@techreport{nichols-iotops-defined-trust-transport-07, number = {draft-nichols-iotops-defined-trust-transport-07}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-nichols-iotops-defined-trust-transport/07/}, author = {Kathleen Nichols and Van Jacobson and Randy King}, title = {{Defined-Trust Transport (DeftT) Protocol for Limited Domains}}, pagetotal = 77, year = 2024, month = aug, day = 15, abstract = {This document is not an Internet Standards Track specification and does not enjoy IETF consensus. It is published for examination, evaluation, and experimentation. The Defined-trust Transport (DeftT) framework is designed to provide default-deny communications for certain types of Limited Domains (RFC8799) used for Operational Technology (OT) networks and, in particular, Critical Infrastructure networking. DeftT is designed to express and enforce application- and deployment-specific integrity, authentication, access control and behavior constraints directly in its protocol modules. It enables secure and completely self-contained (e.g., no external identity servers or certificate authorities) overlay networks where credentialed members can join and leave at any time. Security is not optional and members preconfigured only with their individual cryptographically secured identities and the secured communication rules independently authenticate other members' identities and their role- and attribute-specific communications. DeftT is an integrated trust management, multi-party transport that synchronizes collections of secured information across all members of its domain. It uses a many-to-many synchronization primitive rather than source-destination send-and-acknowledgement. Packets are not routable and information only leaves its originating subnet if it is both explicitly permitted in the secured rules and there is a member element (relay) constructed to move validated information containers across subnets. DeftT provides default deny networking for closed communities with dynamic membership and a collection-based transport that is efficient on broadcast media. DeftT is part of a Defined- trust Communications approach with an example implementation available. Combined with IPv6 multicast and modern hardware-based methods for securing keys and code, it can provide a foundation for secure and efficient communications in Limited Domains, particularaly in Critical Infrastructure domains.}, }