idnits 2.17.1 draft-ietf-dtn-bpbis-21.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (January 30, 2020) is 1519 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'BPSEC' -- Possible downref: Non-RFC (?) normative reference: ref. 'CRC16' ** Obsolete normative reference: RFC 4960 (Obsoleted by RFC 9260) ** Obsolete normative reference: RFC 7049 (Obsoleted by RFC 8949) Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Delay-Tolerant Networking Working Group S. Burleigh 2 Internet Draft JPL, Calif. Inst. Of Technology 3 Intended status: Standards Track K. Fall 4 Expires: August 2, 2020 Roland Computing Services 5 E. Birrane 6 APL, Johns Hopkins University 7 January 30, 2020 9 Bundle Protocol Version 7 10 draft-ietf-dtn-bpbis-21.txt 12 Status of this Memo 14 This Internet-Draft is submitted in full conformance with the 15 provisions of BCP 78 and BCP 79. 17 Internet-Drafts are working documents of the Internet Engineering 18 Task Force (IETF), its areas, and its working groups. Note that 19 other groups may also distribute working documents as Internet- 20 Drafts. 22 Internet-Drafts are draft documents valid for a maximum of six 23 months and may be updated, replaced, or obsoleted by other documents 24 at any time. It is inappropriate to use Internet-Drafts as 25 reference material or to cite them other than as "work in progress." 27 The list of current Internet-Drafts can be accessed at 28 http://www.ietf.org/ietf/1id-abstracts.txt 30 The list of Internet-Draft Shadow Directories can be accessed at 31 http://www.ietf.org/shadow.html 33 This Internet-Draft will expire on August 2, 2020. 35 Copyright Notice 37 Copyright (c) 2020 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (http://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with 45 respect to this document. Code Components extracted from this 46 document must include Simplified BSD License text as described in 47 Section 4.e of the Trust Legal Provisions and are provided without 48 warranty as described in the Simplified BSD License. 50 Abstract 52 This Internet Draft presents a specification for Bundle Protocol, 53 adapted from the experimental Bundle Protocol specification 54 developed by the Delay-Tolerant Networking Research group of the 55 Internet Research Task Force and documented in RFC 5050. 57 Table of Contents 59 1. Introduction...................................................3 60 2. Conventions used in this document..............................5 61 3. Service Description............................................5 62 3.1. Definitions...............................................5 63 3.2. Discussion of BP concepts.................................9 64 3.3. Services Offered by Bundle Protocol Agents...............12 65 4. Bundle Format.................................................12 66 4.1. BP Fundamental Data Structures...........................13 67 4.1.1. CRC Type............................................13 68 4.1.2. CRC.................................................13 69 4.1.3. Bundle Processing Control Flags.....................14 70 4.1.4. Block Processing Control Flags......................15 71 4.1.5. Identifiers.........................................16 72 4.1.5.1. Endpoint ID....................................16 73 4.1.5.2. Node ID........................................17 74 4.1.6. DTN Time............................................18 75 4.1.7. Creation Timestamp..................................18 76 4.1.8. Block-type-specific Data............................18 77 4.2. Bundle Representation....................................18 78 4.2.1. Bundle..............................................19 79 4.2.2. Primary Bundle Block................................19 80 4.2.3. Canonical Bundle Block Format.......................21 81 4.3. Extension Blocks.........................................22 82 4.3.1. Previous Node.......................................22 83 4.3.2. Bundle Age..........................................23 84 4.3.3. Hop Count...........................................23 85 5. Bundle Processing.............................................24 86 5.1. Generation of Administrative Records.....................24 87 5.2. Bundle Transmission......................................25 88 5.3. Bundle Dispatching.......................................25 89 5.4. Bundle Forwarding........................................25 90 5.4.1. Forwarding Contraindicated..........................27 91 5.4.2. Forwarding Failed...................................28 92 5.5. Bundle Expiration........................................28 93 5.6. Bundle Reception.........................................28 94 5.7. Local Bundle Delivery....................................29 95 5.8. Bundle Fragmentation.....................................30 96 5.9. Application Data Unit Reassembly.........................32 97 5.10. Bundle Deletion.........................................32 98 5.11. Discarding a Bundle.....................................32 99 5.12. Canceling a Transmission................................32 100 6. Administrative Record Processing..............................33 101 6.1. Administrative Records...................................33 102 6.1.1. Bundle Status Reports...............................34 103 6.2. Generation of Administrative Records.....................36 104 7. Services Required of the Convergence Layer....................37 105 7.1. The Convergence Layer....................................37 106 7.2. Summary of Convergence Layer Services....................37 107 8. Implementation Status.........................................37 108 9. Security Considerations.......................................39 109 10. IANA Considerations..........................................40 110 10.1. Bundle Block Types......................................40 111 10.2. Primary Bundle Protocol Version.........................41 112 10.3. Bundle Processing Control Flags.........................41 113 10.4. Block Processing Control Flags..........................44 114 10.5. Bundle Status Report Reason Codes.......................45 115 10.6. Bundle Protocol URI scheme types........................46 116 10.7. URI scheme "dtn"........................................47 117 10.8. URI scheme "ipn"........................................49 118 11. References...................................................51 119 11.1. Normative References....................................51 120 11.2. Informative References..................................52 121 12. Acknowledgments..............................................53 122 13. Significant Changes from RFC 5050............................53 123 Appendix A. For More Information.................................54 124 Appendix B. CDDL expression......................................55 126 1. Introduction 128 Since the publication of the Bundle Protocol Specification 129 (Experimental RFC 5050) in 2007, the Delay-Tolerant Networking (DTN) 130 Bundle Protocol has been implemented in multiple programming 131 languages and deployed to a wide variety of computing platforms. 132 This implementation and deployment experience has identified 133 opportunities for making the protocol simpler, more capable, and 134 easier to use. The present document, standardizing the Bundle 135 Protocol (BP), is adapted from RFC 5050 in that context, reflecting 136 lessons learned. Significant changes from the Bundle Protocol 137 specification defined in RFC 5050 are listed in section 13. 139 This document describes version 7 of BP. 141 Delay Tolerant Networking is a network architecture providing 142 communications in and/or through highly stressed environments. 143 Stressed networking environments include those with intermittent 144 connectivity, large and/or variable delays, and high bit error 145 rates. To provide its services, BP may be viewed as sitting at the 146 application layer of some number of constituent networks, forming a 147 store-carry-forward overlay network. Key capabilities of BP 148 include: 150 . Ability to use physical motility for the movement of data 151 . Ability to move the responsibility for error control from one 152 node to another 153 . Ability to cope with intermittent connectivity, including cases 154 where the sender and receiver are not concurrently present in 155 the network 156 . Ability to take advantage of scheduled, predicted, and 157 opportunistic connectivity, whether bidirectional or 158 unidirectional, in addition to continuous connectivity 159 . Late binding of overlay network endpoint identifiers to 160 underlying constituent network addresses 162 For descriptions of these capabilities and the rationale for the DTN 163 architecture, see [ARCH] and [SIGC]. 165 BP's location within the standard protocol stack is as shown in 166 Figure 1. BP uses underlying "native" transport and/or network 167 protocols for communications within a given constituent network. 169 The interface between the bundle protocol and a specific underlying 170 protocol is termed a "convergence layer adapter". 172 Figure 1 shows three distinct transport and network protocols 173 (denoted T1/N1, T2/N2, and T3/N3). 175 +-----------+ +-----------+ 176 | BP app | | BP app | 177 +---------v-| +->>>>>>>>>>v-+ +->>>>>>>>>>v-+ +-^---------+ 178 | BP v | | ^ BP v | | ^ BP v | | ^ BP | 179 +---------v-+ +-^---------v-+ +-^---------v-+ +-^---------+ 180 | T1 v | + ^ T1/T2 v | + ^ T2/T3 v | | ^ T3 | 181 +---------v-+ +-^---------v-+ +-^---------v + +-^---------+ 182 | N1 v | | ^ N1/N2 v | | ^ N2/N3 v | | ^ N3 | 183 +---------v-+ +-^---------v + +-^---------v-+ +-^---------+ 184 | >>>>>>>>^ >>>>>>>>>>^ >>>>>>>>^ | 185 +-----------+ +-------------+ +-------------+ +-----------+ 186 | | | | 187 |<---- A network ---->| |<---- A network ---->| 188 | | | | 190 Figure 1: The Bundle Protocol in the Protocol Stack Model 192 This document describes the format of the protocol data units 193 (called "bundles") passed between entities participating in BP 194 communications. 196 The entities are referred to as "bundle nodes". This document does 197 not address: 199 . Operations in the convergence layer adapters that bundle nodes 200 use to transport data through specific types of internets. 201 (However, the document does discuss the services that must be 202 provided by each adapter at the convergence layer.) 203 . The bundle route computation algorithm. 204 . Mechanisms for populating the routing or forwarding information 205 bases of bundle nodes. 206 . The mechanisms for securing bundles en route. 207 . The mechanisms for managing bundle nodes. 209 Note that implementations of the specification presented in this 210 document will not be interoperable with implementations of RFC 5050. 212 2. Conventions used in this document 214 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 215 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 216 "OPTIONAL" in this document are to be interpreted as described in 217 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 218 capitals, as shown here. 220 3. Service Description 222 3.1. Definitions 224 Bundle - A bundle is a protocol data unit of BP, so named because 225 negotiation of the parameters of a data exchange may be impractical 226 in a delay-tolerant network: it is often better practice to "bundle" 227 with a unit of application data all metadata that might be needed in 228 order to make the data immediately usable when delivered to the 229 application. Each bundle comprises a sequence of two or more 230 "blocks" of protocol data, which serve various purposes. 232 Block - A bundle protocol block is one of the protocol data 233 structures that together constitute a well-formed bundle. 235 Application Data Unit (ADU) - An application data unit is the unit 236 of data whose conveyance to the bundle's destination is the purpose 237 for the transmission of some bundle that is not a fragment (as 238 defined below). 240 Bundle payload - A bundle payload (or simply "payload") is the 241 content of the bundle's payload block. The terms "bundle content", 242 "bundle payload", and "payload" are used interchangeably in this 243 document. For a bundle that is not a fragment (as defined below), 244 the payload is an application data unit. 246 Partial payload - A partial payload is a payload that comprises 247 either the first N bytes or the last N bytes of some other payload 248 of length M, such that 0 < N < M. Note that every partial payload 249 is a payload and therefore can be further subdivided into partial 250 payloads. 252 Fragment - A fragment is a bundle whose payload block contains a 253 partial payload. 255 Bundle node - A bundle node (or, in the context of this document, 256 simply a "node") is any entity that can send and/or receive bundles. 257 Each bundle node has three conceptual components, defined below, as 258 shown in Figure 2: a "bundle protocol agent", a set of zero or more 259 "convergence layer adapters", and an "application agent". 