jpl.nasa.gov><font size=2 color=blue face="Calibri"><u>peter.m.shames@jpl.nasa.gov</u></font></a><font size=2 face="Calibri">>,
Keith Scott <</font><a href=mailto:kscott@mitre.org><font size=2 color=blue face="Calibri"><u>kscott@mitre.org</u></font></a><font size=2 face="Calibri">>,
"</font><a href=mailto:tomaso.decola@dlr.de><font size=2 color=blue face="Calibri"><u>tomaso.decola@dlr.de</u></font></a><font size=2 face="Calibri">"
<</font><a href=mailto:tomaso.decola@dlr.de><font size=2 color=blue face="Calibri"><u>tomaso.decola@dlr.de</u></font></a><font size=2 face="Calibri">><b><br>
Cc: </b>CCSDS Engineering Steering Group - CESG Exec <</font><a href=mailto:cesg@mailman.ccsds.org><font size=2 color=blue face="Calibri"><u>cesg@mailman.ccsds.org</u></font></a><font size=2 face="Calibri">>,
Gilles Moury <</font><a href=mailto:Gilles.Moury@cnes.fr><font size=2 color=blue face="Calibri"><u>Gilles.Moury@cnes.fr</u></font></a><font size=2 face="Calibri">>,
"</font><a href=mailto:howie.weiss@sparta.com><font size=2 color=blue face="Calibri"><u>howie.weiss@sparta.com</u></font></a><font size=2 face="Calibri">"
<</font><a href=mailto:howie.weiss@sparta.com><font size=2 color=blue face="Calibri"><u>howie.weiss@sparta.com</u></font></a><font size=2 face="Calibri">><b><br>
Subject: </b>RE: Results of CESG Polls closing 14 August 2015</font><font size=2 face="Calibri">
<br>
</font><font size=2 face="Calibri"><br>
Dear ADs/DADs,</font><font size=2 face="Calibri"> <br>
</font><font size=2 face="Calibri"><br>
As the book editor of CCSDS 355.1-B-0 'Space Data Link Security Protocol',
I have attached proposed text changes that, the WG believes, will resolve
your CESG poll conditions. Please review these changes and let me
know if the changes answer your requirements. Thank you.</font><font size=2 face="Calibri">
<br>
<br>
<br>
</font><font size=2 face="Calibri"><br>
Best regards,</font><font size=2 face="Calibri"> <br>
</font><font size=2 face="Calibri"><br>
Craig Biggerstaff</font><font size=2 face="Calibri"> <br>
</font><font size=2 face="Calibri"><br>
At 03:37 PM 8/17/2015, CCSDS Secretariat wrote:<br>
CESG E-Poll Identifier: CESG-P-2015-07-001 Approval to publish CCSDS<br>
355.0-B-1, Space Data Link Security Protocol (Blue Book, Issue 1)<br>
Results of CESG poll beginning 31 July 2015 and ending 14 August 2015:</font><font size=2 face="Calibri"><br>
</font><font size=2 face="Calibri"><br>
Abstain:
0 (0%)</font><font size=2 face="Calibri"> </font><font size=2 face="Calibri"><br>
Approve Unconditionally: 6 (66.67%) (Merri, Behal, Calzolari,<br>
Moury, Suess, Barton)</font><font size=2 face="Calibri"> </font><font size=2 face="Calibri"><br>
Approve with Conditions: 3 (33.33%) (Shames, Scott, Cola)<br>
Disapprove with Comment: 0 (0%)</font><font size=2 face="Calibri">
<br>
</font><font size=2 face="Calibri"><br>
CONDITIONS/COMMENTS:</font><font size=2 face="Calibri"> <br>
</font><font size=2 face="Calibri"><br>
Peter Shames (Approve with Conditions): We need this document to be<br>
published, and soon, but there are still a few inconsistencies that<br>
I believe should be fixed before that happens. There are marked in<br>
the attached text, but I will summarize them here:</font><font size=2 face="Calibri"><br>
</font><font size=2 face="Calibri"><br>
1) The document is missing a really good overview description and<br>
figure showing the relationship of the user provided transfer frame<br>
data field to the secured field. Such figures are in docs like CCSDS 232x0b.</font><font size=2 face="Calibri"><br>
</font><font size=2 face="Calibri"><br>
What you are asking for was originally in the SDLS Red Book but was moved
to the TC/TM/AOS Pink Books. The WG would prefer to reference those
books instead of duplicating the overview information.</font><font size=2 face="Calibri"><br>
<br>
</font><font size=2 face="Calibri"><br>
2) related to 1), the term "payload" is defined in sec 1.6, but
it<br>
is then not used in any consistent way within the rest of the<br>
document. And the definition of the word "payload" is disjoint
from<br>
other CCSDS usage. The word "package" or "user provided
data" might be better.</font><font size=2 face="Calibri"><br>
</font><font size=2 face="Calibri"><br>
The use of "Payload" in this document follows its common use
within cryptography. Its meaning within the context of this document
has been defined in 1.8, and it is now capitalized as a proper name throughout.
