Delay-Tolerant Networking                                     E. Birrane
Internet-Draft                                                 S. Heiner
Intended status: Standards Track                                 JHU/APL
Expires: January 11, 2021                                  July 10, 2020


                       Security Context Template
                       draft-birrane-dtn-scot-00

Abstract

   This document defines a standard template for security contexts
   written for the Bundle Protocol Security Protocol (BPSec).

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on January 11, 2021.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.






Birrane & Heiner        Expires January 11, 2021                [Page 1]


Internet-Draft          Security Context Template              July 2020


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Specification Scope . . . . . . . . . . . . . . . . . . .   3
     1.2.  Related Documents . . . . . . . . . . . . . . . . . . . .   3
     1.3.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   4
   2.  System Overview . . . . . . . . . . . . . . . . . . . . . . .   4
     2.1.  Methods of Establishing Context . . . . . . . . . . . . .   4
       2.1.1.  Out-Of-Band Mode  . . . . . . . . . . . . . . . . . .   4
       2.1.2.  In-Band Mode  . . . . . . . . . . . . . . . . . . . .   5
       2.1.3.  Hybrid Mode . . . . . . . . . . . . . . . . . . . . .   6
     2.2.  Security Policy Roles . . . . . . . . . . . . . . . . . .   7
     2.3.  Common Events and Actions . . . . . . . . . . . . . . . .   8
       2.3.1.  Bundle Protocol Reason Codes  . . . . . . . . . . . .   8
       2.3.2.  Event Codes . . . . . . . . . . . . . . . . . . . . .  10
       2.3.3.  Processing Actions  . . . . . . . . . . . . . . . . .  12
     2.4.  Security Policy Considerations  . . . . . . . . . . . . .  14
     2.5.  Security Context Template . . . . . . . . . . . . . . . .  15
       2.5.1.  Overview  . . . . . . . . . . . . . . . . . . . . . .  16
       2.5.2.  Interfaces  . . . . . . . . . . . . . . . . . . . . .  16
       2.5.3.  Definitions . . . . . . . . . . . . . . . . . . . . .  17
       2.5.4.  Canonicalization Algorithms . . . . . . . . . . . . .  17
       2.5.5.  Processing  . . . . . . . . . . . . . . . . . . . . .  18
       2.5.6.  Policy  . . . . . . . . . . . . . . . . . . . . . . .  18
       2.5.7.  IANA Considerations . . . . . . . . . . . . . . . . .  18
   3.  Normative References  . . . . . . . . . . . . . . . . . . . .  18
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  18

1.  Introduction

   The Bundle Protocol (BP) may operate in environments that prevent
   reliable synchronization of session information, to include
   negotiated cryptographic material.  To accommodate for this
   possibility, BP bundles may use extension blocks to carry annotative
   information.  The Bundle Protocol Security Protocol (BPSec) defines
   security-related extension blocks (security blocks) to carry
   cryptographic material, to optionally include material that might
   otherwise be expected resident at communication endpoints.  To
   accomplish these, BPSec security blocks specify a "security context"
   comprising the material generated for, carried with, and/or otherwise
   utilized by the block.

   Where BPSec security blocks traverse networks for which a
   synchronized security mechanism exists, a security context can be
   defined which minimally identifies endpoint information.  For
   example, in networks that support TLS, a security context can be
   defined to carry TLS record information after a successful TLS
   handshake has been used to synchronize state at the endpoints of the



Birrane & Heiner        Expires January 11, 2021                [Page 2]


Internet-Draft          Security Context Template              July 2020


   exchange.  Alternatively, where no such synchronizing security
   mechanisms exist, a security context can be defined which carries
   necessary configuration, cryptographic material, and policy.

   The diversity of networks in which BP, and thus BPSec, may be
   deployed implies a diversity of network contexts in which security
   may be applied.  For this reason, it is expected that multiple
   security contexts will be defined for BPSec security blocks, such
   that BPSec agents may select the most suitable context.  This
   document defines a template for the documentation of security
   contexts.  This template includes Bundle Protocol (BP) reason codes,
   discrete events in the life-cycle of a security block, and policy
   actions that may be taken by a bundle node when processing a security
   block.