261 +-----------------------------------------------------------+ 262 |Node | 263 | | 264 | +-------------------------------------------------------+ | 265 | |Application Agent | | 266 | | | | 267 | | +--------------------------+ +----------------------+ | | 268 | | |Administrative element | |Application-specific | | | 269 | | | | |element | | | 270 | | | | | | | | 271 | | +--------------------------+ +----------------------+ | | 272 | | ^ ^ | | 273 | | Admin|records Application|data | | 274 | | | | | | 275 | +----------------v--------------------------v-----------+ | 276 | ^ | 277 | | ADUs | 278 | | | 279 | +-----------------------------v-------------------------+ | 280 | |Bundle Protocol Agent | | 281 | | | | 282 | | | | 283 | +-------------------------------------------------------+ | 284 | ^ ^ ^ | 285 | | Bundles | Bundles Bundles | | 286 | | | | | 287 | +------v-----+ +-----v------+ +-----v-----+ | 288 | |CLA 1 | |CLA 2 | |CLA n | | 289 | | | | | . . . | | | 290 | | | | | | | | 291 +-+------------+-----+------------+-----------+-----------+-+ 292 ^ ^ ^ 293 CL1|PDUs CL2|PDUs CLn|PDUs 294 | | | 295 +------v-----+ +-----v------+ +-----v-----+ 296 Network 1 Network 2 Network n 298 Figure 2: Components of a Bundle Node 300 Bundle protocol agent - The bundle protocol agent (BPA) of a node is 301 the node component that offers the BP services and executes the 302 procedures of the bundle protocol. 304 Convergence layer adapter - A convergence layer adapter (CLA) is a 305 node component that sends and receives bundles on behalf of the BPA, 306 utilizing the services of some 'native' protocol stack that is 307 supported in one of the networks within which the node is 308 functionally located. 310 Application agent - The application agent (AA) of a node is the node 311 component that utilizes the BP services to effect communication for 312 some user purpose. The application agent in turn has two elements, 313 an administrative element and an application-specific element. 315 Application-specific element - The application-specific element of 316 an AA is the node component that constructs, requests transmission 317 of, accepts delivery of, and processes units of user application 318 data. 320 Administrative element - The administrative element of an AA is the 321 node component that constructs and requests transmission of 322 administrative records (defined below), including status reports, 323 and accepts delivery of and processes any administrative records 324 that the node receives. 326 Administrative record - A BP administrative record is an application 327 data unit that is exchanged between the administrative elements of 328 nodes' application agents for some BP administrative purpose. The 329 only administrative record defined in this specification is the 330 status report, discussed later. 332 Bundle endpoint - A bundle endpoint (or simply "endpoint") is a set 333 of zero or more bundle nodes that all identify themselves for BP 334 purposes by some common identifier, called a "bundle endpoint ID" 335 (or, in this document, simply "endpoint ID"; endpoint IDs are 336 described in detail in Section 4.4.1 below). 338 Singleton endpoint - A singleton endpoint is an endpoint that always 339 contains exactly one member. 341 Registration - A registration is the state machine characterizing a 342 given node's membership in a given endpoint. Any single 343 registration has an associated delivery failure action as defined 344 below and must at any time be in one of two states: Active or 345 Passive. 347 Delivery - A bundle is considered to have been delivered at a node 348 subject to a registration as soon as the application data unit that 349 is the payload of the bundle, together with any relevant metadata 350 (an implementation matter), has been presented to the node's 351 application agent in a manner consistent with the state of that 352 registration. 354 Deliverability - A bundle is considered "deliverable" subject to a 355 registration if and only if (a) the bundle's destination endpoint is 356 the endpoint with which the registration is associated, (b) the 357 bundle has not yet been delivered subject to this registration, and 358 (c) the bundle has not yet been "abandoned" (as defined below) 359 subject to this registration. 361 Abandonment - To abandon a bundle subject to some registration is to 362 assert that the bundle is not deliverable subject to that 363 registration. 365 Delivery failure action - The delivery failure action of a 366 registration is the action that is to be taken when a bundle that is 367 "deliverable" subject to that registration is received at a time 368 when the registration is in the Passive state. 370 Destination - The destination of a bundle is the endpoint comprising 371 the node(s) at which the bundle is to be delivered (as defined 372 above). 374 Transmission - A transmission is an attempt by a node's BPA to cause 375 copies of a bundle to be delivered to one or more of the nodes that 376 are members of some endpoint (the bundle's destination) in response 377 to a transmission request issued by the node's application agent. 379 Forwarding - To forward a bundle to a node is to invoke the services 380 of one or more CLAs in a sustained effort to cause a copy of the 381 bundle to be received by that node. 383 Discarding - To discard a bundle is to cease all operations on the 384 bundle and functionally erase all references to it. The specific 385 procedures by which this is accomplished are an implementation 386 matter. 388 Retention constraint - A retention constraint is an element of the 389 state of a bundle that prevents the bundle from being discarded. 390 That is, a bundle cannot be discarded while it has any retention 391 constraints. 393 Deletion - To delete a bundle is to remove unconditionally all of 394 the bundle's retention constraints, enabling the bundle to be 395 discarded. 397 3.2. Discussion of BP concepts 399 Multiple instances of the same bundle (the same unit of DTN protocol 400 data) might exist concurrently in different parts of a network -- 401 possibly differing in some blocks -- in the memory local to one or 402 more bundle nodes and/or in transit between nodes. In the context of 403 the operation of a bundle node, a bundle is an instance (copy), in 404 that node's local memory, of some bundle that is in the network. 406 The payload for a bundle forwarded in response to a bundle 407 transmission request is the application data unit whose location is 408 provided as a parameter to that request. The payload for a bundle 409 forwarded in response to reception of a bundle is the payload of the 410 received bundle. 412 In the most familiar case, a bundle node is instantiated as a single 413 process running on a general-purpose computer, but in general the 414 definition is meant to be broader: a bundle node might alternatively 415 be a thread, an object in an object-oriented operating system, a 416 special-purpose hardware device, etc. 418 The manner in which the functions of the BPA are performed is wholly 419 an implementation matter. For example, BPA functionality might be 420 coded into each node individually; it might be implemented as a 421 shared library that is used in common by any number of bundle nodes 422 on a single computer; it might be implemented as a daemon whose 423 services are invoked via inter-process or network communication by 424 any number of bundle nodes on one or more computers; it might be 425 implemented in hardware. 427 Every CLA implements its own thin layer of protocol, interposed 428 between BP and the (usually "top") protocol(s) of the underlying 429 native protocol stack; this "CL protocol" may only serve to 430 multiplex and de-multiplex bundles to and from the underlying native 431 protocol, or it may offer additional CL-specific functionality. The 432 manner in which a CLA sends and receives bundles, as well as the 433 definitions of CLAs and CL protocols, are beyond the scope of this 434 specification. 436 Note that the administrative element of a node's application agent 437 may itself, in some cases, function as a convergence-layer adapter. 438 That is, outgoing bundles may be "tunneled" through encapsulating 439 bundles: 441 . An outgoing bundle constitutes a byte array. This byte array 442 may, like any other, be presented to the bundle protocol agent 443 as an application data unit that is to be transmitted to some 444 endpoint. 445 . The original bundle thus forms the payload of an encapsulating 446 bundle that is forwarded using some other convergence-layer 447 protocol(s). 448 . When the encapsulating bundle is received, its payload is 449 delivered to the peer application agent administrative element, 450 which then instructs the bundle protocol agent to dispatch that 451 original bundle in the usual way. 453 The purposes for which this technique may be useful (such as cross- 454 domain security) are beyond the scope of this specification. 456 The only interface between the BPA and the application-specific 457 element of the AA is the BP service interface. But between the BPA 458 and the administrative element of the AA there is a (conceptual) 459 private control interface in addition to the BP service interface. 460 This private control interface enables the BPA and the 461 administrative element of the AA to direct each other to take action 462 under specific circumstances. 464 In the case of a node that serves simply as a BP "router", the AA 465 may have no application-specific element at all. The application- 466 specific elements of other nodes' AAs may perform arbitrarily 467 complex application functions, perhaps even offering multiplexed DTN 468 communication services to a number of other applications. As with 469 the BPA, the manner in which the AA performs its functions is wholly 470 an implementation matter. 472 Singletons are the most familiar sort of endpoint, but in general 473 the endpoint notion is meant to be broader. For example, the nodes 474 in a sensor network might constitute a set of bundle nodes that 475 identify themselves by a single common endpoint ID and thus form a 476 single bundle endpoint. *Note* too that a given bundle node might 477 identify itself by multiple endpoint IDs and thus be a member of 478 multiple bundle endpoints. 480 The destination of every bundle is an endpoint, which may or may not 481 be singleton. The source of every bundle is a node, identified by 482 the endpoint ID for some singleton endpoint that contains that node. 483 Note, though, that the source node ID asserted in a given bundle may 484 be the null endpoint ID (as described later) rather than the 485 endpoint ID of the actual source node; bundles for which the 486 asserted source node ID is the null endpoint ID are termed 487 "anonymous" bundles. 489 Any number of transmissions may be concurrently undertaken by the 490 bundle protocol agent of a given node. 492 When the bundle protocol agent of a node determines that a bundle 493 must be forwarded to a node (either to a node that is a member of 494 the bundle's destination endpoint or to some intermediate forwarding 495 node) in the course of completing the successful transmission of 496 that bundle, the bundle protocol agent invokes the services of one 497 or more CLAs in a sustained effort to cause a copy of the bundle to 498 be received by that node. 500 Upon reception, the processing of a bundle that has been received by 501 a given node depends on whether or not the receiving node is 502 registered in the bundle's destination endpoint. If it is, and if 503 the payload of the bundle is non-fragmentary (possibly as a result 504 of successful payload reassembly from fragmentary payloads, 505 including the original payload of the newly received bundle), then 506 the bundle is normally delivered to the node's application agent 507 subject to the registration characterizing the node's membership in 508 the destination endpoint. 510 The bundle protocol does not natively ensure delivery of a bundle to 511 its destination. Data loss along the path to the destination node 512 can be minimized by utilizing reliable convergence-layer protocols 513 between neighbors on all segments of the end-to-end path, but for 514 end-to-end bundle delivery assurance it will be necessary to develop 515 extensions to the bundle protocol and/or application-layer 516 mechanisms. 518 The bundle protocol is designed for extensibility. Bundle protocol 519 extensions, documented elsewhere, may extend this specification by: 521 . defining additional blocks; 522 . defining additional administrative records; 523 . defining additional bundle processing flags; 524 . defining additional block processing flags; 525 . defining additional types of bundle status reports; 526 . defining additional bundle status report reason codes; 527 . defining additional mandates and constraints on processing 528 that conformant bundle protocol agents must perform at 529 specified points in the inbound and outbound bundle processing 530 cycles. 532 3.3. Services Offered by Bundle Protocol Agents 534 The BPA of each node is expected to provide the following services 535 to the node's application agent: 537 . commencing a registration (registering the node in an 538 endpoint); 539 . terminating a registration; 540 . switching a registration between Active and Passive states; 541 . transmitting a bundle to an identified bundle endpoint; 542 . canceling a transmission; 543 . polling a registration that is in the Passive state; 544 . delivering a received bundle. 