<span style=" font-size:10pt;font-family:sans-serif">Hello everyone,</span>
<br>
<br><span style=" font-size:10pt;font-family:sans-serif">While working
on the interoperability test John and me noticed some minor issues in the
baseline of the current draft. </span>
<br><span style=" font-size:10pt;font-family:sans-serif">See the list below
including suggestions for straight-forward fixes:</span>
<br>
<br><span style=" font-size:10pt;font-family:sans-serif">- The Rekey SA
has two possible PDUs under the same Tag (TC case and TM case): This makes
processing ambiguous without looking up the SPI as well as its assigned
channels OR implying from the length field. Further, it is not clear why
the TM version still needs two Key-IDs as well as both IV and ARSN (doesn't
USLP also work with AES-GCM?).</span>
<br><span style=" font-size:10pt;font-family:sans-serif">--> Suggestion:
Two PDUs with the same structure, e.g., TC: SPI, Auth-Key, ARSN (96 Bit
with padding) and TM: SPI, Encr-Key, IV.(OR all four fields for both)</span>
<br>
<br><span style=" font-size:10pt;font-family:sans-serif">- The Read ARSN
also has two possible PDUs under the same Tag.</span>
<br><span style=" font-size:10pt;font-family:sans-serif">--> Suggestion:
Making the ARSN field 96 Bits (with padding).</span>
<br>
<br><span style=" font-size:10pt;font-family:sans-serif">- The Start SA
PDU only shows one Tag: The third Tag field can be either '01' or '10',
depending on up- or downlink. (also, there can be no mix between both types
of GVCIDs)</span>
<br><span style=" font-size:10pt;font-family:sans-serif">--> Suggestion:
State that the Tag changes when addressing downlink.</span>
<br>
<br><span style=" font-size:10pt;font-family:sans-serif">- The Read ARSN
Reply PDU has no SPI: This makes the procedure implicitly stateful, meaning
it cannot be interpreted on its own and on multiple requests the order
must be considered.</span>
<br><span style=" font-size:10pt;font-family:sans-serif">--> Suggestion:
Include the SPI as well.</span>
<br>
<br><span style=" font-size:10pt;font-family:sans-serif">Cheers,</span>
<br><span style=" font-size:10pt;font-family:sans-serif">David</span><PRE>This message is intended only for the recipient(s) named above. It may contain proprietary information and/or
protected content. Any unauthorised disclosure, use, retention or dissemination is prohibited. If you have received
this e-mail in error, please notify the sender immediately. ESA applies appropriate organisational measures to protect
personal data, in case of data privacy queries, please contact the ESA Data Protection Officer (dpo@esa.int).
</PRE>