BPSec Default Security Contexts

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Scott.C.Burleigh@jpl.nasa.gov, The IESG <iesg@ietf.org>, Zaheduzzaman.Sarker@ericsson.com, draft-ietf-dtn-bpsec-default-sc@ietf.org, dtn-chairs@ietf.org, dtn@ietf.org, rfc-editor@rfc-editor.org
Subject: Protocol Action: 'BPSec Default Security Contexts' to Proposed Standard (draft-ietf-dtn-bpsec-default-sc-11.txt)

The IESG has approved the following document:
- 'BPSec Default Security Contexts'
  (draft-ietf-dtn-bpsec-default-sc-11.txt) as Proposed Standard

This document is the product of the Delay/Disruption Tolerant Networking
Working Group.

The IESG contact persons are Zaheduzzaman Sarker and Martin Duke.

A URL of this Internet Draft is:

Technical Summary

The Bundle Protocol Security Protocol (BPSec) [I-D.ietf-dtn-bpsec]
specification defines bundle integrity and confidentiality
operations for networks deploying the Bundle Protocol (BP)
[I-D.ietf-dtn-bpbis]. BPSec defines BP extension blocks to carry
security information produced under the auspices of one or more
security contexts.
This document defines default integrity and confidentiality security
contexts that can be used with implementations of the Bundle Protocol
Security Protocol (BPSec).  These security contexts can be used for
both testing the interoperability of BPSec implementations and for
providing basic security operations when no other security contexts
are defined or otherwise required for a network.

   This document defines two security contexts (one for an integrity
service and one for a confidentiality service) for populating BPSec
Block Integrity Blocks (BIBs) and Block Confidentiality Blocks

Working Group Summary

   The present document is the product of one year of active discussions on
the DTN WG mailing list, beginning with questions raised by Area Directors
during the initial IESG review of the BPSec specification in early 2020.
In particular, it was noted that a published default security context
would be required for interoperability among BPSec implementations, both
for conformance testing and also for operational use under some circumstances.
Constraints on this interoperability security context emerged from productive
email exchanges over recent months, and at this point no aspects of the
specification are controversial.  The present document is cited as a normative
reference in the BPSec specification.

Document Quality

   No implementations of the default BPSec security context are known to exist
yet.  Significant issues were identified by Mehmet Adalier (Antara Teknik)
during Working Group Last Call; these issues were addressed in
draft-ietf-dtn-bpsec-default-sc-01.  It is the sense of the Working Group
that the document has no serious problems.  


The Document Shepherd is Scott Burleigh.
The Responsible Area Director is Zaheduzzaman Sarker.