546 4. Bundle Format 548 The format of bundles SHALL conform to the Concise Binary Object 549 Representation (CBOR [RFC7049]). 551 Each bundle SHALL be a concatenated sequence of at least two blocks, 552 represented as a CBOR indefinite-length array. The first block in 553 the sequence (the first item of the array) MUST be a primary bundle 554 block in CBOR representation as described below; the bundle MUST 555 have exactly one primary bundle block. The primary block MUST be 556 followed by one or more canonical bundle blocks (additional array 557 items) in CBOR representation as described in 4.2.3 below. The last 558 such block MUST be a payload block; the bundle MUST have exactly one 559 payload block. The last item of the array, immediately following 560 the payload block, SHALL be a CBOR "break" stop code. 562 (Note that, while CBOR permits considerable flexibility in the 563 encoding of bundles, this flexibility must not be interpreted as 564 inviting increased complexity in protocol data unit structure.) 566 An implementation of the Bundle Protocol MAY discard any sequence of 567 bytes that does not conform to the Bundle Protocol specification. 569 An implementation of the Bundle Protocol MAY accept a sequence of 570 bytes that does not conform to the Bundle Protocol specification 571 (e.g., one that represents data elements in fixed-length arrays 572 rather than indefinite-length arrays) and transform it into 573 conformant BP structure before processing it. Procedures for 574 accomplishing such a transformation are beyond the scope of this 575 specification. 577 4.1. BP Fundamental Data Structures 579 4.1.1. CRC Type 581 CRC type is an unsigned integer type code for which the following 582 values (and no others) are valid: 584 . 0 indicates "no CRC is present." 585 . 1 indicates "a standard X-25 CRC-16 is present." [CRC16] 586 . 2 indicates "a standard CRC32C (Castagnoli) CRC-32 is present." 587 [RFC4960] 589 CRC type SHALL be represented as a CBOR unsigned integer. 591 For examples of CRC32C CRCs, see Appendix A.4 of [RFC7143]. 593 Note that more robust protection of BP data integrity, as needed, 594 may be provided by means of Block Integrity Blocks as defined in the 595 Bundle Security Protocol [BPSEC]). 597 4.1.2. CRC 599 CRC SHALL be omitted from a block if and only if the block's CRC 600 type code is zero. 602 When not omitted, the CRC SHALL be represented as a CBOR byte string 603 of two bytes (that is, CBOR additional information 2, if CRC type is 604 1) or of four bytes (that is, CBOR additional information 4, if CRC 605 type is 2); in each case the sequence of bytes SHALL constitute an 606 unsigned integer value (of 16 or 32 bits, respectively) in network 607 byte order. 609 4.1.3. Bundle Processing Control Flags 611 Bundle processing control flags assert properties of the bundle as a 612 whole rather than of any particular block of the bundle. They are 613 conveyed in the primary block of the bundle. 615 The following properties are asserted by the bundle processing 616 control flags: 618 . The bundle is a fragment. (Boolean) 620 . The bundle's payload is an administrative record. (Boolean) 622 . The bundle must not be fragmented. (Boolean) 624 . Acknowledgment by the user application is requested. (Boolean) 626 . Status time is requested in all status reports. (Boolean) 628 . Flags requesting types of status reports (all Boolean): 630 o Request reporting of bundle reception. 632 o Request reporting of bundle forwarding. 634 o Request reporting of bundle delivery. 636 o Request reporting of bundle deletion. 638 If the bundle processing control flags indicate that the bundle's 639 application data unit is an administrative record, then all status 640 report request flag values must be zero. 642 If the bundle's source node is omitted (i.e., the source node ID is 643 the ID of the null endpoint, which has no members as discussed 644 below; this option enables anonymous bundle transmission), then the 645 bundle is not uniquely identifiable and all bundle protocol features 646 that rely on bundle identity must therefore be disabled: the "Bundle 647 must not be fragmented" flag value must be 1 and all status report 648 request flag values must be zero. 650 The bundle processing control flags SHALL be represented as a CBOR 651 unsigned integer item, the value of which SHALL be processed as a 652 bit field indicating the control flag values as follows (note that 653 bit numbering in this instance is reversed from the usual practice, 654 beginning with the low-order bit instead of the high-order bit, in 655 recognition of the potential definition of additional control flag 656 values in the future): 658 . Bit 0 (the low-order bit, 0x000001): bundle is a fragment. 659 . Bit 1 (0x000002): payload is an administrative record. 660 . Bit 2 (0x000004): bundle must not be fragmented. 661 . Bit 3 (0x000008): reserved. 662 . Bit 4 (0x000010): reserved. 663 . Bit 5 (0x000020): user application acknowledgement is 664 requested. 665 . Bit 6 (0x000040): status time is requested in all status 666 reports. 667 . Bit 7 (0x000080): reserved. 668 . Bit 8 (0x000100): reserved. 669 . Bit 9 (0x000200): reserved. 670 . Bit 10(0x000400): reserved. 671 . Bit 11(0x000800): reserved. 672 . Bit 12(0x001000): reserved. 673 . Bit 13(0x002000): reserved. 674 . Bit 14(0x004000): bundle reception status reports are 675 requested. 676 . Bit 15(0x008000): reserved. 677 . Bit 16(0x010000): bundle forwarding status reports are 678 requested. 679 . Bit 17(0x020000): bundle delivery status reports are requested. 680 . Bit 18(0x040000): bundle deletion status reports are requested. 681 . Bits 19-20 are reserved. 682 . Bits 21-63 are unassigned. 684 4.1.4. Block Processing Control Flags 686 The block processing control flags assert properties of canonical 687 bundle blocks. They are conveyed in the header of the block to 688 which they pertain. 690 The following properties are asserted by the block processing 691 control flags: 693 . This block must be replicated in every fragment. (Boolean) 695 . Transmission of a status report is requested if this block 696 can't be processed. (Boolean) 698 . Block must be removed from the bundle if it can't be processed. 699 (Boolean) 701 . Bundle must be deleted if this block can't be processed. 702 (Boolean) 704 For each bundle whose bundle processing control flags indicate that 705 the bundle's application data unit is an administrative record, or 706 whose source node ID is the null endpoint ID as defined below, the 707 value of the "Transmit status report if block can't be processed" 708 flag in every canonical block of the bundle must be zero. 710 The block processing control flags SHALL be represented as a CBOR 711 unsigned integer item, the value of which SHALL be processed as a 712 bit field indicating the control flag values as follows (note that 713 bit numbering in this instance is reversed from the usual practice, 714 beginning with the low-order bit instead of the high-order bit, for 715 agreement with the bit numbering of the bundle processing control 716 flags): 718 . Bit 0(the low-order bit, 0x01): block must be replicated in 719 every fragment. 720 . Bit 1(0x02): transmission of a status report is requested if 721 block can't be processed. 722 . Bit 2(0x04): bundle must be deleted if block can't be 723 processed. 724 . Bit 3(0x08): reserved. 725 . Bit 4(0x10): block must be removed from bundle if it can't be 726 processed. 727 . Bit 5(0x20): reserved. 728 . Bit 6 (0x40): reserved. 729 . Bits 7-63 are unassigned. 731 4.1.5. Identifiers 733 4.1.5.1. Endpoint ID 735 The destinations of bundles are bundle endpoints, identified by text 736 strings termed "endpoint IDs" (see Section 3.1). Each endpoint ID 737 (EID) is a Uniform Resource Identifier (URI; [URI]). As such, each 738 endpoint ID can be characterized as having this general structure: 740 < scheme name > : < scheme-specific part, or "SSP" > 742 The scheme identified by the < scheme name > in an endpoint ID is a 743 set of syntactic and semantic rules that fully explain how to parse 744 and interpret the SSP. The set of allowable schemes is effectively 745 unlimited. Any scheme conforming to [URIREG] may be used in a bundle 746 protocol endpoint ID. 748 Note that, although endpoint IDs are URIs, implementations of the BP 749 service interface may support expression of endpoint IDs in some 750 internationalized manner (e.g., Internationalized Resource 751 Identifiers (IRIs); see [RFC3987]). 753 The endpoint ID "dtn:none" identifies the "null endpoint", the 754 endpoint that by definition never has any members. 756 Each BP endpoint ID (EID) SHALL be represented as a CBOR array 757 comprising a 2-tuple. 759 The first item of the array SHALL be the code number identifying the 760 endpoint's URI scheme [URI], as defined in the registry of URI 761 scheme code numbers for Bundle Protocol maintained by IANA as 762 described in Section 10. [URIREG]. Each URI scheme code number 763 SHALL be represented as a CBOR unsigned integer. 765 The second item of the array SHALL be the applicable CBOR 766 representation of the scheme-specific part (SSP) of the EID, defined 767 as follows: 769 . If the EID's URI scheme is "dtn" then the SSP SHALL be 770 represented as a CBOR text string unless the EID's SSP is 771 "none", in which case the SSP SHALL be represented as a CBOR 772 unsigned integer with the value zero. 773 . If the EID's URI scheme is "ipn" then the SSP SHALL be 774 represented as a CBOR array comprising a 2-tuple. The first 775 item of this array SHALL be the EID's node number represented 776 as a CBOR unsigned integer. The second item of this array 777 SHALL be the EID's service number represented as a CBOR 778 unsigned integer. 779 . Definitions of the CBOR representations of the SSPs of EIDs 780 encoded in other URI schemes are included in the specifications 781 defining those schemes. 783 4.1.5.2. Node ID 785 For many purposes of the Bundle Protocol it is important to identify 786 the node that is operative in some context. 788 As discussed in 3.1 above, nodes are distinct from endpoints; 789 specifically, an endpoint is a set of zero or more nodes. But 790 rather than define a separate namespace for node identifiers, we 791 instead use endpoint identifiers to identify nodes, subject to the 792 following restrictions: 794 . Every node MUST be a member of at least one singleton endpoint. 795 . The EID of any singleton endpoint of which a node is a member 796 MAY be used to identify that node. A "node ID" is an EID that 797 is used in this way. 798 . A node's membership in a given singleton endpoint MUST be 799 sustained at least until the nominal operation of the Bundle 800 Protocol no longer depends on the identification of that node 801 using that endpoint's ID. 803 4.1.6. DTN Time 805 A DTN time is an unsigned integer indicating the number of seconds 806 that have elapsed since the start of the year 2000 on the 807 Coordinated Universal Time (UTC) scale [UTC]. Each DTN time SHALL 808 be represented as a CBOR unsigned integer item. 810 Implementers need to be aware that DTN time values conveyed in CBOR 811 representation in bundles can conceivably exceed (2**32 - 1). 813 4.1.7. Creation Timestamp 815 Each creation timestamp SHALL be represented as a CBOR array item 816 comprising a 2-tuple. 818 The first item of the array SHALL be a DTN time. 820 The second item of the array SHALL be the creation timestamp's 821 sequence number, represented as a CBOR unsigned integer. 823 4.1.8. Block-type-specific Data 825 Block-type-specific data in each block (other than the primary 826 block) SHALL be the applicable CBOR representation of the content of 827 the block. Details of this representation are included in the 828 specification defining the block type. 830 4.2. Bundle Representation 832 This section describes the primary block in detail and non-primary 833 blocks in general. Rules for processing these blocks appear in 834 Section 5 of this document. 836 Note that supplementary DTN protocol specifications (including, but 837 not restricted to, the Bundle Security Protocol [BPSEC]) may require 838 that BP implementations conforming to those protocols construct and 839 process additional blocks. 841 4.2.1. Bundle 843 Each bundle SHALL be represented as a CBOR indefinite-length array. 844 The first item of this array SHALL be the CBOR representation of a 845 Primary Block. Every other item of the array except the last SHALL 846 be the CBOR representation of a Canonical Block. The last item of 847 the array SHALL be a CBOR "break" stop code. 849 Associated with each block of a bundle is a block number. The block 850 number uniquely identifies the block within the bundle, enabling 851 blocks (notably bundle security protocol blocks) to reference other 852 blocks in the same bundle without ambiguity. The block number of 853 the primary block is implicitly zero; the block numbers of all other 854 blocks are explicitly stated in block headers as noted below. Block 855 numbering is unrelated to the order in which blocks are sequenced in 856 the bundle. The block number of the payload block is always 1. 