The WG believes this will clear up any confusion.</font><font size=2 face="Calibri">
<br>
<br>
</font><font size=2 face="Calibri"><br>
3) The Security Association Management Service, sec 3.4, reads like<br>
Green Book material, not Blue Book. There is not even an abstract<br>
service spec provided and as such it appears to be non-normative<br>
content. The related "Primitives" are not even sketched out,
which<br>
makes this section look even more "unfinished".</font><font size=2 face="Calibri"><br>
</font><font size=2 face="Calibri"><br>
The WG's consensus was that specifying only the required Security Association
managed parameters was sufficient for 355.0, which the WG wanted to keep
'lightweight'. The WG did originally consider a set of service primitives
covering SA management, but decided that including them in the 355.0 core
protocol would unduly constrain operations centers to a particular state
model for operational key changes and recovery from spacecraft failures,
where is not now any consensus to reverse agency-specific approaches. Those
subjects were deemed material for the Green Book or else for the SDLS Extended
Procedures Blue Book.</font><font size=2 face="Calibri"><br>
<br>
</font><font size=2 face="Calibri"><br>
4) There is a repeated description of "Rollover of the sequence<br>
number could be used to signal the end of the acceptable lifetime of<br>
a cryptographic key", which sounds like specific guidance, but<br>
always appears in a NOTE. This might be better expressed in a real<br>
requirement as a "may".</font><font size=2 face="Calibri"> <br>
</font><font size=2 face="Calibri"><br>
The NOTEs have been modified to eliminate any guidance and to refer to
the GB.</font><font size=2 face="Calibri"><br>
<br>
</font><font size=2 face="Calibri"><br>
Keith Scott (Approve with Conditions): I concur with Tomaso that a<br>
note stating the non-applicability of this specification to<br>
Proximity-2 communications would be quite helpful.</font><font size=2 face="Calibri"><br>
</font><font size=2 face="Calibri"><br>
Tomaso de Cola (Approve with Conditions): As the book relates to<br>
security implemented in the data link layer of CCSDS protocol stack,<br>
I would expect a note or comment in Section 1 to state that the<br>
scope of the book is limited to AOS, TM, and TC and does not address<br>
Proximity. Finding no mention of proximity leaves some uncertainty<br>
on the overall security implementation in SDLP.</font><font size=2 face="Calibri"><br>
</font><font size=2 face="Calibri"><br>
A statement to this effect has been added to paragraph 2.1.</font><font size=2 face="Calibri"><br>
<br>
<br>
</font><font size=2 face="Calibri"><br>
Note for future book amendments, the green book CCSDS 350.0-G-2 (THE<br>
APPLICATION OF CCSDS PROTOCOLS</font><font size=2 face="Calibri"> </font><font size=2 face="Calibri"><br>
TO SECURE SYSTEMS ) will probably require some minor revision to<br>
reflect the changes provided in this blue book, once published.</font><font size=2 face="Calibri"><br>
<br>
</font><font size=2 face="Calibri"><br>
Total Respondents: 9</font><font size=2 face="Calibri"> </font><font size=2 face="Calibri"><br>
No response was received from the following Area(s):</font><font size=2 face="Calibri"><br>
</font><font size=2 face="Calibri"><br>
CSS</font><font size=2 face="Calibri"> <br>
</font><font size=2 face="Calibri"><br>
SECRETARIAT INTERPRETATION OF RESULTS: Approved with Conditions<br>
PROPOSED SECRETARIAT ACTION: Generate
CMC poll after<br>
conditions have been addressed</font><font size=2 face="Calibri"> </font><font size=2 face="Calibri"><br>
_______________________________________________<br>
CESG mailing list</font><font size=2 color=blue face="Calibri"><u><br>
</u></font><a href=mailto:CESG@mailman.ccsds.org><font size=2 color=blue face="Calibri"><u>CESG@mailman.ccsds.org</u></font></a><font size=2 color=blue face="Calibri"><u><br>
</u></font><a href=http://mailman.ccsds.org/mailman/listinfo/cesg><font size=2 color=blue face="Calibri"><u>http://mailman.ccsds.org/mailman/listinfo/cesg</u></font></a><font size=2 face="Calibri"><br>
</font>
<br><font size=2 face="Calibri">This message and any attachments are intended
for the use of the addressee or addressees only.<br>
The unauthorised disclosure, use, dissemination or copying (either in whole
or in part) of its<br>
content is not permitted.<br>
If you received this message in error, please notify the sender and delete
it from your system.<br>
Emails can be altered and their integrity cannot be guaranteed by the sender.<br>
<br>
Please consider the environment before printing this email.<br>
</font><tt><font size=2>_______________________________________________<br>
CESG mailing list<br>
CESG@mailman.ccsds.org<br>
</font></tt><a href=http://mailman.ccsds.org/mailman/listinfo/cesg><tt><font size=2>http://mailman.ccsds.org/mailman/listinfo/cesg</font></tt></a><tt><font size=2><br>
</font></tt>
<br><PRE>This message and any attachments are intended for the use of the addressee or addressees only.
The unauthorised disclosure, use, dissemination or copying (either in whole or in part) of its
content is not permitted.
If you received this message in error, please notify the sender and delete it from your system.
Emails can be altered and their integrity cannot be guaranteed by the sender.
Please consider the environment before printing this email.
</PRE>