REVIEW ITEM DISPOSITION (RID): RED BOOK RID INITIATION FORM AGENCY RID NUMBER: ESA-LB-06 SUBMITTING ORGANIZATION (Agency, Center): ESA, ESOC ------------------------------------------------------------------ REVIEWER'S NAME: Lars Baumgaertner / Lukas Holst CODE: OPS-GAE E-MAIL ADDRESS: lars.baumgaertner@esa.int / lukas.holst@ext.esa.int TELEPHONE: ------------------------------------------------------------------ DOCUMENT NUMBER: CCSDS 734.5-R-2 Red Book, Issue 2 DOCUMENT NAME: CCSDS Bundle Protocol Security Specification DATE ISSUED: September 2023 PAGE NUMBER: 5 (Annex A) PARAGRAPH NUMBER: RID SHORT TITLE: ICS RL Test#24 Unnecessary/impossible ------------------------------------------------------------------ DESCRIPTION OF REQUESTED CHANGE: (Use From: "..." To "..." format) 1) From: "A BIB integrity value MUST NOT be checked if the security target associated with that value is also the security target of a BCB." To: remove ------------------------------------------------------------------ CATEGORY OF REQUESTED CHANGE: Technical Fact _X_ Recommended ___ Editorial ___ NOTES: TECHNICAL FACT: Major technical change of sufficient magnitude as to render the Recommendation inaccurate and unacceptable if not corrected. (Supporting analysis/rationale is essential.) RECOMMENDED: Change of a nature that would, if incorporated, produce a marked improvement in document quality and acceptance. EDITORIAL: Typographical or other factual error needing correction. (This type of change will be made without feedback to submitter.) ------------------------------------------------------------------ SUPPORTING ANALYSIS: Test 21 says that the BIB must also be encrypted, therefore, BIB integrity value cannot be checked as it's hidden in the ciphertext at this point. Moreover, test 50 says that the BIB must not be processed if a BCB has the same target, making this test obsolete. Thus, I recommend removing the test as the other tests are clearer and cover the same conditions. ------------------------------------------------------------------ DISPOSITION: REVIEW ITEM DISPOSITION (RID): RED BOOK RID INITIATION FORM AGENCY RID NUMBER: ESA-LB-07 SUBMITTING ORGANIZATION (Agency, Center): ESA, ESOC ------------------------------------------------------------------ REVIEWER'S NAME: Lars Baumgaertner / Lukas Holst CODE: OPS-GAE E-MAIL ADDRESS: lars.baumgaertner@esa.int / lukas.holst@ext.esa.int TELEPHONE: ------------------------------------------------------------------ DOCUMENT NUMBER: CCSDS 734.5-R-2 Red Book, Issue 2 DOCUMENT NAME: CCSDS Bundle Protocol Security Specification DATE ISSUED: September 2023 PAGE NUMBER: 5 (Annex A) PARAGRAPH NUMBER: RID SHORT TITLE: ICS RL Test#25 Duplicate ------------------------------------------------------------------ DESCRIPTION OF REQUESTED CHANGE: (Use From: "..." To "..." format) 1) From: "A BIB MUST NOT have a BCB as its security target." To: remove ------------------------------------------------------------------ CATEGORY OF REQUESTED CHANGE: Technical Fact _X_ Recommended ___ Editorial ___ NOTES: TECHNICAL FACT: Major technical change of sufficient magnitude as to render the Recommendation inaccurate and unacceptable if not corrected. (Supporting analysis/rationale is essential.) RECOMMENDED: Change of a nature that would, if incorporated, produce a marked improvement in document quality and acceptance. EDITORIAL: Typographical or other factual error needing correction. (This type of change will be made without feedback to submitter.) ------------------------------------------------------------------ SUPPORTING ANALYSIS: The described condition is already covered in test #7 which covers both BIB and BCB. Thus, this test can be removed. Alternative, have two tests, one for BCB and one for BIB, but then test #7 should be changed/removed. ------------------------------------------------------------------ DISPOSITION: REVIEW ITEM DISPOSITION (RID): RED BOOK RID INITIATION FORM AGENCY RID NUMBER: ESA-LB-08 