858 4.2.2. Primary Bundle Block 860 The primary bundle block contains the basic information needed to 861 forward bundles to their destinations. 863 Each primary block SHALL be represented as a CBOR array; the number 864 of elements in the array SHALL be 8 (if the bundle is not a fragment 865 and the block has no CRC), 9 (if the block has a CRC and the bundle 866 is not a fragment), 10 (if the bundle is a fragment and the block 867 has no CRC), or 11 (if the bundle is a fragment and the block has a 868 CRC). 870 The primary block of each bundle SHALL be immutable. The values of 871 all fields in the primary block must remain unchanged from the time 872 the block is created to the time it is delivered. 874 The fields of the primary bundle block SHALL be as follows, listed 875 in the order in which they MUST appear: 877 Version: An unsigned integer value indicating the version of the 878 bundle protocol that constructed this block. The present document 879 describes version 7 of the bundle protocol. Version number SHALL be 880 represented as a CBOR unsigned integer item. 882 Bundle Processing Control Flags: The Bundle Processing Control Flags 883 are discussed in Section 4.1.3. above. 885 CRC Type: CRC Type codes are discussed in Section 4.1.1. above. The 886 CRC Type code for the primary block MAY be zero if the bundle 887 contains a BPsec [BPSEC] Block Integrity Block whose target is the 888 primary block; otherwise the CRC Type code for the primary block 889 MUST be non-zero. 891 Destination EID: The Destination EID field identifies the bundle 892 endpoint that is the bundle's destination, i.e., the endpoint that 893 contains the node(s) at which the bundle is to be delivered. 895 Source node ID: The Source node ID field identifies the bundle node 896 at which the bundle was initially transmitted, except that Source 897 node ID may be the null endpoint ID in the event that the bundle's 898 source chooses to remain anonymous. 900 Report-to EID: The Report-to EID field identifies the bundle 901 endpoint to which status reports pertaining to the forwarding and 902 delivery of this bundle are to be transmitted. 904 Creation Timestamp: The creation timestamp (discussed in 4.1.7 905 above) comprises two unsigned integers that, together with the 906 source node ID and (if the bundle is a fragment) the fragment offset 907 and payload length, serve to identify the bundle. The first of these 908 integers is the bundle's creation time, while the second is the 909 bundle's creation timestamp sequence number. Bundle creation time 910 SHALL be the DTN time at which the transmission request was received 911 that resulted in the creation of the bundle. Sequence count SHALL be 912 the latest value (as of the time at which that transmission request 913 was received) of a monotonically increasing positive integer counter 914 managed by the source node's bundle protocol agent that MAY be reset 915 to zero whenever the current time advances by one second. For nodes 916 that lack accurate clocks, it is recommended that bundle creation 917 time be set to zero and that the counter used as the source of the 918 bundle sequence count never be reset to zero. Note that, in general, 919 the creation of two distinct bundles with the same source node ID 920 and bundle creation timestamp may result in unexpected network 921 behavior and/or suboptimal performance. The combination of source 922 node ID and bundle creation timestamp serves to identify a single 923 transmission request, enabling it to be acknowledged by the 924 receiving application (provided the source node ID is not the null 925 endpoint ID). 927 Lifetime: The lifetime field is an unsigned integer that indicates 928 the time at which the bundle's payload will no longer be useful, 929 encoded as a number of microseconds past the creation time. (For 930 high-rate deployments with very brief disruptions, fine-grained 931 expression of bundle lifetime may be useful.) When a bundle's age 932 exceeds its lifetime, bundle nodes need no longer retain or forward 933 the bundle; the bundle SHOULD be deleted from the network. For 934 bundles originating at nodes that lack accurate clocks, it is 935 recommended that bundle age be obtained from the Bundle Age 936 extension block (see 4.3.2 below) rather than from the difference 937 between current time and bundle creation time. Bundle lifetime 938 SHALL be represented as a CBOR unsigned integer item. 940 Fragment offset: If and only if the Bundle Processing Control Flags 941 of this Primary block indicate that the bundle is a fragment, 942 fragment offset SHALL be present in the primary block. Fragment 943 offset SHALL be represented as a CBOR unsigned integer indicating 944 the offset from the start of the original application data unit at 945 which the bytes comprising the payload of this bundle were located. 947 Total Application Data Unit Length: If and only if the Bundle 948 Processing Control Flags of this Primary block indicate that the 949 bundle is a fragment, total application data unit length SHALL be 950 present in the primary block. Total application data unit length 951 SHALL be represented as a CBOR unsigned integer indicating the total 952 length of the original application data unit of which this bundle's 953 payload is a part. 955 CRC: A CRC SHALL be present in the primary block unless the bundle 956 includes a BPsec [BPSEC] Block Integrity Block whose target is the 957 primary block, in which case a CRC MAY be present in the primary 958 block. The length and nature of the CRC SHALL be as indicated by 959 the CRC type. The CRC SHALL be computed over the concatenation of 960 all bytes (including CBOR "break" characters) of the primary block 961 including the CRC field itself, which for this purpose SHALL be 962 temporarily populated with the value zero. 964 4.2.3. Canonical Bundle Block Format 966 Every block other than the primary block (all such blocks are termed 967 "canonical" blocks) SHALL be represented as a CBOR array; the number 968 of elements in the array SHALL be 5 (if CRC type is zero) or 6 969 (otherwise). 971 The fields of every canonical block SHALL be as follows, listed in 972 the order in which they MUST appear: 974 . Block type code, an unsigned integer. Bundle block type code 1 975 indicates that the block is a bundle payload block. Block type 976 codes 2 through 9 are explicitly reserved as noted later in 977 this specification. Block type codes 192 through 255 are not 978 reserved and are available for private and/or experimental use. 979 All other block type code values are reserved for future use. 980 . Block number, an unsigned integer as discussed in 4.2.1 above. 981 Block number SHALL be represented as a CBOR unsigned integer. 982 . Block processing control flags as discussed in Section 4.1.4 983 above. 984 . CRC type as discussed in Section 4.1.1 above. 985 . Block-type-specific data represented as a single definite- 986 length CBOR byte string, i.e., a CBOR byte string that is not 987 of indefinite length. For each type of block, the block-type- 988 specific data byte string is the serialization, in a block- 989 type-specific manner, of the data conveyed by that type of 990 block; definitions of blocks are required to define the manner 991 in which block-type-specific data are serialized within the 992 block-type-specific data field. For the Payload Block in 993 particular (block type 1), the block-type-specific data field, 994 termed the "payload", SHALL be an application data unit, or 995 some contiguous extent thereof, represented as a definite- 996 length CBOR byte string. 997 . If and only if the value of the CRC type field of this block is 998 non-zero, a CRC. If present, the length and nature of the CRC 999 SHALL be as indicated by the CRC type and the CRC SHALL be 1000 computed over the concatenation of all bytes of the block 1001 (including CBOR "break" characters) including the CRC field 1002 itself, which for this purpose SHALL be temporarily populated 1003 with the value zero. 1005 4.3. Extension Blocks 1007 "Extension blocks" are all blocks other than the primary and payload 1008 blocks. Because not all extension blocks are defined in the Bundle 1009 Protocol specification (the present document), not all nodes 1010 conforming to this specification will necessarily instantiate Bundle 1011 Protocol implementations that include procedures for processing 1012 (that is, recognizing, parsing, acting on, and/or producing) all 1013 extension blocks. It is therefore possible for a node to receive a 1014 bundle that includes extension blocks that the node cannot process. 1015 The values of the block processing control flags indicate the action 1016 to be taken by the bundle protocol agent when this is the case. 1018 The following extension blocks are defined in the current document. 1020 4.3.1. Previous Node 1022 The Previous Node block, block type 6, identifies the node that 1023 forwarded this bundle to the local node (i.e., to the node at which 1024 the bundle currently resides); its block-type-specific data is the 1025 node ID of that forwarder node which SHALL take the form of a node 1026 ID represented as described in Section 4.1.5.2. above. If the local 1027 node is the source of the bundle, then the bundle MUST NOT contain 1028 any previous node block. Otherwise the bundle SHOULD contain one 1029 (1) occurrence of this type of block. 1031 4.3.2. Bundle Age 1033 The Bundle Age block, block type 7, contains the number of 1034 microseconds that have elapsed between the time the bundle was 1035 created and time at which it was most recently forwarded. It is 1036 intended for use by nodes lacking access to an accurate clock, to 1037 aid in determining the time at which a bundle's lifetime expires. 1038 The block-type-specific data of this block is an unsigned integer 1039 containing the age of the bundle in microseconds, which SHALL be 1040 represented as a CBOR unsigned integer item. (The age of the bundle 1041 is the sum of all known intervals of the bundle's residence at 1042 forwarding nodes, up to the time at which the bundle was most 1043 recently forwarded, plus the summation of signal propagation time 1044 over all episodes of transmission between forwarding nodes. 1045 Determination of these values is an implementation matter.) If the 1046 bundle's creation time is zero, then the bundle MUST contain exactly 1047 one (1) occurrence of this type of block; otherwise, the bundle MAY 1048 contain at most one (1) occurrence of this type of block. A bundle 1049 MUST NOT contain multiple occurrences of the bundle age block, as 1050 this could result in processing anomalies. 1052 4.3.3. Hop Count 1054 The Hop Count block, block type 10, contains two unsigned integers, 1055 hop limit and hop count. A "hop" is here defined as an occasion on 1056 which a bundle was forwarded from one node to another node. Hop 1057 limit MUST be in the range 1 through 255. The hop limit value SHOULD 1058 NOT be changed at any time after creation of the Hop Count block; 1059 the hop count value SHOULD initially be zero and SHOULD be increased 1060 by 1 on each hop. 1062 The hop count block is mainly intended as a safety mechanism, a 1063 means of identifying bundles for removal from the network that can 1064 never be delivered due to a persistent forwarding error. When a 1065 bundle's hop count exceeds its hop limit, the bundle SHOULD be 1066 deleted for the reason "hop limit exceeded", following the bundle 1067 deletion procedure defined in Section 5.10. . Procedures for 1068 determining the appropriate hop limit for a block are beyond the 1069 scope of this specification. The block-type-specific data in a hop 1070 count block SHALL be represented as a CBOR array comprising a 2- 1071 tuple. The first item of this array SHALL be the bundle's hop 1072 limit, represented as a CBOR unsigned integer. The second item of 1073 this array SHALL be the bundle's hop count, represented as a CBOR 1074 unsigned integer. A bundle MAY contain at most one (1) occurrence of 1075 this type of block. 1077 5. Bundle Processing 1079 The bundle processing procedures mandated in this section and in 1080 Section 6 govern the operation of the Bundle Protocol Agent and the 1081 Application Agent administrative element of each bundle node. They 1082 are neither exhaustive nor exclusive. Supplementary DTN protocol 1083 specifications (including, but not restricted to, the Bundle 1084 Security Protocol [BPSEC]) may augment, override, or supersede the 1085 mandates of this document. 1087 5.1. Generation of Administrative Records 1089 All transmission of bundles is in response to bundle transmission 1090 requests presented by nodes' application agents. When required to 1091 "generate" an administrative record (such as a bundle status 1092 report), the bundle protocol agent itself is responsible for causing 1093 a new bundle to be transmitted, conveying that record. In concept, 1094 the bundle protocol agent discharges this responsibility by 1095 directing the administrative element of the node's application agent 1096 to construct the record and request its transmission as detailed in 1097 Section 6 below. In practice, the manner in which administrative 1098 record generation is accomplished is an implementation matter, 1099 provided the constraints noted in Section 6 are observed. 