1.1.  Specification Scope

   This document defines the information that must be addressed in the
   definition of any BPSec security context specification.
   Specifically, this document details the following information.

   o  Data specification requirements.

   o  Definitions and handling requirements for standard BP reason
      codes.

   o  Definitions and handling requirements for standard error codes.

   o  Guidance for specifying context-specific parameters and results.

   The SCoT addresses only that information necessary for the proper
   specification, interpretation, and processing of BPSec security
   blocks.  Any specific security protocol, cipher suite, or enumeration
   set other than those defined by BP and BPSec are not considered part
   of this document.

1.2.  Related Documents

   This document is best read and understood within the context of the
   following other DTN documents:

   The Concise Binary Object Representation (CBOR) format [RFC7049]
   defines a data format that allows for small code size, fairly small
   message size, and extensibility without version negotiation.  The
   block-specific-data associated with BPSec security blocks are encoded
   in this data format.





Birrane & Heiner        Expires January 11, 2021                [Page 3]


Internet-Draft          Security Context Template              July 2020


   The Bundle Protocol [I-D.ietf-dtn-bpbis] defines the format and
   processing of bundles, defines the extension block format used to
   represent BPSec security blocks, and defines the canonical block
   structure used by this specification.

   The Bundle Security Protocol [I-D.ietf-dtn-bpsec] defines the BP
   extension blocks used to implement security services in a DTN.  This
   also outlines the need for security contexts customized to the
   networks in which BP and BPSec are deployed.

1.3.  Terminology

   This section defines terminology unique to the Security Context
   Template.  Definitions of other terms specific to BP and BPSec, such
   as "Security Acceptor", "Security Block", "Security Context",
   Security Operation", "Security Service", "Security Source", and
   "Security Target" are as defined in BPSec [I-D.ietf-dtn-bpsec].

2.  System Overview

   This section describes how a security context is used by BPSec to
   normalize the diversity of environments encountered by the Bundle
   Protocol.

2.1.  Methods of Establishing Context

   The definition of a security context is based in the concept that
   different networks would provide annotative security information in
   different ways as a function of the capabilities of the network
   itself.  This section discusses three general methods of generating
   context information: out-of-band, in-band, and a hybrid approach.

   For each of these methods the term "in-band" refers to information
   carried within a bundle.

2.1.1.  Out-Of-Band Mode

   The Out-of-Band method of context establishment utilizes out-of-band
   information only, requiring session information to be pre-shared.
   The sending and receiving nodes must be configured using an out-of-
   band method such as separate key management, one-time padding, or ID-
   based encryption and use a pre-placed session key in order to
   establish the context.








Birrane & Heiner        Expires January 11, 2021                [Page 4]


Internet-Draft          Security Context Template              July 2020


+-------------+                                          +-------------+
|             |  (3)          +------------+         (4) |             |
|     BPA     |  -----------> |   bundle   | ----------> |     BPA     |
|             |               +------------+             |             |
+-------------+                                          +-------------+
| Convergence |                                          | Convergence |
|    Layer    |                                          |    Layer    |
+-------------+                                          +-------------+
       ^                                                        ^
       |                                                        |
       | (2)                                                    | (5)
       |                                                        |
       v                                                        v
  __________                                               __________
 /          \                                             /          \
 \__________/                                             \__________/
 |          |                   (1)                       |          |
 | Database | <-----------------------------------------> | Database |
 \__________/                                             \__________/


                               In-Band Mode

   Step 1 shows the out-of-band configuration of both the sending and
   receiving nodes.  A session key is pre-placed in the databases
   accessible by the nodes in step 1.  Step 2 shows the sending node
   retrieving this session key which is used in step 3 to add a security
   block to the bundle which may transport a shared key between the
   sending and receiving nodes.  The bundle arrives at the receiving
   node in step 4, and the pre-placed session key is retrieved in step
   5.  The session key can be used along with the shared key to
   establish the context between the two nodes.

2.1.2.  In-Band Mode

   The In-Band method of context establishment utilizes in-band
   information only.  The key encryption key for both the sending and
   receiving node must be pre-placed so that the node can fetch the
   information from its in-band database.  The session key and any
   additional information necessary to establish the context is
   transported by the bundle.  The receiving node must use its pre-
   placed key-encryption-key in order to recover the session key when
   the bundle is received.








