[CESG] Re: Results of CESG Polls closing 14 August 2015

Shames, Peter M (312B) peter.m.shames at jpl.nasa.gov
Fri Aug 28 00:44:54 UTC 2015 

Dear Craig, et al,

I have reviewed the proposed changes to the document.  I find all of them acceptable except for one.  I really believe that this document will better represent its functions if a new, simplified, version of "figure 6-1” is included in sec 2.2.2.  This would allow you to introduce in a graphical way exactly what this protocol does relative to the three space data link protocols.   You can then point to the protocol specific versions as you have.

And on pg 6-1, sec 6.1 there was a side note about the "management system” being unspecified.  I propose changing the text to read "Through the use of an out of band and unspecified management system…"

I think that gets the flavor of what you are describing.  Would you agree?

There is this further loose end having to do with the “still in work” CCSDS SDLS Extended Procedures recommendation (reference 355.1-B).  It is mentioned twice in the document in NOTE and overview text.  Since it is not final this is probably appropriate.  Tom Gannett will probably have an opinion about this, but I think you could insert a reference to the Red Book in the non normative references and mark it as [Future}.  We did that on the SCCS-ARD and no one screamed, and it at least gets a clear reference to the “to be published” standard into the document.

Best regards, Peter



From: "Biggerstaff, Craig (JSC-CD221)[LOCKHEED MARTIN CORP]" <craig.biggerstaff at nasa.gov<mailto:craig.biggerstaff at nasa.gov>>
Date: Thursday, August 27, 2015 at 4:16 PM
To: Peter Shames <peter.m.shames at jpl.nasa.gov<mailto:peter.m.shames at jpl.nasa.gov>>, Keith Scott <kscott at mitre.org<mailto:kscott at mitre.org>>, "tomaso.decola at dlr.de<mailto:tomaso.decola at dlr.de>" <tomaso.decola at dlr.de<mailto:tomaso.decola at dlr.de>>
Cc: CCSDS Engineering Steering Group - CESG Exec <cesg at mailman.ccsds.org<mailto:cesg at mailman.ccsds.org>>, Gilles Moury <Gilles.Moury at cnes.fr<mailto:Gilles.Moury at cnes.fr>>, "howie.weiss at sparta.com<mailto:howie.weiss at sparta.com>" <howie.weiss at sparta.com<mailto:howie.weiss at sparta.com>>
Subject: RE: Results of CESG Polls closing 14 August 2015

Dear ADs/DADs,

As the book editor of CCSDS 355.1-B-0 'Space Data Link Security Protocol', I have attached proposed text changes that, the WG believes, will resolve your CESG poll conditions.  Please review these changes and let me know if the changes answer your requirements.  Thank you.



Best regards,

Craig Biggerstaff

At 03:37 PM 8/17/2015, CCSDS Secretariat wrote:
CESG E-Poll Identifier: CESG-P-2015-07-001 Approval to publish CCSDS
355.0-B-1, Space Data Link Security Protocol (Blue Book, Issue 1)
Results of CESG poll beginning 31 July 2015 and ending 14 August 2015:

                  Abstain:  0 (0%)
  Approve Unconditionally:  6 (66.67%) (Merri, Behal, Calzolari,
Moury, Suess, Barton)
  Approve with Conditions:  3 (33.33%) (Shames, Scott, Cola)
  Disapprove with Comment:  0 (0%)

CONDITIONS/COMMENTS:

Peter Shames (Approve with Conditions): We need this document to be
published, and soon, but there are still a few inconsistencies that
I believe should be fixed before that happens. There are marked in
the attached text, but I will summarize them here:

1) The document is missing a really good overview description and
figure showing the relationship of the user provided transfer frame
data field to the secured field. Such figures are in docs like CCSDS 232x0b.

What you are asking for was originally in the SDLS Red Book but was moved to the TC/TM/AOS Pink Books.  The WG would prefer to reference those books instead of duplicating the overview information.


2) related to 1), the term "payload" is defined in sec 1.6, but it
is then not used in any consistent way within the rest of the
document. And the definition of the word "payload" is disjoint from
other CCSDS usage. The word "package" or "user provided data" might be better.

The use of "Payload" in this document follows its common use within cryptography.  Its meaning within the context of this document has been defined in 1.8, and it is now capitalized as a proper name throughout.  The WG believes this will clear up any confusion.


3) The Security Association Management Service, sec 3.4, reads like
Green Book material, not Blue Book. There is not even an abstract
service spec provided and as such it appears to be non-normative
content. The related "Primitives" are not even sketched out, which
makes this section look even more "unfinished".

The WG's consensus was that specifying only the required Security Association managed parameters was sufficient for 355.0, which the WG wanted to keep 'lightweight'.  The WG did originally consider a set of service primitives covering SA management, but decided that including them in the 355.0 core protocol would unduly constrain operations centers to a particular state model for operational key changes and recovery from spacecraft failures, where is not now any consensus to reverse agency-specific approaches.  Those subjects were deemed material for the Green Book or else for the SDLS Extended Procedures Blue Book.


4) There is a repeated description of "Rollover of the sequence
number could be used to signal the end of the acceptable lifetime of
a cryptographic key", which sounds like specific guidance, but
always appears in a NOTE. This might be better expressed in a real
requirement as a "may".

The NOTEs have been modified to eliminate any guidance and to refer to the GB.


Keith Scott (Approve with Conditions): I concur with Tomaso that a
note stating the non-applicability of this specification to
Proximity-2 communications would be quite helpful.

Tomaso de Cola (Approve with Conditions): As the book relates to
security implemented in the data link layer of CCSDS protocol stack,
I would expect a note or comment in Section 1 to state that the
scope of the book is limited to AOS, TM, and TC and does not address
Proximity. Finding no mention of proximity leaves some uncertainty
on the overall security implementation in SDLP.

A statement to this effect has been added to paragraph 2.1.



Note for future book amendments, the green book CCSDS 350.0-G-2 (THE
APPLICATION OF CCSDS PROTOCOLS
TO SECURE SYSTEMS ) will probably require some minor revision to
reflect the changes provided in this blue book, once published.


Total Respondents: 9
No response was received from the following Area(s):

CSS

SECRETARIAT INTERPRETATION OF RESULTS:  Approved with Conditions
PROPOSED SECRETARIAT ACTION:            Generate CMC poll after
conditions have been addressed

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.ccsds.org/pipermail/cesg/attachments/20150828/bb2034e8/attachment.html>

More information about the CESG mailing list