1101 Note that requesting status reports for any single bundle might 1102 easily result in the generation of (1 + (2 *(N-1))) status report 1103 bundles, where N is the number of nodes on the path from the 1104 bundle's source to its destination, inclusive. That is, the 1105 requesting of status reports for large numbers of bundles could 1106 result in an unacceptable increase in the bundle traffic in the 1107 network. For this reason, the generation of status reports MUST be 1108 disabled by default and enabled only when the risk of excessive 1109 network traffic is deemed acceptable. 1111 When the generation of status reports is enabled, the decision on 1112 whether or not to generate a requested status report is left to the 1113 discretion of the bundle protocol agent. Mechanisms that could 1114 assist in making such decisions, such as pre-placed agreements 1115 authorizing the generation of status reports under specified 1116 circumstances, are beyond the scope of this specification. 1118 Notes on administrative record terminology: 1120 . A "bundle reception status report" is a bundle status report 1121 with the "reporting node received bundle" flag set to 1. 1122 . A "bundle forwarding status report" is a bundle status report 1123 with the "reporting node forwarded the bundle" flag set to 1. 1124 . A "bundle delivery status report" is a bundle status report 1125 with the "reporting node delivered the bundle" flag set to 1. 1126 . A "bundle deletion status report" is a bundle status report 1127 with the "reporting node deleted the bundle" flag set to 1. 1129 5.2. Bundle Transmission 1131 The steps in processing a bundle transmission request are: 1133 Step 1: Transmission of the bundle is initiated. An outbound bundle 1134 MUST be created per the parameters of the bundle transmission 1135 request, with the retention constraint "Dispatch pending". The 1136 source node ID of the bundle MUST be either the null endpoint ID, 1137 indicating that the source of the bundle is anonymous, or else the 1138 EID of a singleton endpoint whose only member is the node of which 1139 the BPA is a component. 1141 Step 2: Processing proceeds from Step 1 of Section 5.4. 1143 5.3. Bundle Dispatching 1145 The steps in dispatching a bundle are: 1147 Step 1: If the bundle's destination endpoint is an endpoint of which 1148 the node is a member, the bundle delivery procedure defined in 1149 Section 5.7 MUST be followed and for the purposes of all subsequent 1150 processing of this bundle at this node the node's membership in the 1151 bundle's destination endpoint SHALL be disavowed; specifically, even 1152 though the node is a member of the bundle's destination endpoint, 1153 the node SHALL NOT undertake to forward the bundle to itself in the 1154 course of performing the procedure described in Section 5.4. 1156 Step 2: Processing proceeds from Step 1 of Section 5.4. 1158 5.4. Bundle Forwarding 1160 The steps in forwarding a bundle are: 1162 Step 1: The retention constraint "Forward pending" MUST be added to 1163 the bundle, and the bundle's "Dispatch pending" retention constraint 1164 MUST be removed. 1166 Step 2: The bundle protocol agent MUST determine whether or not 1167 forwarding is contraindicated (that is, rendered inadvisable) for 1168 any of the reasons listed in Figure 4. In particular: 1170 . The bundle protocol agent MAY choose either to forward the 1171 bundle directly to its destination node(s) (if possible) or to 1172 forward the bundle to some other node(s) for further 1173 forwarding. The manner in which this decision is made may 1174 depend on the scheme name in the destination endpoint ID and/or 1175 on other state but in any case is beyond the scope of this 1176 document. If the BPA elects to forward the bundle to some other 1177 node(s) for further forwarding but finds it impossible to 1178 select any node(s) to forward the bundle to, then forwarding is 1179 contraindicated. 1180 . Provided the bundle protocol agent succeeded in selecting the 1181 node(s) to forward the bundle to, the bundle protocol agent 1182 MUST subsequently select the convergence layer adapter(s) whose 1183 services will enable the node to send the bundle to those 1184 nodes. The manner in which specific appropriate convergence 1185 layer adapters are selected is beyond the scope of this 1186 document. If the agent finds it impossible to select any 1187 appropriate convergence layer adapter(s) to use in forwarding 1188 this bundle, then forwarding is contraindicated. 1190 Step 3: If forwarding of the bundle is determined to be 1191 contraindicated for any of the reasons listed in Figure 4, then the 1192 Forwarding Contraindicated procedure defined in Section 5.4.1 MUST 1193 be followed; the remaining steps of Section 5.4 are skipped at this 1194 time. 1196 Step 4: For each node selected for forwarding, the bundle protocol 1197 agent MUST invoke the services of the selected convergence layer 1198 adapter(s) in order to effect the sending of the bundle to that 1199 node. Determining the time at which the bundle protocol agent 1200 invokes convergence layer adapter services is a BPA implementation 1201 matter. Determining the time at which each convergence layer 1202 adapter subsequently responds to this service invocation by sending 1203 the bundle is a convergence-layer adapter implementation matter. 1204 Note that: 1206 . If the bundle contains a data label extension block (to be 1207 defined in a future document) then that data label value MAY 1208 identify procedures for determining the order in which 1209 convergence layer adapters must send bundles, e.g., considering 1210 bundle source when determining the order in which bundles are 1211 sent. The definition of such procedures is beyond the scope of 1212 this specification. 1214 . If the bundle has a bundle age block, as defined in 4.3.2. 1215 above, then at the last possible moment before the CLA 1216 initiates conveyance of the bundle via the CL protocol the 1217 bundle age value MUST be increased by the difference between 1218 the current time and the time at which the bundle was received 1219 (or, if the local node is the source of the bundle, created). 1221 Step 5: When all selected convergence layer adapters have informed 1222 the bundle protocol agent that they have concluded their data 1223 sending procedures with regard to this bundle, processing may depend 1224 on the results of those procedures. If completion of the data 1225 sending procedures by all selected convergence layer adapters has 1226 not resulted in successful forwarding of the bundle (an 1227 implementation-specific determination that is beyond the scope of 1228 this specification), then the bundle protocol agent MAY choose (in 1229 an implementation-specific manner, again beyond the scope of this 1230 specification) to initiate another attempt to forward the bundle. 1231 In that event, processing proceeds from Step 4 of Section 5.4. 1233 If completion of the data sending procedures by all selected 1234 convergence layer adapters HAS resulted in successful forwarding of 1235 the bundle, or if it has not but the bundle protocol agent does not 1236 choose to initiate another attempt to forward the bundle, then: 1238 . If the "request reporting of bundle forwarding" flag in the 1239 bundle's status report request field is set to 1, and status 1240 reporting is enabled, then a bundle forwarding status report 1241 SHOULD be generated, destined for the bundle's report-to 1242 endpoint ID. The reason code on this bundle forwarding status 1243 report MUST be "no additional information". 1244 . If any applicable bundle protocol extensions mandate generation 1245 of status reports upon conclusion of convergence-layer data 1246 sending procedures, all such status reports SHOULD be generated 1247 with extension-mandated reason codes. 1248 . The bundle's "Forward pending" retention constraint MUST be 1249 removed. 1251 5.4.1. Forwarding Contraindicated 1253 The steps in responding to contraindication of forwarding are: 1255 Step 1: The bundle protocol agent MUST determine whether or not to 1256 declare failure in forwarding the bundle. Note: this decision is 1257 likely to be influenced by the reason for which forwarding is 1258 contraindicated. 1260 Step 2: If forwarding failure is declared, then the Forwarding 1261 Failed procedure defined in Section 5.4.2 MUST be followed. 1263 Otherwise, when -- at some future time - the forwarding of this 1264 bundle ceases to be contraindicated, processing proceeds from Step 4 1265 of Section 5.4. 1267 5.4.2. Forwarding Failed 1269 The steps in responding to a declaration of forwarding failure are: 1271 Step 1: The bundle protocol agent MAY forward the bundle back to the 1272 node that sent it, as identified by the Previous Node block, if 1273 present. This forwarding, if performed, SHALL be accomplished by 1274 performing Step 4 and Step 5 of section 5.4 where the sole node 1275 selected for forwarding SHALL be the node that sent the bundle. 1277 Step 2: If the bundle's destination endpoint is an endpoint of which 1278 the node is a member, then the bundle's "Forward pending" retention 1279 constraint MUST be removed. Otherwise, the bundle MUST be deleted: 1280 the bundle deletion procedure defined in Section 5.10 MUST be 1281 followed, citing the reason for which forwarding was determined to 1282 be contraindicated. 1284 5.5. Bundle Expiration 1286 A bundle expires when the bundle's age exceeds its lifetime as 1287 specified in the primary bundle block. Bundle age MAY be determined 1288 by subtracting the bundle's creation timestamp time from the current 1289 time if (a) that timestamp time is not zero and (b) the local node's 1290 clock is known to be accurate; otherwise bundle age MUST be obtained 1291 from the Bundle Age extension block. Bundle expiration MAY occur at 1292 any point in the processing of a bundle. When a bundle expires, the 1293 bundle protocol agent MUST delete the bundle for the reason 1294 "lifetime expired": the bundle deletion procedure defined in Section 1295 5.10 MUST be followed. 1297 5.6. Bundle Reception 1299 The steps in processing a bundle that has been received from another 1300 node are: 1302 Step 1: The retention constraint "Dispatch pending" MUST be added to 1303 the bundle. 1305 Step 2: If the "request reporting of bundle reception" flag in the 1306 bundle's status report request field is set to 1, and status 1307 reporting is enabled, then a bundle reception status report with 1308 reason code "No additional information" SHOULD be generated, 1309 destined for the bundle's report-to endpoint ID. 1311 Step 3: CRCs SHOULD be computed for every block of the bundle that 1312 has an attached CRC. If any block of the bundle is malformed 1313 according to this specification, or if any block has an attached CRC 1314 and the CRC computed for this block upon reception differs from that 1315 attached CRC, then the bundle protocol agent MUST delete the bundle 1316 for the reason "Block unintelligible". The bundle deletion 1317 procedure defined in Section 5.10 MUST be followed and all remaining 1318 steps of the bundle reception procedure MUST be skipped. 1320 Step 4: For each block in the bundle that is an extension block that 1321 the bundle protocol agent cannot process: 1323 . If the block processing flags in that block indicate that a 1324 status report is requested in this event, and status reporting 1325 is enabled, then a bundle reception status report with reason 1326 code "Block unintelligible" SHOULD be generated, destined for 1327 the bundle's report-to endpoint ID. 1328 . If the block processing flags in that block indicate that the 1329 bundle must be deleted in this event, then the bundle protocol 1330 agent MUST delete the bundle for the reason "Block 1331 unintelligible"; the bundle deletion procedure defined in 1332 Section 5.10 MUST be followed and all remaining steps of the 1333 bundle reception procedure MUST be skipped. 1334 . If the block processing flags in that block do NOT indicate 1335 that the bundle must be deleted in this event but do indicate 1336 that the block must be discarded, then the bundle protocol 1337 agent MUST remove this block from the bundle. 1338 . If the block processing flags in that block indicate neither 1339 that the bundle must be deleted nor that that the block must be 1340 discarded, then processing continues with the next extension 1341 block that the bundle protocol agent cannot process, if any; 1342 otherwise, processing proceeds from step 5. 1344 Step 5: Processing proceeds from Step 1 of Section 5.3. 1346 5.7. Local Bundle Delivery 1348 The steps in processing a bundle that is destined for an endpoint of 1349 which this node is a member are: 1351 Step 1: If the received bundle is a fragment, the application data 1352 unit reassembly procedure described in Section 5.9 MUST be followed. 