draft-ietf-manet-packetbb-sec-01.txt   draft-ietf-manet-packetbb-sec-02.txt 
Mobile Ad hoc Networking (MANET) U. Herberg Mobile Ad hoc Networking (MANET) U. Herberg
Internet-Draft T. Clausen Internet-Draft T. Clausen
Intended status: Standards Track LIX, Ecole Polytechnique Intended status: Standards Track LIX, Ecole Polytechnique
Expires: January 28, 2011 July 27, 2010 Expires: May 15, 2011 November 11, 2010
MANET Cryptographical Signature TLV Definition MANET Cryptographical Signature TLV Definition
draft-ietf-manet-packetbb-sec-01 draft-ietf-manet-packetbb-sec-02
Abstract Abstract
This document describes general and flexible TLVs (type-length-value This document describes general and flexible TLVs (type-length-value
structure) for representing cryptographic signatures as well as structure) for representing cryptographic signatures as well as
timestamps, using the generalized MANET packet/message format timestamps, using the generalized MANET packet/message format
[RFC5444]. It defines two Packet TLVs, two Message TLVs, and two [RFC5444]. It defines two Packet TLVs, two Message TLVs, and two
Address Block TLVs, for affixing cryptographic signatures and Address Block TLVs, for affixing cryptographic signatures and
timestamps to a packet, message and address, respectively. timestamps to a packet, message and address, respectively.
skipping to change at page 1, line 35 skipping to change at page 1, line 35
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 28, 2011. This Internet-Draft will expire on May 15, 2011.
Copyright Notice Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 6, line 14 skipping to change at page 6, line 14
<key-index> is an 8-bit unsigned integer field specifying the key <key-index> is an 8-bit unsigned integer field specifying the key
index of the key which was used to sign the message, which allows index of the key which was used to sign the message, which allows
unique identification of different keys with the same originator. unique identification of different keys with the same originator.
It is the responsibility of each key originator to make sure that It is the responsibility of each key originator to make sure that
actively used keys that it issues have distinct key indices and actively used keys that it issues have distinct key indices and
that all key indices have a value unequal to 0x00. Value 0x00 is that all key indices have a value unequal to 0x00. Value 0x00 is
reserved for a pre-installed, shared key. reserved for a pre-installed, shared key.
<signature-value> is an unsigned integer field, whose length is <signature-value> is an unsigned integer field, whose length is
<length>-2, and which contains the cryptographic signature. <length> - 3, and which contains the cryptographic signature.
The basic version of this TLV assumes that calculating the signature The basic version of this TLV assumes that calculating the signature
can be decomposed into: can be decomposed into:
signature-value = cryptographic-function(hash-function(content)) signature-value = cryptographic-function(hash-function(content))
The hash function and the cryptographic function correspond to the The hash function and the cryptographic function correspond to the
entries in two IANA registries, set up by this specification in entries in two IANA registries, set up by this specification in
Section 12. Section 12.
skipping to change at page 6, line 45 skipping to change at page 6, line 45
able to accommodate such for the foreseeable future. able to accommodate such for the foreseeable future.
The rationale for not including a field that lists parameters of the The rationale for not including a field that lists parameters of the
cryptographic signature in the TLV is, that before being able to cryptographic signature in the TLV is, that before being able to
validate a cryptographic signature, routers have to exchange or validate a cryptographic signature, routers have to exchange or
acquire keys (e.g. public keys). Any additional parameters can be acquire keys (e.g. public keys). Any additional parameters can be
provided together with the keys in that bootstrap process. It is provided together with the keys in that bootstrap process. It is
therefore not necessary, and would even entail an extra overhead, to therefore not necessary, and would even entail an extra overhead, to
transmit the parameters within every message. One inherently transmit the parameters within every message. One inherently
included parameter is the length of the signature, which is <length> included parameter is the length of the signature, which is <length>
- 2 and which depends on the choice of the cryptographic function. - 3 and which depends on the choice of the cryptographic function.
8. General Timestamp TLV Structure 8. General Timestamp TLV Structure
The following data structure allows the representation of a The following data structure allows the representation of a
timestamp. This <timestamp> data structure is specified as: timestamp. This <timestamp> data structure is specified as:
<timestamp> := <time-value> <timestamp> := <time-value>
where: where:
skipping to change at page 16, line 12 skipping to change at page 16, line 12
Figure 1: Example message with signature Figure 1: Example message with signature
Authors' Addresses Authors' Addresses
Ulrich Herberg Ulrich Herberg
LIX, Ecole Polytechnique LIX, Ecole Polytechnique
91128 Palaiseau Cedex, 91128 Palaiseau Cedex,
France France
Phone: +33-1-6933-4126 Phone: +33 1 6933 4126
Email: ulrich@herberg.name Email: ulrich@herberg.name
URI: http://www.herberg.name/ URI: http://www.herberg.name/
Thomas Heide Clausen Thomas Heide Clausen
LIX, Ecole Polytechnique LIX, Ecole Polytechnique
91128 Palaiseau Cedex, 91128 Palaiseau Cedex,
France France
Phone: +33 6 6058 9349 Phone: +33 6 6058 9349
Email: T.Clausen@computer.org Email: T.Clausen@computer.org
 End of changes. 6 change blocks. 
6 lines changed or deleted 6 lines changed or added

This html diff was produced by rfcdiff 1.40. The latest version is available from http://tools.ietf.org/tools/rfcdiff/