SUBMITTING ORGANIZATION (Agency, Center): ESA, ESOC ------------------------------------------------------------------ REVIEWER'S NAME: Lars Baumgaertner / Lukas Holst CODE: OPS-GAE E-MAIL ADDRESS: lars.baumgaertner@esa.int / lukas.holst@ext.esa.int TELEPHONE: ------------------------------------------------------------------ DOCUMENT NUMBER: CCSDS 734.5-R-2 Red Book, Issue 2 DOCUMENT NAME: CCSDS Bundle Protocol Security Specification DATE ISSUED: September 2023 PAGE NUMBER: 6 (Annex A) PARAGRAPH NUMBER: RID SHORT TITLE: ICS RL Test#32 Description unclear ------------------------------------------------------------------ DESCRIPTION OF REQUESTED CHANGE: (Use From: "..." To "..." format) 1) From: "If processing a security operation fails, the target SHALL be processed according to the security policy." To: "If processing a security operation fails, the target of the BCB SHALL be processed according to the security policy." ------------------------------------------------------------------ CATEGORY OF REQUESTED CHANGE: Technical Fact ___ Recommended ___ Editorial _X_ NOTES: TECHNICAL FACT: Major technical change of sufficient magnitude as to render the Recommendation inaccurate and unacceptable if not corrected. (Supporting analysis/rationale is essential.) RECOMMENDED: Change of a nature that would, if incorporated, produce a marked improvement in document quality and acceptance. EDITORIAL: Typographical or other factual error needing correction. (This type of change will be made without feedback to submitter.) ------------------------------------------------------------------ SUPPORTING ANALYSIS: Without following the reference to the RFC section it is unclear in this test whether it targets BIB or BCB. ------------------------------------------------------------------ DISPOSITION: REVIEW ITEM DISPOSITION (RID): RED BOOK RID INITIATION FORM AGENCY RID NUMBER: ESA-LB-09 SUBMITTING ORGANIZATION (Agency, Center): ESA, ESOC ------------------------------------------------------------------ REVIEWER'S NAME: Lars Baumgaertner / Lukas Holst CODE: OPS-GAE E-MAIL ADDRESS: lars.baumgaertner@esa.int / lukas.holst@ext.esa.int TELEPHONE: ------------------------------------------------------------------ DOCUMENT NUMBER: CCSDS 734.5-R-2 Red Book, Issue 2 DOCUMENT NAME: CCSDS Bundle Protocol Security Specification DATE ISSUED: September 2023 PAGE NUMBER: 6 (Annex A) PARAGRAPH NUMBER: RID SHORT TITLE: ICS RL Test#33 Description unclear ------------------------------------------------------------------ DESCRIPTION OF REQUESTED CHANGE: (Use From: "..." To "..." format) 1) From: "If processing a security operation fails, a bundle status report indicating the failure MAY be generated." To: "If processing a security operation on a BCB fails, a bundle status report indicating the failure MAY be generated." ------------------------------------------------------------------ CATEGORY OF REQUESTED CHANGE: Technical Fact ___ Recommended ___ Editorial _X_ NOTES: TECHNICAL FACT: Major technical change of sufficient magnitude as to render the Recommendation inaccurate and unacceptable if not corrected. (Supporting analysis/rationale is essential.) RECOMMENDED: Change of a nature that would, if incorporated, produce a marked improvement in document quality and acceptance. EDITORIAL: Typographical or other factual error needing correction. (This type of change will be made without feedback to submitter.) ------------------------------------------------------------------ SUPPORTING ANALYSIS: Without following the reference to the RFC section it is unclear in this test whether it targets BIB or BCB. ------------------------------------------------------------------ DISPOSITION: REVIEW ITEM DISPOSITION (RID): RED BOOK RID INITIATION FORM AGENCY RID NUMBER: ESA-LB-10 SUBMITTING ORGANIZATION (Agency, Center): ESA, ESOC ------------------------------------------------------------------ REVIEWER'S NAME: Lars Baumgaertner / Lukas Holst CODE: OPS-GAE E-MAIL