1353 If this procedure results in reassembly of the entire original 1354 application data unit, processing of this bundle (whose fragmentary 1355 payload has been replaced by the reassembled application data unit) 1356 proceeds from Step 2; otherwise, the retention constraint 1357 "Reassembly pending" MUST be added to the bundle and all remaining 1358 steps of this procedure MUST be skipped. 1360 Step 2: Delivery depends on the state of the registration whose 1361 endpoint ID matches that of the destination of the bundle: 1363 . An additional implementation-specific delivery deferral 1364 procedure MAY optionally be associated with the registration. 1365 . If the registration is in the Active state, then the bundle 1366 MUST be delivered automatically as soon as it is the next 1367 bundle that is due for delivery according to the BPA's bundle 1368 delivery scheduling policy, an implementation matter. 1369 . If the registration is in the Passive state, or if delivery of 1370 the bundle fails for some implementation-specific reason, then 1371 the registration's delivery failure action MUST be taken. 1372 Delivery failure action MUST be one of the following: 1374 o defer delivery of the bundle subject to this registration 1375 until (a) this bundle is the least recently received of 1376 all bundles currently deliverable subject to this 1377 registration and (b) either the registration is polled or 1378 else the registration is in the Active state, and also 1379 perform any additional delivery deferral procedure 1380 associated with the registration; or 1382 o abandon delivery of the bundle subject to this registration 1383 (as defined in 3.1. ). 1385 Step 3: As soon as the bundle has been delivered, if the "request 1386 reporting of bundle delivery" flag in the bundle's status report 1387 request field is set to 1 and bundle status reporting is enabled, 1388 then a bundle delivery status report SHOULD be generated, destined 1389 for the bundle's report-to endpoint ID. Note that this status report 1390 only states that the payload has been delivered to the application 1391 agent, not that the application agent has processed that payload. 1393 5.8. Bundle Fragmentation 1395 It may at times be advantageous for bundle protocol agents to reduce 1396 the sizes of bundles in order to forward them. This might be the 1397 case, for example, if a node to which a bundle is to be forwarded is 1398 accessible only via intermittent contacts and no upcoming contact is 1399 long enough to enable the forwarding of the entire bundle. 1401 The size of a bundle can be reduced by "fragmenting" the bundle. To 1402 fragment a bundle whose payload is of size M is to replace it with 1403 two "fragments" -- new bundles with the same source node ID and 1404 creation timestamp as the original bundle -- whose payloads are the 1405 first N and the last (M - N) bytes of the original bundle's payload, 1406 where 0 < N < M. Note that fragments may themselves be fragmented, 1407 so fragmentation may in effect replace the original bundle with more 1408 than two fragments. (However, there is only one 'level' of 1409 fragmentation, as in IP fragmentation.) 1411 Any bundle whose primary block's bundle processing flags do NOT 1412 indicate that it must not be fragmented MAY be fragmented at any 1413 time, for any purpose, at the discretion of the bundle protocol 1414 agent. NOTE, however, that some combinations of bundle 1415 fragmentation, replication, and routing might result in unexpected 1416 traffic patterns. 1418 Fragmentation SHALL be constrained as follows: 1420 . The concatenation of the payloads of all fragments produced by 1421 fragmentation MUST always be identical to the payload of the 1422 fragmented bundle (that is, the bundle that is being 1423 fragmented). Note that the payloads of fragments resulting from 1424 different fragmentation episodes, in different parts of the 1425 network, may be overlapping subsets of the fragmented bundle's 1426 payload. 1427 . The primary block of each fragment MUST differ from that of the 1428 fragmented bundle, in that the bundle processing flags of the 1429 fragment MUST indicate that the bundle is a fragment and both 1430 fragment offset and total application data unit length must be 1431 provided. Additionally, the CRC of the primary block of the 1432 fragmented bundle, if any, MUST be replaced in each fragment by 1433 a new CRC computed for the primary block of that fragment. 1434 . The payload blocks of fragments will differ from that of the 1435 fragmented bundle as noted above. 1436 . If the fragmented bundle is not a fragment or is the fragment 1437 with offset zero, then all extension blocks of the fragmented 1438 bundle MUST be replicated in the fragment whose offset is zero. 1439 . Each of the fragmented bundle's extension blocks whose "Block 1440 must be replicated in every fragment" flag is set to 1 MUST be 1441 replicated in every fragment. 1442 . Beyond these rules, replication of extension blocks in the 1443 fragments is an implementation matter. 1445 5.9. Application Data Unit Reassembly 1447 If the concatenation -- as informed by fragment offsets and payload 1448 lengths -- of the payloads of all previously received fragments with 1449 the same source node ID and creation timestamp as this fragment, 1450 together with the payload of this fragment, forms a byte array whose 1451 length is equal to the total application data unit length in the 1452 fragment's primary block, then: 1454 . This byte array -- the reassembled application data unit -- 1455 MUST replace the payload of this fragment. 1456 . The "Reassembly pending" retention constraint MUST be removed 1457 from every other fragment whose payload is a subset of the 1458 reassembled application data unit. 1460 Note: reassembly of application data units from fragments occurs at 1461 the nodes that are members of destination endpoints as necessary; an 1462 application data unit MAY also be reassembled at some other node on 1463 the path to the destination. 1465 5.10. Bundle Deletion 1467 The steps in deleting a bundle are: 1469 Step 1: If the "request reporting of bundle deletion" flag in the 1470 bundle's status report request field is set to 1, and if status 1471 reporting is enabled, then a bundle deletion status report citing 1472 the reason for deletion SHOULD be generated, destined for the 1473 bundle's report-to endpoint ID. 1475 Step 2: All of the bundle's retention constraints MUST be removed. 1477 5.11. Discarding a Bundle 1479 As soon as a bundle has no remaining retention constraints it MAY be 1480 discarded, thereby releasing any persistent storage that may have 1481 been allocated to it. 1483 5.12. Canceling a Transmission 1485 When requested to cancel a specified transmission, where the bundle 1486 created upon initiation of the indicated transmission has not yet 1487 been discarded, the bundle protocol agent MUST delete that bundle 1488 for the reason "transmission cancelled". For this purpose, the 1489 procedure defined in Section 5.10 MUST be followed. 1491 6. Administrative Record Processing 1493 6.1. Administrative Records 1495 Administrative records are standard application data units that are 1496 used in providing some of the features of the Bundle Protocol. One 1497 type of administrative record has been defined to date: bundle 1498 status reports. Note that additional types of administrative 1499 records may be defined by supplementary DTN protocol specification 1500 documents. 1502 Every administrative record consists of: 1504 . Record type code (an unsigned integer for which valid values 1505 are as defined below). 1506 . Record content in type-specific format. 1508 Valid administrative record type codes are defined as follows: 1510 +---------+--------------------------------------------+ 1512 | Value | Meaning | 1514 +=========+============================================+ 1516 | 1 | Bundle status report. | 1518 +---------+--------------------------------------------+ 1520 | (other) | Reserved for future use. | 1522 +---------+--------------------------------------------+ 1524 Figure 3: Administrative Record Type Codes 1526 Each BP administrative record SHALL be represented as a CBOR array 1527 comprising a 2-tuple. 1529 The first item of the array SHALL be a record type code, which SHALL 1530 be represented as a CBOR unsigned integer. 1532 The second element of this array SHALL be the applicable CBOR 1533 representation of the content of the record. Details of the CBOR 1534 representation of administrative record type 1 are provided below. 1535 Details of the CBOR representation of other types of administrative 1536 record type are included in the specifications defining those 1537 records. 1539 6.1.1. Bundle Status Reports 1541 The transmission of "bundle status reports" under specified 1542 conditions is an option that can be invoked when transmission of a 1543 bundle is requested. These reports are intended to provide 1544 information about how bundles are progressing through the system, 1545 including notices of receipt, forwarding, final delivery, and 1546 deletion. They are transmitted to the Report-to endpoints of 1547 bundles. 1549 Each bundle status report SHALL be represented as a CBOR array. The 1550 number of elements in the array SHALL be either 6 (if the subject 1551 bundle is a fragment) or 4 (otherwise). 1553 The first item of the bundle status report array SHALL be bundle 1554 status information represented as a CBOR array of at least 4 1555 elements. The first four items of the bundle status information 1556 array shall provide information on the following four status 1557 assertions, in this order: 1559 . Reporting node received bundle. 1560 . Reporting node forwarded the bundle. 1561 . Reporting node delivered the bundle. 1562 . Reporting node deleted the bundle. 1564 Each item of the bundle status information array SHALL be a bundle 1565 status item represented as a CBOR array; the number of elements in 1566 each such array SHALL be either 2 (if the value of the first item of 1567 this bundle status item is 1 AND the "Report status time" flag was 1568 set to 1 in the bundle processing flags of the bundle whose status 1569 is being reported) or 1 (otherwise). The first item of the bundle 1570 status item array SHALL be a status indicator, a Boolean value 1571 indicating whether or not the corresponding bundle status is 1572 asserted, represented as a CBOR Boolean value. The second item of 1573 the bundle status item array, if present, SHALL indicate the time 1574 (as reported by the local system clock, an implementation matter) at 1575 which the indicated status was asserted for this bundle, represented 1576 as a DTN time as described in Section 4.1.6. above. 1578 The second item of the bundle status report array SHALL be the 1579 bundle status report reason code explaining the value of the status 1580 indicator, represented as a CBOR unsigned integer. Valid status 1581 report reason codes are defined in Figure 4 below but the list of 1582 status report reason codes provided here is neither exhaustive nor 1583 exclusive; supplementary DTN protocol specifications (including, but 1584 not restricted to, the Bundle Security Protocol [BPSEC]) may define 1585 additional reason codes. 1587 +---------+--------------------------------------------+ 1589 | Value | Meaning | 1591 +=========+============================================+ 1593 | 0 | No additional information. | 1595 +---------+--------------------------------------------+ 1597 | 1 | Lifetime expired. | 1599 +---------+--------------------------------------------+ 1601 | 2 | Forwarded over unidirectional link. | 1603 +---------+--------------------------------------------+ 1605 | 3 | Transmission canceled. | 1607 +---------+--------------------------------------------+ 1609 | 4 | Depleted storage. | 1611 +---------+--------------------------------------------+ 1613 | 5 | Destination endpoint ID unintelligible. | 1615 +---------+--------------------------------------------+ 1617 | 6 | No known route to destination from here. | 1619 +---------+--------------------------------------------+ 1621 | 7 | No timely contact with next node on route. | 1623 +---------+--------------------------------------------+ 1625 | 8 | Block unintelligible. | 1627 +---------+--------------------------------------------+ 1629 | 9 | Hop limit exceeded. | 1631 +---------+--------------------------------------------+ 1633 | 10 | Traffic pared (e.g., status reports). | 1634 +---------+--------------------------------------------+ 1636 | (other) | Reserved for future use. | 1638 +---------+--------------------------------------------+ 1640 Figure 4: Status Report Reason Codes 1642 The third item of the bundle status report array SHALL be the source 1643 node ID identifying the source of the bundle whose status is being 1644 reported, represented as described in Section 4.1.5.2. above. 1646 The fourth item of the bundle status report array SHALL be the 1647 creation timestamp of the bundle whose status is being reported, 1648 represented as described in Section 4.1.7. above. 1650 The fifth item of the bundle status report array SHALL be present if 1651 and only if the bundle whose status is being reported contained a 1652 fragment offset. If present, it SHALL be the subject bundle's 1653 fragment offset represented as a CBOR unsigned integer item. 1655 The sixth item of the bundle status report array SHALL be present if 1656 and only if the bundle whose status is being reported contained a 1657 fragment offset. If present, it SHALL be the length of the subject 1658 bundle's payload represented as a CBOR unsigned integer item. 1660 Note that the forwarding parameters (such as lifetime, applicable 1661 security measures, etc.) of the bundle whose status is being 1662 reported MAY be reflected in the parameters governing the forwarding 1663 of the bundle that conveys a status report, but this is an 1664 implementation matter. Bundle protocol deployment experience to 1665 date has not been sufficient to suggest any clear guidance on this 1666 topic. 1668 6.2. Generation of Administrative Records 1670 Whenever the application agent's administrative element is directed 1671 by the bundle protocol agent to generate an administrative record 1672 with reference to some bundle, the following procedure must be 1673 followed: 1675 Step 1: The administrative record must be constructed. If the 1676 administrative record references a bundle and the referenced bundle 1677 is a fragment, the administrative record MUST contain the fragment 1678 offset and fragment length. 1680 Step 2: A request for transmission of a bundle whose payload is this 1681 administrative record MUST be presented to the bundle protocol 1682 agent. 1684 7. Services Required of the Convergence Layer 1686 7.1. The Convergence Layer 1688 The successful operation of the end-to-end bundle protocol depends 1689 on the operation of underlying protocols at what is termed the 1690 "convergence layer"; these protocols accomplish communication 1691 between nodes. A wide variety of protocols may serve this purpose, 1692 so long as each convergence layer protocol adapter provides a 1693 defined minimal set of services to the bundle protocol agent. This 1694 convergence layer service specification enumerates those services. 1696 7.2. Summary of Convergence Layer Services 1698 Each convergence layer protocol adapter is expected to provide the 1699 following services to the bundle protocol agent: 1701 . sending a bundle to a bundle node that is reachable via the 1702 convergence layer protocol; 1703 . notifying the bundle protocol agent when it has concluded its 1704 data sending procedures with regard to a bundle; 1705 . delivering to the bundle protocol agent a bundle that was sent 1706 by a bundle node via the convergence layer protocol. 1708 The convergence layer service interface specified here is neither 1709 exhaustive nor exclusive. That is, supplementary DTN protocol 1710 specifications (including, but not restricted to, the Bundle 1711 Security Protocol [BPSEC]) may expect convergence layer adapters 1712 that serve BP implementations conforming to those protocols to 1713 provide additional services such as reporting on the transmission 1714 and/or reception progress of individual bundles (at completion 1715 and/or incrementally), retransmitting data that were lost in 1716 transit, discarding bundle-conveying data units that the convergence 1717 layer protocol determines are corrupt or inauthentic, or reporting 1718 on the integrity and/or authenticity of delivered bundles. 1720 8. Implementation Status 1722 [NOTE to the RFC Editor: please remove this section before 1723 publication, as well as the reference to RFC 7942.] 1725 This section records the status of known implementations of the 1726 protocol defined by this specification at the time of posting of 1727 this Internet-Draft, and is based on a proposal described in RFC 1728 7942. The description of implementations in this section is 1729 intended to assist the IETF in its decision processes in progressing 1730 drafts to RFCs. Please note that the listing of any individual 1731 implementation here does not imply endorsement by the IETF. 1732 Furthermore, no effort has been spent to verify the information 1733 presented here that was supplied by IETF contributors. This is not 1734 intended as, and must not be construed to be, a catalog of available 1735 implementations or their features. Readers are advised to note that 1736 other implementations may exist. 1738 According to RFC 7942, "this will allow reviewers and working groups 1739 to assign due consideration to documents that have the benefit of 1740 running code, which may serve as evidence of valuable 1741 experimentation and feedback that have made the implemented 1742 protocols more mature. It is up to the individual working groups to 1743 use this information as they see fit". 1745 At the time of this writing, there are three known implementations 1746 of the current document. 1748 The first known implementation is microPCN (https://upcn.eu/). 1749 According to the developers: 1751 The Micro Planetary Communication Network (uPCN) is a free 1752 software project intended to offer an implementation of Delay- 1753 tolerant Networking protocols for POSIX operating systems (well, 1754 and for Linux) plus for the ARM Cortex STM32F4 microcontroller 1755 series. More precisely it currently provides an implementation of 1757 . the Bundle Protocol (BP, RFC 5050), 1758 . the Bundle Protocol version 7 specification draft (version 6), 1759 . the DTN IP Neighbor Discovery (IPND) protocol, and 1760 . a routing approach optimized for message-ferry micro LEO 1761 satellites. 1763 uPCN is written in C and is built upon the real-time operating 1764 system FreeRTOS. The source code of uPCN is released under the 1765 "BSD 3-Clause License". 1767 The project depends on an execution environment offering link 1768 layer protocols such as AX.25. The source code uses the USB 1769 subsystem to interact with the environment. 1771 The second known implementation is PyDTN, developed by X-works, 1772 s.r.o (https://x-works.sk/). The final third of the implementation 1773 was developed during the IETF 101 Hackathon. According to the 1774 developers, PyDTN implements bundle coding/decoding and neighbor 1775 discovery. PyDTN is written in Python and has been shown to be 1776 interoperable with uPCN. 1778 The third known implementation is "Terra" 1779 (https://github.com/RightMesh/Terra/), a Java implementation 1780 developed in the context of terrestrial DTN. It includes an 1781 implementation of a "minimal TCP" convergence layer adapter. 1783 9. Security Considerations 1785 The bundle protocol security architecture and the available security 1786 services are specified in an accompanying document, the Bundle 1787 Security Protocol specification [BPSEC]. 1789 The bpsec extensions to Bundle Protocol enable each block of a 1790 bundle (other than a bpsec extension block) to be individually 1791 authenticated by a signature block (Block Integrity Block, or BIB) 1792 and also enable each block of a bundle other than the primary block 1793 (and the bpsec extension blocks themselves) to be individually 1794 encrypted by a BCB. 1796 Because the security mechanisms are extension blocks that are 1797 themselves inserted into the bundle, the integrity and 1798 confidentiality of bundle blocks are protected while the bundle is 1799 at rest, awaiting transmission at the next forwarding opportunity, 1800 as well as in transit. 1802 Additionally, convergence-layer protocols that ensure authenticity 1803 of communication between adjacent nodes in BP network topology 1804 SHOULD be used where available, to minimize the ability of 1805 unauthenticated nodes to introduce inauthentic traffic into the 1806 network. Convergence-layer protocols that ensure confidentiality of 1807 communication between adjacent nodes in BP network topology SHOULD 1808 also be used where available, to minimize exposure of the bundle's 1809 primary block and other clear-text blocks, thereby offering some 1810 defense against traffic analysis. 1812 Note that, while the primary block must remain in the clear for 1813 routing purposes, the Bundle Protocol could be protected against 1814 traffic analysis to some extent by using bundle-in-bundle 1815 encapsulation to tunnel bundles to a safe forward distribution 1816 point: the encapsulated bundle could form the payload of an 1817 encapsulating bundle, and that payload block could be encrypted by a 1818 BCB. Bundle-in-bundle encapsulation is a current research topic. 1820 Note that the generation of bundle status reports is disabled by 1821 default because malicious initiation of bundle status reporting 1822 could result in the transmission of extremely large numbers of 1823 bundles, effecting a denial of service attack. 1825 The bpsec extensions accommodate an open-ended range of 1826 ciphersuites; different ciphersuites may be utilized to protect 1827 different blocks. One possible variation is to sign and/or encrypt 1828 blocks using symmetric keys securely formed by Diffie-Hellman 1829 procedures (such as EKDH) using the public and private keys of the 1830 sending and receiving nodes. For this purpose, the key distribution 1831 problem reduces to the problem of trustworthy delay-tolerant 1832 distribution of public keys, a current research topic. 1834 10. IANA Considerations 1836 The Bundle Protocol includes fields requiring registries managed by 1837 IANA. 1839 10.1. Bundle Block Types 1841 The current Bundle Block Types namespace is augmented by adding a 1842 column identifying the version of the Bundle protocol (Bundle 1843 Protocol Version) that applies to the new values. IANA is requested 1844 to add the following values, as described in section 4.3.1, to the 1845 Bundle Block Types namespace. The current values in the Bundle Block 1846 Types namespace should have the Bundle Protocol Version set to the 1847 value "6", as shown below. 1849 +----------+-------+-----------------------------+---------------+ 1851 | Bundle | Value | Description | Reference | 1853 | Protocol | | | | 1855 | Version | | | | 1857 +----------+-------+-----------------------------+---------------+ 1859 | none | 0 | Reserved | [RFC6255] | 1861 | 6,7 | 1 | Bundle Payload Block | [RFC5050] | 1863 | | | | RFC-to-be | 1865 | 6 | 2 | Bundle Authentication Block | [RFC6257] | 1866 | 6 | 3 | Payload Integrity Block | [RFC6257] | 1868 | 6 | 4 | Payload Confidentiality Blk | [RFC6257] | 1870 | 6 | 5 | Previous-Hop Insertion Block| [RFC6259] | 1872 | 7 | 6 | Previous node (proximate | RFC-to-be | 1874 | | | sender) | | 1876 | 7 | 7 | Bundle age (in seconds) | RFC-to-be | 1878 | 6 | 8 | Metadata Extension Block | [RFC6258] | 1880 | 6 | 9 | Extension Security Block | [RFC6257] | 1882 | 7 | 10 | Hop count (#prior xmit | RFC-to-be | 1884 | | | attempts) | | 1886 | 7 | 11-191| Unassigned | | 1888 | 6 |192-255| Reserved for Private and/or | [RFC5050], | 1890 | | | Experimental Use | RFC-to-be | 1892 +----------+-------+-----------------------------+---------------+ 1894 10.2. Primary Bundle Protocol Version 1896 IANA is requested to add the following value to the Primary Bundle 1897 Protocol Version namespace. 1899 +-------+-------------+---------------+ 1901 | Value | Description | Reference | 1903 +-------+-------------+---------------+ 1905 | 7 | Assigned | RFC-to-be | 1907 +-------+-------------+---------------+ 1909 10.3. Bundle Processing Control Flags 1911 The current Bundle Processing Control Flags namespace is augmented 1912 by adding a column identifying the version of the Bundle protocol 1913 (Bundle Protocol Version) that applies to the new values. IANA is 1914 requested to add the following values, as described in section 4.1.3 1915 to the Bundle Processing Control Flags namespace. The current values 1916 in the Bundle Processing Control Flags namespace should have the 1917 Bundle Protocol Version set to the value 6 or "6, 7", as shown 1918 below. 