Birrane & Heiner        Expires January 11, 2021                [Page 5]


Internet-Draft          Security Context Template              July 2020


+-------------+                                          +-------------+
|             |  (3)          +------------+         (4) |             |
|     BPA     |  -----------> |   Bundle   | ----------> |     BPA     |
|             |               +------------+             |             |
+-------------+                                          +-------------+
| Convergence |                                          | Convergence |
|    Layer    |                                          |    Layer    |
+-------------+                                          +-------------+
      ^                                                        ^
      |                                                        |
      | (2)                                                    | (5)
      |                                                        |
      v                                                        v
  __________                                               __________
 /          \                                             /          \
 \__________/                                             \__________/
 |          |                                             |          |
 | Database |  (1)                                   (1)  | Database |
 \__________/                                             \__________/


                               In-Band Mode

   Step 1 indicates that the key encryption key has been pre-placed at
   both the sending and receiving node.  The key encryption key is
   supplied to the sending node in step 2, which then uses this key in
   step 3 to add a security block to the bundle.  This security block
   contains a session key and other necessary security context
   parameters used to establish the context.  The bundle is received in
   step 4, and the key encryption key pre-placed at the receiving node
   is fetched in step 5.  The key encryption key is used to recover the
   session key from the bundle, and the session key can be used to
   retrieve the rest of the security results from the block.

2.1.3.  Hybrid Mode

   Using the Hybrid method of context establishment, both in-band and
   out-of-band information is utilized.  A session key is negotiated
   out-of-band, while any additional information necessary to establish
   the context is transported by the bundle.











Birrane & Heiner        Expires January 11, 2021                [Page 6]


Internet-Draft          Security Context Template              July 2020


+-------------+                                          +-------------+
|             |  (3)          +------------+         (4) |             |
|     BPA     |  -----------> |   Bundle   | ----------> |     BPA     |
|             |               +------------+             |             |
+-------------+                                          +-------------+
| Convergence |                                          | Convergence |
|    Layer    | <--------------------------------------->|    Layer    |
+-------------+                     (1)                  +-------------+
       ^                                                        ^
       |                                                        |
       | (2)                                                    | (2)
       |                                                        |
       V                                                        V
  __________                                               __________
 /          \                                             /          \
 \__________/                                             \__________/
 |          |                                             |          |
 | Database |                                             | Database |
 \__________/                                             \__________/


                                Hybrid Mode

   Step 1 shows session establishment, performed by the convergence
   layer of two BP nodes using in-band information including a
   negotiated session key.  At step 2, the session data is stored at
   both nodes in their respective databases.  The sending node adds a
   security block to the bundle containing the information necessary to
   establish the context in the form of security context parameters in
   step 3.  Step 4 shows the augmented bundle arriving at the receiving
   node.  The receiving node can then use the session data in its
   database (in-band information) and the session information
   transmitted in the bundle as security context parameters (out-of-band
   information).

2.2.  Security Policy Roles

   A security context may be interpreted differently based on the role
   of the BPSec-aware node processing the security service.  This
   section defines the roles associated with a security operation.

   Security Source
         A security source node must add the security service to the
         bundle as specified by some policy.  The bundle will first be
         inspected to ensure that the newly required security block has
         not already been added to the bundle.  If it is determined that
         the required security block is not already represented in the
         bundle, a new security block is added and the specified



Birrane & Heiner        Expires January 11, 2021                [Page 7]


Internet-Draft          Security Context Template              July 2020


         security context is used to apply the security service to each
         security target.

   Security Verifier
         A security verifier node must verify (not process) a security
         service in the bundle as specified by the receiver security
         policy.

         A security verifier will verify the integrity signature(s)
         stored as security results of the BIB if the security service
         described by the receiver security policy rule is integrity.

         If policy identifies a BCB for which the node is a security
         verifier, authenticity of the data belonging to the BCB's
         security targets is verified.  Some confidentiality security
         contexts may not support this action, as the cipher suite(s)
         that they utilize do not expose an authentication function.

   Security Acceptor
         A security acceptor node must process a security service in the
         bundle as specified by policy.  In order to process a security
         service, each security target belonging to the security block
         must have its integrity verified and/or its contents decrypted.

2.3.  Common Events and Actions

   This section describes the identification of common events and
   actions associated with the processing of BPSec blocks at bundle
   nodes.  Since these items are not specific to a single security
   context, they should be considered standard across all defined
   security contexts for BPSec.