ADDRESS: lars.baumgaertner@esa.int / lukas.holst@ext.esa.int TELEPHONE: ------------------------------------------------------------------ DOCUMENT NUMBER: CCSDS 734.5-R-2 Red Book, Issue 2 DOCUMENT NAME: CCSDS Bundle Protocol Security Specification DATE ISSUED: September 2023 PAGE NUMBER: 8 (Annex A) PARAGRAPH NUMBER: RID SHORT TITLE: ICS RL Test#47 Description unclear ------------------------------------------------------------------ DESCRIPTION OF REQUESTED CHANGE: (Use From: "..." To "..." format) 1) From: "If processing a security operation fails, the target SHALL be processed according to the security policy." To: "If processing a security operation fails, the target of the BIB SHALL be processed according to the security policy." ------------------------------------------------------------------ CATEGORY OF REQUESTED CHANGE: Technical Fact ___ Recommended ___ Editorial _X_ NOTES: TECHNICAL FACT: Major technical change of sufficient magnitude as to render the Recommendation inaccurate and unacceptable if not corrected. (Supporting analysis/rationale is essential.) RECOMMENDED: Change of a nature that would, if incorporated, produce a marked improvement in document quality and acceptance. EDITORIAL: Typographical or other factual error needing correction. (This type of change will be made without feedback to submitter.) ------------------------------------------------------------------ SUPPORTING ANALYSIS: Without following the reference to the RFC section it is unclear in this test whether it targets BIB or BCB. ------------------------------------------------------------------ DISPOSITION: REVIEW ITEM DISPOSITION (RID): RED BOOK RID INITIATION FORM AGENCY RID NUMBER: ESA-LB-11 SUBMITTING ORGANIZATION (Agency, Center): ESA, ESOC ------------------------------------------------------------------ REVIEWER'S NAME: Lars Baumgaertner / Lukas Holst CODE: OPS-GAE E-MAIL ADDRESS: lars.baumgaertner@esa.int / lukas.holst@ext.esa.int TELEPHONE: ------------------------------------------------------------------ DOCUMENT NUMBER: CCSDS 734.5-R-2 Red Book, Issue 2 DOCUMENT NAME: CCSDS Bundle Protocol Security Specification DATE ISSUED: September 2023 PAGE NUMBER: 8 (Annex A) PARAGRAPH NUMBER: RID SHORT TITLE: ICS RL Test#48 Description unclear ------------------------------------------------------------------ DESCRIPTION OF REQUESTED CHANGE: (Use From: "..." To "..." format) 1) From: "If processing a security operation fails, a bundle status report indicating the failure MAY be generated." To: "If processing a security operation on a BIB fails, a bundle status report indicating the failure MAY be generated." ------------------------------------------------------------------ CATEGORY OF REQUESTED CHANGE: Technical Fact ___ Recommended ___ Editorial _X_ NOTES: TECHNICAL FACT: Major technical change of sufficient magnitude as to render the Recommendation inaccurate and unacceptable if not corrected. (Supporting analysis/rationale is essential.) RECOMMENDED: Change of a nature that would, if incorporated, produce a marked improvement in document quality and acceptance. EDITORIAL: Typographical or other factual error needing correction. (This type of change will be made without feedback to submitter.) ------------------------------------------------------------------ SUPPORTING ANALYSIS: Without following the reference to the RFC section it is unclear in this test whether it targets BIB or BCB. ------------------------------------------------------------------ DISPOSITION: REVIEW ITEM DISPOSITION (RID): RED BOOK RID INITIATION FORM AGENCY RID NUMBER: ESA-LB-12 SUBMITTING ORGANIZATION (Agency, Center): ESA, ESOC ------------------------------------------------------------------ REVIEWER'S NAME: Lars Baumgaertner / Lukas Holst CODE: OPS-GAE E-MAIL ADDRESS: lars.baumgaertner@esa.int / lukas.holst@ext.esa.int TELEPHONE: ------------------------------------------------------------------ DOCUMENT NUMBER: CCSDS 734.5-R-2 Red Book, Issue 