<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style></head><body lang=EN-US link="#0563C1" vlink="#954F72" style='word-wrap:break-word'><div class=WordSection1><p class=MsoNormal>I definitely agree with Sarah that Option 1 is the way to go.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:12.0pt;color:black'>From: </span></b><span style='font-size:12.0pt;color:black'>SIS-DTN <sis-dtn-bounces@mailman.ccsds.org> on behalf of "Heiner, Sarah E. via SIS-DTN" <sis-dtn@mailman.ccsds.org><br><b>Reply-To: </b>"Heiner, Sarah E." <Sarah.Heiner@jhuapl.edu><br><b>Date: </b>Wednesday, February 22, 2023 at 7:26 AM<br><b>To: </b>Keith Scott <keithlscott@gmail.com>, "sis-dtn@mailman.ccsds.org" <sis-dtn@mailman.ccsds.org><br><b>Subject: </b>Re: [Sis-dtn] [EXT] SIS-DTN Meeting tomrrow: discuss BPsec<o:p></o:p></span></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><p class=MsoNormal>Hi Keith,<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I agree with your summary here for moving forward with security contexts (option 1). The IETF BPSec Default Security Contexts are (intentionally) limited in what they support, making them useful for interoperability testing, but will also require the definition of CCSDS-specific security contexts to enable other use cases. Defining these CCSDS-specific security contexts outside of the BPSec book sounds like the right way to proceed. <o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I have the original figures for the book and will drop them in the Google Drive BPSec folder this morning. <o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Thanks,<o:p></o:p></p><p class=MsoNormal>Sarah<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:12.0pt;color:black'>From: </span></b><span style='font-size:12.0pt;color:black'>SIS-DTN <sis-dtn-bounces@mailman.ccsds.org> on behalf of Keith Scott via SIS-DTN <sis-dtn@mailman.ccsds.org><br><b>Reply-To: </b>Keith Scott <keithlscott@gmail.com><br><b>Date: </b>Wednesday, February 22, 2023 at 9:41 AM<br><b>To: </b>"sis-dtn@mailman.ccsds.org" <sis-dtn@mailman.ccsds.org><br><b>Subject: </b>[EXT] [Sis-dtn] SIS-DTN Meeting tomrrow: discuss BPsec<o:p></o:p></span></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><div id=APLWarningText><table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 align=left><tr><td width="100%" style='width:100.0%;background:#E0E0E0;padding:0in 0in 0in 0in'><p class=MsoNormal style='mso-element:frame;mso-element-frame-hspace:2.25pt;mso-element-wrap:around;mso-element-anchor-vertical:paragraph;mso-element-anchor-horizontal:column;mso-height-rule:exactly'><b><span style='color:red'>APL external email warning: </span></b><span style='color:black'>Verify sender sis-dtn-bounces@mailman.ccsds.org before clicking links or attachments</span><o:p></o:p></p></td></tr></table><p> <o:p></o:p></p></div></div><div><div><p class=MsoNormal>OK, in collecting BPsec information to try to get a resolution to Tomaso I think we're not there yet.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>I think the largest outstanding item is Annex D where we tried to profile the IETF default security contexts. I think that if we profile in changes to e.g. the key lengths as Mehmet suggests, that would define a NEW security context that we'd need to register w/ IANA. So I think our options are:<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>1. Remove annex D and simply reference the IETF default security contexts; define CCSDS-specific security contexts in TBD new documents.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>2. Proceed with a profile as in annex D and use that to register NEW security contexts with IANA (essentially the existing IANA ones with our profile changes).<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>3. Work to define new CCSDS security contexts, replace Annex D with those, and use it to register the new contexts w/ IANA.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>I KNOW we talked about this, but I'm having difficulty getting at my older notes at the moment. I THINK we opted for option 1.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><div><p class=MsoNormal>And we need to go over Annex A (PICS).<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Also, does anybody (APL?) have the original art for the figures in the book? If not we'll have to recreate them.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal> --keith<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div></div><p class=MsoNormal>_______________________________________________ SIS-DTN mailing list SIS-DTN@mailman.ccsds.org https://mailman.ccsds.org/cgi-bin/mailman/listinfo/sis-dtn <o:p></o:p></p></div></body></html>