2.3.1.  Bundle Protocol Reason Codes

   This section describes a set of reason codes associated with the
   processing of a bundle based on a security analysis performed by a
   BPSec-aware BPA.

   Bundle protocol agents (BPAs) must process blocks and bundles in
   accordance with both BP policy and BPSec policy.  The decision to
   receive, forward, deliver, or delete a bundle may be communicated to
   the report-to address of the bundle, in the form of a status report,
   as a method of tracking the progress of the bundle through the
   network.  The status report for a bundle may be augmented with a
   "reason code" explaining why the particular action was taken on the
   bundle.

   Missing Security Service



Birrane & Heiner        Expires January 11, 2021                [Page 8]


Internet-Draft          Security Context Template              July 2020


         This reason code indicates that a bundle was missing one or
         more required security services.  This reason code is used when
         a bundle is received by a security verifier or security
         acceptor and is missing a security service required by that
         verifier or acceptor.

   Unknown Security Service
         This reason code indicates that a security service present in a
         bundle cannot be understood by the security verifier or
         security acceptor of that service.  For example, if a security
         service references a security context identifier, cipher suite
         name, or other parameter that is not known by the verifier/
         acceptor then the service cannot be processed and this reason
         code may be sent.  This reason should not be sent by a node
         that is not configured as a verifier or acceptor of the
         service.  There is no requirement that all BPSec-aware nodes in
         a network be able to understand all security services in all
         bundles in the network.

   Unexpected Security Service
         This reason code indicates that a BPSec-aware node received a
         bundle which contained more security services than expected.
         This is typically used to indicate that a bundle contained a
         security service which was not required by the BPSec-aware node
         receiving the bundle.  This reason code should not be seen as
         an error condition as it is expected that BPSec-aware nodes
         will see security services in a bundle for which they are
         neither a verifier nor an acceptor.  In certain networks, this
         reason code may be useful in identifying misconfiguration in
         the network.

   Failed Security Service
         This reason code indicates that a BPSec-aware node was unable
         to process an existing, known security service in a bundle.
         This may occur when a security-source is unable to add a
         required service to a bundle.  This may occur if a security
         service fails to verify at a security verifier.  This may occur
         is a security service fails to be processed at a security
         acceptor.

   Conflicting Security Services
         This reason code indicates that a bundle received by a BPSec-
         aware node included a set of security services disallowed by
         the BPSec protocol and that security processing was unable to
         be proceed because of a BPSec protocol violation.






Birrane & Heiner        Expires January 11, 2021                [Page 9]


Internet-Draft          Security Context Template              July 2020


2.3.2.  Event Codes

   A life-cycle of a security operation within BPSec is independent of
   the security context used to populate the contents of that security
   operation.  However, security contexts must provide guidance on how a
   BPSec-aware node should react to these events for security operations
   using that context.

   This section identifies the unique events in the life-cycle of a
   security operation that may identify processing points within a
   security context.

2.3.2.1.  Security Source Events

   At a security source, three events may be associated with the
   security operation as its life-cycle is initiated.

   source_for_sop
         When a node is designated as a security source for a security
         operation, there is a security policy rule that requires the
         security operation to be present in the bundle.  When the
         sender security policy rule that applies to the bundle is
         identified, the security operation is acknowledged as needed.

   sop_added_at_source
         A security operation is added when it is represented in the
         bundle as a fully populated security block.  In order for the
         security operation to be considered as added, the security
         block must be allocated for the bundle, represented in the
         bundle, and populated.  Population of a security block includes
         information provided by the sender security policy rule and any
         security results associated with the security operation.  These
         security results must be calculated and stored in either the
         security block or the security target block's block-type-
         specific data.

   sop_misconfigured_at_source
         When a security operation is transitioning from being needed to
         added, it may end up misconfigured.  A security operation may
         be misconfigured if resource exhaustion occurs and there is not
         appropriate space to store a required security block or other
         components of the security block.  A security operation will
         also be considered to be misconfigured if any of the required
         security results cannot be successfully calculated.