2 DOCUMENT NAME: CCSDS Bundle Protocol Security Specification DATE ISSUED: September 2023 PAGE NUMBER: 8 (Annex A) PARAGRAPH NUMBER: RID SHORT TITLE: ICS RL Test#53 Description unclear ------------------------------------------------------------------ DESCRIPTION OF REQUESTED CHANGE: (Use From: "..." To "..." format) 1) From: "If a the security target is the payload or primary block, the bundle MAY be discarded. This action can occur at any node that has the ability to verify an integrity signature, not just the bundle destination." To: "If the security policy of a node specifies that a node should have applied integrity to a specific security target and no such BIB is present in the bundle and the security target is the payload or primary block, the bundle MAY be discarded. This action can occur at any node that has the ability to verify an integrity signature, not just the bundle destination." ------------------------------------------------------------------ CATEGORY OF REQUESTED CHANGE: Technical Fact ___ Recommended ___ Editorial _X_ NOTES: TECHNICAL FACT: Major technical change of sufficient magnitude as to render the Recommendation inaccurate and unacceptable if not corrected. (Supporting analysis/rationale is essential.) RECOMMENDED: Change of a nature that would, if incorporated, produce a marked improvement in document quality and acceptance. EDITORIAL: Typographical or other factual error needing correction. (This type of change will be made without feedback to submitter.) ------------------------------------------------------------------ SUPPORTING ANALYSIS: Description text is ambiguous without section reference, context is missing. This test related to #51, similar to #52. #52 repeats the context, #53 does not. Also, there is a typo "a the" in the beginning of the sentence. ------------------------------------------------------------------ DISPOSITION: REVIEW ITEM DISPOSITION (RID): RED BOOK RID INITIATION FORM AGENCY RID NUMBER: ESA-LB-13 SUBMITTING ORGANIZATION (Agency, Center): ESA, ESOC ------------------------------------------------------------------ REVIEWER'S NAME: Lars Baumgaertner / Lukas Holst CODE: OPS-GAE E-MAIL ADDRESS: lars.baumgaertner@esa.int / lukas.holst@ext.esa.int TELEPHONE: ------------------------------------------------------------------ DOCUMENT NUMBER: CCSDS 734.5-R-2 Red Book, Issue 2 DOCUMENT NAME: CCSDS Bundle Protocol Security Specification DATE ISSUED: September 2023 PAGE NUMBER: 8 (Annex A) PARAGRAPH NUMBER: RID SHORT TITLE: ICS RL Test#54 Clearly state that this is the security verifier ------------------------------------------------------------------ DESCRIPTION OF REQUESTED CHANGE: (Use From: "..." To "..." format) 1) From: "If a receiving node is not the security acceptor of a security operation in a BIB, it MAY attempt to verify the security operation anyway to prevent forwarding corrupt data." To: "If a receiving node is not the security acceptor of a security operation in a BIB, it MAY try to act as a security verifier regardless and attempt to verify the security operation to prevent forwarding corrupt data." ------------------------------------------------------------------ CATEGORY OF REQUESTED CHANGE: Technical Fact ___ Recommended ___ Editorial _X_ NOTES: TECHNICAL FACT: Major technical change of sufficient magnitude as to render the Recommendation inaccurate and unacceptable if not corrected. (Supporting analysis/rationale is essential.) RECOMMENDED: Change of a nature that would, if incorporated, produce a marked improvement in document quality and acceptance. EDITORIAL: Typographical or other factual error needing correction. (This type of change will be made without feedback to submitter.) ------------------------------------------------------------------ SUPPORTING ANALYSIS: To be in-line with the roles defined in the document make it clear that this operation is done as the security verifier. ------------------------------------------------------------------ DISPOSITION: REVIEW ITEM DISPOSITION (RID): RED BOOK RID INITIATION FORM AGENCY RID NUMBER: ESA-LB-14 SUBMITTING ORGANIZATION (Agency, Center): ESA, ESOC ------------------------------------------------------------------ REVIEWER'S NAME: Lars Baumgaertner / Lukas Holst CODE: OPS-GAE E-MAIL ADDRESS: lars.baumgaertner@esa.int / lukas.holst@ext.esa.int TELEPHONE: ------------------------------------------------------------------ DOCUMENT NUMBER: CCSDS 734.5-R-2 Red Book, Issue 2 DOCUMENT NAME: CCSDS Bundle Protocol Security Specification DATE ISSUED: September 2023 PAGE NUMBER: 9 (Annex A) PARAGRAPH NUMBER: RID SHORT TITLE: ICS RL Test#59 Fragmentation and BPSec are problematic ------------------------------------------------------------------ DESCRIPTION OF REQUESTED CHANGE: (Use From: "..." To "..." format) ------------------------------------------------------------------ CATEGORY OF REQUESTED CHANGE: Technical Fact _X_ Recommended ___ Editorial ___ NOTES: TECHNICAL FACT: Major technical change of sufficient magnitude as to render the Recommendation inaccurate and unacceptable if not corrected. (Supporting analysis/rationale is essential.) RECOMMENDED: Change of a nature that would, if incorporated, produce a marked improvement in document quality and acceptance. EDITORIAL: Typographical or other factual error needing correction. (This type of change will be made without feedback to submitter.) ------------------------------------------------------------------ SUPPORTING ANALYSIS: Following the discussions on fragmentation with BPSec and the problems of ADU reassembly vs bundle reassembly it seems problematic to have the tests in here. Remove fragmentation related tests completely? Allow source fragmentation only? Divert from the RFC behavior? ------------------------------------------------------------------ DISPOSITION: REVIEW ITEM DISPOSITION (RID): RED BOOK RID INITIATION FORM AGENCY RID NUMBER: ESA-LB-15 SUBMITTING ORGANIZATION (Agency, Center): ESA, ESOC ------------------------------------------------------------------ REVIEWER'S NAME: Lars Baumgaertner / Lukas Holst CODE: OPS-GAE E-MAIL ADDRESS: lars.baumgaertner@esa.int / lukas.holst@ext.esa.int TELEPHONE: ------------------------------------------------------------------ DOCUMENT NUMBER: CCSDS 734.5-R-2 Red Book, Issue 2 DOCUMENT NAME: CCSDS Bundle Protocol Security Specification DATE ISSUED: September 2023 PAGE NUMBER: 9 (Annex A) PARAGRAPH NUMBER: RID SHORT TITLE: ICS RL Test#60 Fragmentation and BPSec are problematic ------------------------------------------------------------------ DESCRIPTION OF REQUESTED CHANGE: (Use From: "..." To "..." format) ------------------------------------------------------------------ CATEGORY OF REQUESTED CHANGE: Technical Fact _X_ Recommended ___ Editorial ___ NOTES: TECHNICAL FACT: Major technical change of sufficient magnitude as to render the Recommendation inaccurate and unacceptable if not corrected. (Supporting analysis/rationale is essential.) RECOMMENDED: Change of a nature that would, if incorporated, produce a marked improvement in document quality and acceptance. EDITORIAL: Typographical or other factual error needing correction. (This type of change will be made without feedback to submitter.) ------------------------------------------------------------------ SUPPORTING ANALYSIS: Following the discussions on fragmentation with BPSec and the problems of ADU reassembly vs bundle reassembly it seems problematic to have the tests in here. Remove fragmentation related tests completely? Allow source fragmentation only? Divert from the RFC behavior? The way the test is not formulated also means that service providers relaying fragmented bundles cannot add BIB to their own internal canonical blocks that they might add, e.g., QoS blocks. Also, even the source of a bundle, if fragmenting it itself, cannot add BIB and BCB to the fragments. ------------------------------------------------------------------ DISPOSITION: