[Sis-dtn] Suggested change to RFC 9172 regarding fragmentation

[Lars Baumgaertner]

Hi everyone,

Since we keep running into issues with BPSec and fragmentation we would like to suggest a change of Section 5.2 in rfc 9172 (https://www.rfc-editor.org/rfc/rfc9172.html#name-bundle-fragmentation-and-re), to clarify the proper use of BPSec with fragmentation at least a bit.

Before bringing this into the IETF DTN WG, we would like to discuss our proposal here (plus Security WG).

We would like to change the 2nd paragraph in Sec5.2 of the rfc from:
Due to the complexity of payload-block fragmentation, including the possibility of fragmenting payload-block fragments, integrity and confidentiality operations are not to be applied to a bundle representing a fragment. Specifically, a BCB or BIB MUST NOT be added to a bundle if the "Bundle is a fragment" flag is set in the bundle processing control flags field.

To:
Due to the complexities of payload block fragmentation and the effects of fragmentation on the primary block, fragmentation of bundles containing a Bundle Confidentiality Block (BCB) or a Bundle Integrity Block (BIB) MUST NOT occur. This SHALL be enforced by setting the "Bundle must not be fragmented" flag at the bundle's source or at a node fragmentating a bundle before adding any security blocks to the fragments. This flag MUST be set in the primary blocks of all resulting bundles if fragmentation is applied.

This would allow fragmentation just once together with security operations either at the source or any relay nodes plus the protection of the fragments but would prevent further fragmentation which could potentially invalidate the BIB, e.g., by targeting the primary block, or a BCB with AAD. Additionally, relay nodes might still add their own security blocks to fragments if needed, e.g., authenticating local QoS blocks for their network segment.

Kind regards,
Lars

--
Lars Baumgaertner
Internal Research Fellow (OPS-GAE)
European Space Agency ESA/ESOC
Robert-Bosch-Str. 5, D-64293 Darmstadt

This message is intended only for the recipient(s) named above. It may contain proprietary information and/or protected content. Any unauthorised disclosure, use, retention or dissemination is prohibited. If you have received this e-mail in error, please notify the sender immediately. ESA applies appropriate organisational measures to protect personal data, in case of data privacy queries, please contact the ESA Data Protection Officer (dpo at esa.int).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.ccsds.org/pipermail/sis-dtn/attachments/20250326/e6e7869b/attachment.htm>