Technical Summary
This document defines security features for the Bundle Protocol (BP)
[I-D.ietf-dtn-bpbis] and is intended for use in Delay Tolerant Networks
(DTNs) to provide end-to-end security services.
The BP might be deployed such that portions of the network cannot be
trusted, posing the usual security challenges related to
confidentiality and integrity. However, the stressed nature of the
BP operating environment imposes unique conditions where usual
transport security mechanisms may not be sufficient. For example,
the store-carry-forward nature of the network may require protecting
data at rest, preventing unauthorized consumption of critical
resources such as storage space, and operating without regular
contact with a centralized security oracle (such as a certificate
authority).
An end-to-end security service is needed that operates in all of the
environments where the BP operates. This document defines
such security services.
Working Group Summary
bpsec is descended from the Bundle Security Protocol specification documented
in RFC 6257. That protocol was found to be impractical to implement in some
circumstances; simplifications were developed that were originally termed
"Streamlined Bundle Security Protocol" and then "bpsec" as of the DTN WG
meeting at IETF 94. Technical discussion of the details of bpsec over the
ensuing 3 years has been lively and well-informed, without sharp controversy.
WG consensus on the draft is strong.
Document Quality
The Interplanetary Overlay Network (ION) open-source implementation of the DTN
architecture includes an implementation of Streamlined Bundle Security
Protocol, which is nearly identical to bpsec. Marshall Space Flight Center
intends to add a similar implementation to the DTN2 code base. Early review of
the specification by Dan Harkins (Security Area) was reported at IETF 102
(review-ietf-dtn-bpsec-06-secdir-early-harkins-2018-05-31): the review result
was Has Issues, but it was the sense of the Working Group that no serious
problems were found.
Personnel
The Document Shepherd is Scott Burleigh.
The Responsible Area Director is Magnus Westerlund.