Birrane & Heiner        Expires January 11, 2021               [Page 10]


Internet-Draft          Security Context Template              July 2020


2.3.2.2.  Security Verifier Events

   At a security verifier, five events may be associated with the
   security operation.

   verifier_for_sop
         A node is designated as a security verifier when a receiver
         security policy rule is identified which is applicable to the
         current bundle and is associated with the security verifier
         role.  The security operation described by the rule is then
         considered to be needed by the security verifier node.

   sop_misconfigured_at_verifier
         A security operation may be identified as misconfigured by the
         security verifier node.  A misconfigured security operation may
         encounter a resource allocation issue and be unable to add an
         additional, required security result.  A misconfigured security
         operation may also identify an incorrect security context or
         parameter, causing a conflict the security policy rule.

   sop_missing_at_verifier
         A security operation may transition from needed to missing if
         the required security block cannot be located in the bundle by
         the security verifier node.

   sop_corrupted_at_verifier
         A corrupted security operation is identified as a security
         block which is unsuccessfully processed by the security
         verifier node.  A corrupted security operation indicates that
         the security target cannot be verified.

   sop_verified
         When a security operation is designated as processed, the
         security target has been successfully verified.

2.3.2.3.  Security Acceptor Events

   At a security acceptor, five events may be associated with the
   security operation.

   acceptor_for_sop
         A node is designated as a security acceptor when a receiver
         security policy rule is identified that is both applicable to
         the current bundle and associated with the security acceptor
         role.  The security operation described by the rule is then
         considered to be needed by the security acceptor node.

   sop_misconfigured_at_acceptor



Birrane & Heiner        Expires January 11, 2021               [Page 11]


Internet-Draft          Security Context Template              July 2020


         A security operation may be identified as misconfigured by the
         security acceptor node.  A misconfigured security operation
         signals an incorrect security context or parameter, causing a
         conflict the security policy rule.

   sop_missing_at_acceptor
         A security operation is missing if the required security block
         cannot be located in the bundle by the security acceptor node.

   sop_corrupted_at_acceptor
         A corrupted security operation is identified as a security
         block which is unsuccessfully processed by the security
         acceptor node.  A corrupted security operation indicates that
         the security target cannot be verified and/or decrypted.

   sop_processed
         When a security operation is designated as processed, the
         security target has been successfully verified and/or decrypted
         and is removed from the bundle.

2.3.3.  Processing Actions

   This section defines a standard set of processing actions that can be
   specified when defining the policy associated with a security
   context.  The benefit of enumerating these actions is to provide a
   common set of terminology and design across multiple security
   contexts with the purpose of making the development of multi-
   security-context BPSec implementations as similar as possible.

   In particular, a security context may wish to override how a BPSec
   implementation treats the block processing control flags associated
   with a security block and/or its target block using that context.
   While the creator of a target block may set block processing flags it
   may be insecure to process the block in accordance with those flags.
   Similarly, if a target block has been modified since its was created,
   it is possible that the target block's processing flags have also
   been modified and should not necessarily be honored by a receiving
   BPA.

   A security context should specify the situations in which the
   following actions should be taken by a BPSec implementation at a
   BPSec-aware node in the network.

   remove_sop
         When the security operation is removed, it is no longer
         required for that bundle.  If the security operation is the
         only operation represented by the security block, the block
         must be removed from the bundle.  Otherwise, the security



Birrane & Heiner        Expires January 11, 2021               [Page 12]


Internet-Draft          Security Context Template              July 2020


         target's block number is removed from the security block to
         indicate that the particular operation no longer applies.

   remove_sop_target
         Remove security operation's security target and the security
         operations associated with that target - The security
         operation's security target is removed from the bundle, as are
         any additional security operations associated with that target.
         For example, if the target block of a confidentiality service
         is removed, the integrity security operation for that target
         would be removed as well.

   remove_all_target_sops
         Remove all security operations for the security target - This
         option is used to remove all of the security operations
         associated with the security target while retaining the
         security target in the bundle.

   do_not_forward
         Selecting this option will end bundle transmission at the
         current node, regardless of bundle destination.

   request_storage
         This option is paired with 'Do Not Forward Bundle' in order to
         retain a copy of the bundle at the current node.  Bundle
         storage cannot be guaranteed, as node resources are unknown at
         the time of bundle transmission, but selecting this option will
         result in an effort to retain a copy of the bundle at the node.

   report_reason_code(code)
         Generate a status report describing the treatment of the bundle
         and use the provided reason code as the reason.

   override_target_bpcf(mask, new_values)
         Override one or more block processing control flags of the the
         target block and process the block in accordance with the
         overridden flags.  The overridden flags MUST NOT be written
         back to the target block, and only used for processing the
         block locally.

         Manipulating individual flags to be forced to 0, forced to 1,
         or kept as specified in the target block requires two inputs.
         This can be accomplished by the operation:

         local_flags = (block_flags & mask) | (~mask & values)

   override_sop_bpcf(mask, new_values)




Birrane & Heiner        Expires January 11, 2021               [Page 13]


Internet-Draft          Security Context Template              July 2020


         Override one or more block processing control flags of the
         security block associated with the sop and process the block in
         accordance with the overridden flags.  The overridden flags
         MUST NOT be written back to the security block, and only used
         for processing the block locally.

         Manipulating individual flags to be forced to 0, forced to 1,
         or kept as specified in the target block requires two inputs.
         This can be accomplished by the operation:

         local_flags = (block_flags & mask) | (~mask & values)

2.4.  Security Policy Considerations

   A security context details the environment in which cryptographic
   materials are provided to, and retrieved from, the cipher suites used
   for security services in the network.  For this reason, the policy
   associated with determining proper configuration information must be
   addressed in the specifications defining new security contexts
   because this information may differ amongst security contexts.

   This section identifies several policy questions that should be
   addressed in the specification of a security context.  In the absence
   of guidelines for a specific security context, this section defines
   what should be considered default behavior for any security context.

   Target Block Identification
         Security contexts should define how a target block of a
         security service should be identified.  This identification is
         used when determining whether to add a security block at a
         security source, whether to check a security block at a
         verifier, and whether a node should consider itself the
         acceptor of the block.

         DEFAULT BEHAVIOR: Unless otherwise specified, a target block
         MUST be identified at a security source by the three-tuple of
         {bundle source EID, bundle destination EID, and block type of
         the target block}.  A target block at a security verifier and a
         security acceptor is identified by these three information
         elements plus the security context identifier.

   Security Parameter Local Overrides
         Security contexts should define the circumstances in which a
         local BPSec-aware node may override parameters in a security
         block with locally-configured parameters.

         DEFAULT BEHAVIOR: Unless otherwise specified, a locally-
         provided security parameter MUST NOT override a security



Birrane & Heiner        Expires January 11, 2021               [Page 14]


Internet-Draft          Security Context Template              July 2020


         parameter present in a security block.  A local parameter can
         only be used in cases where the corresponding parameter is not
         present in the security block itself.

   Security Processing Actions
         Security contexts should define the circumstances in which the
         processing actions defined in Section 2.3.3 should be used and
         with what inputs.

         DEFAULT BEHAVIOR: Unless otherwise specified, the local, BPSec-
         aware node MUST enforce policy actions as a function of some
         local policy definition at the node itself.  This may be
         through the definition of generic actions for all security
         contexts or it may be identified based on a specific security
         context.

2.5.  Security Context Template

   This section defines a recommended outline for the definition of a
   security context for BPSec.  The purpose of such an outline is to
   both ensure that no critical information is omitted when authoring
   new security contexts and to reduce the cognitive load associated
   with implementing new security contexts by having them confirm to a
   standard representation.

   A security context specification should include the following
   elements.

   1.  Overview

   2.  Interfaces

   3.  Definitions

   4.  Canonicalization Algorithms

   5.  Processing

   6.  Policy

   7.  IANA Considerations

   A single specification may define one or more security contexts, in
   which case this information would be repeated for each security
   context.

   The remainder of this section provides information on the topics that
   should be covered in each of these sections.



Birrane & Heiner        Expires January 11, 2021               [Page 15]


Internet-Draft          Security Context Template              July 2020


2.5.1.  Overview

   This section should identify the rationale for creating a security
   context, whether the context uses in-band, out-of-band, or hybrid
   mechanisms for information exchange, and the unique situations in
   which the context should be used.

2.5.2.  Interfaces

   Security context interfaces detail any special considerations or
   assumptions made when designing the algorithms for creating or
   otherwise processing the contents of security blocks.

2.5.2.1.  Information Provided to the Cipher Suite

   This section should identify how the security context interfaces with
   the cipher suite (or cipher suites) used to process the security
   service.  This may be as simple as providing parameters from the
   security block to a cipher suite implementation.  This may also be a
   more complex interface involving fusing parameter information carried
   by the security block with local information to provide an interface
   to the cipher suite.

   A cipher suite may include parameters such as a key length, mode, or
   number of rounds, which is part of the cipher suite definition.
   These parameters are considered "locked" parameters and are not to be
   confused with the "free" parameters that the user may define for each
   security context.  Where not already defined by the cipher suite
   itself, the security context should clearly identify which parameters
   should be considered "free" and which should be considered "locked".

   In addition to listing cipher suites, this section should identify
   information relating to all "free" cipher suite parameters.  This may
   include selected bit lengths, which parameters are provided by the
   local node, which parameters must be present in the security block
   itself, and how parameters should be protected when represented in a
   security block.

2.5.2.2.  Information Provided by the BPA

   A security context specification should describe the information it
   expects to be provided to it by the local BPA, separate from the
   contents of the security block and target block from the bundle.

   For example, a BPA may additionally provide local the security
   context parameters.





Birrane & Heiner        Expires January 11, 2021               [Page 16]


Internet-Draft          Security Context Template              July 2020


2.5.2.3.  Information Provided to the BPA

   A security context specification should describe the information that
   it will provide back to the local BPA.  Typically this is either the
   output of a cipher suite to be added to a security block in a bundle,
   or some signal for a process event associated with a verification or
   processing action.

2.5.3.  Definitions

   This section defines custom parameters and results associated with
   the security context and carried either within a security block or as
   part of local node configuration.

   Each security context parameters and result is defined as a key-value
   pair, where the key is a CBOR-encoded integer and the value is
   defined as the CBOR encoding of its data type.  This section must
   define any unique parameters and results used by the security
   context, to include the following information.

   o  The integer identifier of the parameter or result item.

   o  Whether multiple instances of this item can be present in a
      security block at one time, and whether at least one instance of
      this item is required to be defined.

   o  Whether this item must be present only in the security block, or
      whether it can also be included as part of the configuration of a
      local node, and how to determine which version of the item to use
      in the event that it is defined in both the security block and the
      local node.

   o  The data type of the item and how that data type must be CBOR
      encoded for representation in the security block.

2.5.4.  Canonicalization Algorithms

   Security context canonicalization algorithms take precedence over any
   others defined.  The exact data and its form when provided to the
   canonicalization algorithm must be determined by the security
   context.

   Consistency and determinism of the block-type-specific data provided
   as input to the security context is critical for security services to
   function as expected.






Birrane & Heiner        Expires January 11, 2021               [Page 17]


Internet-Draft          Security Context Template              July 2020


2.5.5.  Processing

   A security context specification should describe how the context
   should be used to perform every processing action described in
   Section 2.3.2.

2.5.6.  Policy

   A security context specification should describe how the context
   should be configured from a policy perspective.  This should include,
   at a minimum, under which circumstances each policy action identified
   in Section 2.3.3 should be taken.

2.5.7.  IANA Considerations

   Each security context MUST provide an entry in the IANA security
   context identifier registry to uniquely identify the identifiers of
   each security context.

3.  Normative References

   [I-D.ietf-dtn-bpbis]
              Burleigh, S., Fall, K., and E. Birrane, "Bundle Protocol
              Version 7", draft-ietf-dtn-bpbis-25 (work in progress),
              May 2020.

   [I-D.ietf-dtn-bpsec]
              Birrane, E. and K. McKeever, "Bundle Protocol Security
              Specification", draft-ietf-dtn-bpsec-22 (work in
              progress), March 2020.

   [RFC7049]  Bormann, C. and P. Hoffman, "Concise Binary Object
              Representation (CBOR)", RFC 7049, DOI 10.17487/RFC7049,
              October 2013, <https://www.rfc-editor.org/info/rfc7049>.

Authors' Addresses

   Edward J. Birrane, III
   The Johns Hopkins University Applied
         Physics Laboratory
   11100 Johns Hopkins Rd.
   Laurel, MD  20723
   US

   Phone: +1 443 778 7423
   Email: Edward.Birrane@jhuapl.edu





Birrane & Heiner        Expires January 11, 2021               [Page 18]


Internet-Draft          Security Context Template              July 2020


   Sarah Heiner
   The Johns Hopkins University Applied
         Physics Laboratory
   11100 Johns Hopkins Rd.
   Laurel, MD  20723
   US

   Phone: +1 240 592 3704
   Email: Sarah.Heiner@jhuapl.edu










































Birrane & Heiner        Expires January 11, 2021               [Page 19]