1920 Bundle Processing Control Flags Registry 1922 +--------------------+----------------------------------+----------+ 1924 | Bundle | Bit | Description | Reference| 1926 | Protocol| Position | | | 1928 | Version | (right | | | 1930 | | to left) | | | 1932 +--------------------+----------------------------------+----------+ 1934 | 6,7 | 0 | Bundle is a fragment |[RFC5050],| 1936 | | | |RFC-to-be | 1938 | 6,7 | 1 | Application data unit is an |[RFC5050],| 1940 | | | administrative record |RFC-to-be | 1942 | 6,7 | 2 | Bundle must not be fragmented |[RFC5050],| 1944 | | | |RFC-to-be | 1946 | 6 | 3 | Custody transfer is requested |[RFC5050] | 1948 | 6 | 4 | Destination endpoint is singleton|[RFC5050] | 1950 | 6,7 | 5 | Acknowledgement by application |[RFC5050],| 1952 | | | is requested |RFC-to-be | 1954 | 7 | 6 | Status time requested in reports |RFC-to-be | 1956 | 6 | 7 | Class of service, priority |[RFC5050],| 1958 | | | |RFC-to-be | 1959 | 6 | 8 | Class of service, priority |[RFC5050],| 1961 | | | |RFC-to-be | 1963 | 6 | 9 | Class of service, reserved |[RFC5050],| 1965 | | | |RFC-to-be | 1967 | 6 | 10 | Class of service, reserved |[RFC5050],| 1969 | | | |RFC-to-be | 1971 | 6 | 11 | Class of service, reserved |[RFC5050],| 1973 | | | |RFC-to-be | 1975 | 6 | 12 | Class of service, reserved |[RFC5050],| 1977 | | | |RFC-to-be | 1979 | 6 | 13 | Class of service, reserved |[RFC5050],| 1981 | | | |RFC-to-be | 1983 | 6,7 | 14 | Request reporting of bundle |[RFC5050],| 1985 | | | reception |RFC-to-be | 1987 | 6,7 | 16 | Request reporting of bundle |[RFC5050],| 1989 | | | forwarding |RFC-to-be | 1991 | 6,7 | 17 | Request reporting of bundle |[RFC5050],| 1993 | | | delivery |RFC-to-be | 1995 | 6,7 | 18 | Request reporting of bundle |[RFC5050],| 1997 | | | deletion |RFC-to-be | 1999 | 6 | 19 | Reserved |[RFC5050],| 2001 | | | |RFC-to-be | 2003 | 6 | 20 | Reserved |[RFC5050],| 2005 | | | |RFC-to-be | 2006 | | 21-63 | Unassigned | | 2008 +--------------------+----------------------------------+----------+ 2010 The registration policy for this namespace is changed to "Standards 2011 Action". Given the limited number of bits available, the allocation 2012 should only be granted for a standards-track RFC approved by the 2013 IESG. 2015 10.4. Block Processing Control Flags 2017 The current Block Processing Control Flags namespace is augmented by 2018 adding a column identifying the version of the Bundle protocol 2019 (Bundle Protocol Version) that applies to the related BP version. 2020 The current values in the Block Processing Control Flags namespace 2021 should have the Bundle Protocol Version set to the value 6 or "6, 2022 7", as shown below. 2024 Block Processing Control Flags Registry 2026 +--------------------+----------------------------------+----------+ 2028 | Bundle | Bit | Description | Reference| 2030 | Protocol| Position | | | 2032 | Version | (right | | | 2034 | | to left) | | | 2036 +--------------------+----------------------------------+----------+ 2038 | 6,7 | 0 | Block must be replicated in |[RFC5050],| 2040 | | | every fragment |RFC-to-be | 2042 | 6,7 | 1 | Transmit status report if block |[RFC5050],| 2044 | | | can't be processed |RFC-to-be | 2046 | 6,7 | 2 | Delete bundle if block can't be |[RFC5050],| 2048 | | | processed |RFC-to-be | 2050 | 6 | 3 | Last block |[RFC5050] | 2052 | 6,7 | 4 | Discard block if it can't be |[RFC5050],| 2053 | | | processed |RFC-to-be | 2055 | 6 | 5 | Block was forwarded without |[RFC5050] | 2057 | | | being processed | | 2059 | 6 | 6 | Block contains an EID reference |[RFC5050] | 2061 | | | field | | 2063 | | 7-63 | Unassigned | | 2065 +--------------------+----------------------------------+----------+ 2067 10.5. Bundle Status Report Reason Codes 2069 The current Bundle Status Report Reason Codes namespace is augmented 2070 by adding a column identifying the version of the Bundle protocol 2071 (Bundle Protocol Version) that applies to the new values. IANA is 2072 requested to add the following values, as described in section 2073 6.1.1, to the Bundle Status Report Reason Codes namespace. The 2074 current values in the Bundle Status Report Reason Codes namespace 2075 should have the Bundle Protocol Version set to the value 6 or 7 or 2076 "6, 7", as shown below. 2078 Bundle Status Report Reason Codes Registry 2080 +--------------------+----------------------------------+----------+ 2082 | Bundle | Value | Description | Reference| 2084 | Protocol| | | | 2086 | Version | | | | 2088 | | | | | 2090 +--------------------+----------------------------------+----------+ 2092 | 6,7 | 0 | No additional information |[RFC5050],| 2094 | | | |RFC-to-be | 2096 | 6,7 | 1 | Lifetime expired |[RFC5050],| 2098 | | | |RFC-to-be | 2099 | 6,7 | 2 | Forwarded over unidirectional |[RFC5050],| 2101 | | | link |RFC-to-be | 2103 | 6,7 | 3 | Transmission canceled |[RFC5050],| 2105 | | | |RFC-to-be | 2107 | 6,7 | 4 | Depleted storage |[RFC5050],| 2109 | | | |RFC-to-be | 2111 | 6,7 | 5 | Destination endpoint ID |[RFC5050],| 2113 | | | unintelligible |RFC-to-be | 2115 | 6,7 | 6 | No known route to destination |[RFC5050],| 2117 | | | from here |RFC-to-be | 2119 | 6,7 | 7 | No timely contact with next node |[RFC5050],| 2121 | | | on route |RFC-to-be | 2123 | 6,7 | 8 | Block unintelligible |[RFC6255],| 2125 | | | |RFC-to-be | 2127 | 7 | 9 | Hop limit exceeded |RFC-to-be | 2129 | 7 | 10 | Traffic pared |RFC-to-be | 2131 | | 11-254 | Unassigned | | 2133 | 6 | 255 | Reserved |[RFC6255] | 2135 +-------+-----------------------------------------------+----------+ 2137 10.6. Bundle Protocol URI scheme types 2139 The Bundle Protocol has a URI scheme type field - an unsigned 2140 integer of undefined length - for which IANA is requested to create 2141 and maintain a new "Bundle Protocol URI Scheme Type " registry. The 2142 "Bundle Protocol URI Scheme Type" registry governs an 8-bit 2143 namespace. Initial values for the Bundle Protocol URI Scheme Type 2144 space are given below. 2146 The registration policy for this namespace is: Specification 2147 Required. The nominated expert(s) verify that a specification exists 2148 and is readily accessible. Specifications for new registrations need 2149 to reference the documents defining the URIs for which new scheme 2150 types are being registered. Expert(s) are encouraged to be biased 2151 towards approving registrations unless they are abusive, frivolous, 2152 or actively harmful (not merely aesthetically displeasing, or 2153 architecturally dubious). 2155 The value range is: unsigned 8-bit integer. 2157 Each assignment consists of a URI scheme type name and its 2158 associated description and reference. 2160 Bundle Protocol URI Scheme Type Registry 2162 +--------------+-----------------------------+-------------------+ 2164 | Value | Description | Reference | 2166 +--------------+-----------------------------+-------------------+ 2168 | 0 | Reserved | | 2170 | 1 | dtn | RFC-to-be | 2172 | 2 | ipn | [RFC6260] | 2174 | 3-254 | Unassigned | | 2176 | 255 | reserved | | 2178 +--------------+-----------------------------+-------------------+ 2180 10.7. URI scheme "dtn" 2182 IANA is requested to update the registration of the URI scheme with 2183 the string "dtn" as the scheme name, as follows: 2185 URI scheme name: "dtn" 2187 Status: permanent 2189 URI scheme syntax: 2191 This specification uses the Augmented Backus-Naur Form (ABNF) 2192 notation of [RFC5234]. 2194 dtn-uri = "dtn:" dtn-hier-part 2196 dtn-hier-part = "//" node-name name-delim demux ; a path-rootless 2198 node-name = 1*VCHAR 2200 name-delim = "/" 2202 demux = *VCHAR 2204 URI scheme semantics: URIs of the DTN scheme are used as endpoint 2205 identifiers in the Delay-Tolerant Networking (DTN) Bundle Protocol 2206 (BP) as described in the present document. 2208 Encoding considerations: URIs of the DTN scheme are encoded 2209 exclusively in US-ASCII characters. 2211 Applications and/or protocols that use this URI scheme name: the 2212 Delay-Tolerant Networking (DTN) Bundle Protocol (BP). 2214 Interoperability considerations: as noted above, URIs of the DTN 2215 scheme are encoded exclusively in US-ASCII characters. 2217 Security considerations: 2219 . Reliability and consistency: none of the BP endpoints 2220 identified by the URIs of the DTN scheme are guaranteed to be 2221 reachable at any time, and the identity of the processing 2222 entities operating on those endpoints is never guaranteed by 2223 the Bundle Protocol itself. Bundle authentication as defined by 2224 the Bundle Security Protocol is required for this purpose. 2225 . Malicious construction: malicious construction of a conformant 2226 DTN-scheme URI is limited to the malicious selection of node 2227 names and the malicious selection of demux strings. That is, a 2228 maliciously constructed DTN-scheme URI could be used to direct 2229 a bundle to an endpoint that might be damaged by the arrival of 2230 that bundle or, alternatively, to declare a false source for a 2231 bundle and thereby cause incorrect processing at a node that 2232 receives the bundle. In both cases (and indeed in all bundle 2233 processing), the node that receives a bundle should verify its 2234 authenticity and validity before operating on it in any way. 2235 . Back-end transcoding: the limited expressiveness of URIs of the 2236 DTN scheme effectively eliminates the possibility of threat due 2237 to errors in back-end transcoding. 2239 . Rare IP address formats: not relevant, as IP addresses do not 2240 appear anywhere in conformant DTN-scheme URIs. 2241 . Sensitive information: because DTN-scheme URIs are used only to 2242 represent the identities of Bundle Protocol endpoints, the risk 2243 of disclosure of sensitive information due to interception of 2244 these URIs is minimal. Examination of DTN-scheme URIs could be 2245 used to support traffic analysis; where traffic analysis is a 2246 plausible danger, bundles should be conveyed by secure 2247 convergence-layer protocols that do not expose endpoint IDs. 2248 . Semantic attacks: the simplicity of DTN-scheme URI syntax 2249 minimizes the possibility of misinterpretation of a URI by a 2250 human user. 2252 Contact: 2254 Scott Burleigh 2256 Jet Propulsion Laboratory, 2258 California Institute of Technology 2260 scott.c.burleigh@jpl.nasa.gov 2262 +1 (800) 393-3353 2264 Change controller: 2266 IETF 2268 10.8. URI scheme "ipn" 2270 IANA is requested to update the registration of the URI scheme with 2271 the string "ipn" as the scheme name, originally documented in RFC 2272 6260 [RFC6260], as follows. 2274 URI scheme name: "ipn" 2276 Status: permanent 2278 URI scheme syntax: 2280 This specification uses the Augmented Backus-Naur Form (ABNF) 2281 notation of [RFC5234], including the core ABNF syntax rule for DIGIT 2282 defined by that specification. 2284 ipn-uri = "ipn:" ipn-hier-part 2285 ipn-hier-part = node-nbr nbr-delim service-nbr ; a path-rootless 2287 node-nbr = 1*DIGIT 2289 nbr-delim = "." 2291 service-nbr = 1*DIGIT 2293 URI scheme semantics: URIs of the IPN scheme are used as endpoint 2294 identifiers in the Delay-Tolerant Networking (DTN) Bundle Protocol 2295 (BP) as described in the present document. 2297 Encoding considerations: URIs of the IPN scheme are encoded 2298 exclusively in US-ASCII characters. 2300 Applications and/or protocols that use this URI scheme name: the 2301 Delay-Tolerant Networking (DTN) Bundle Protocol (BP). 2303 Interoperability considerations: as noted above, URIs of the IPN 2304 scheme are encoded exclusively in US-ASCII characters. 2306 Security considerations: 2308 . Reliability and consistency: none of the BP endpoints 2309 identified by the URIs of the IPN scheme are guaranteed to be 2310 reachable at any time, and the identity of the processing 2311 entities operating on those endpoints is never guaranteed by 2312 the Bundle Protocol itself. Bundle authentication as defined by 2313 the Bundle Security Protocol [BPSEC] is required for this 2314 purpose. 2315 . Malicious construction: malicious construction of a conformant 2316 IPN-scheme URI is limited to the malicious selection of node 2317 numbers and the malicious selection of service numbers. That 2318 is, a maliciously constructed IPN-scheme URI could be used to 2319 direct a bundle to an endpoint that might be damaged by the 2320 arrival of that bundle or, alternatively, to declare a false 2321 source for a bundle and thereby cause incorrect processing at a 2322 node that receives the bundle. In both cases (and indeed in 2323 all bundle processing), the node that receives a bundle should 2324 verify its authenticity and validity before operating on it in 2325 any way. 2326 . Back-end transcoding: the limited expressiveness of URIs of the 2327 IPN scheme effectively eliminates the possibility of threat due 2328 to errors in back-end transcoding. 2329 . Rare IP address formats: not relevant, as IP addresses do not 2330 appear anywhere in conformant IPN-scheme URIs. 2332 . Sensitive information: because IPN-scheme URIs are used only to 2333 represent the identities of Bundle Protocol endpoints, the risk 2334 of disclosure of sensitive information due to interception of 2335 these URIs is minimal. Examination of IPN-scheme URIs could be 2336 used to support traffic analysis; where traffic analysis is a 2337 plausible danger, bundles should be conveyed by secure 2338 convergence-layer protocols that do not expose endpoint IDs. 2339 . Semantic attacks: the simplicity of IPN-scheme URI syntax 2340 minimizes the possibility of misinterpretation of a URI by a 2341 human user. 2343 Contact: 2345 Scott Burleigh 2347 Jet Propulsion Laboratory, 2349 California Institute of Technology 2351 scott.c.burleigh@jpl.nasa.gov 2353 +1 (800) 393-3353 2355 Change controller: 2357 IETF 2359 11. References 2361 11.1. Normative References 2363 [BPSEC] Birrane, E., "Bundle Security Protocol Specification", Work 2364 In Progress, October 2015. 2366 [CRC16] ITU-T Recommendation X.25, p. 9, section 2.2.7.4, 2367 International Telecommunications Union, October 1996. 2369 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 2370 Requirement Levels", BCP 14, RFC 2119, March 1997. 2372 [RFC4960] Stewart, R., "Stream Control Transmission Protocol", RFC 2373 4960, September 2007. 2375 [RFC5234] Crocker, D. and P. Overell, "Augmented BNF for Syntax 2376 Specifications: ABNF", STD 68, RFC 5234, January 2008. 2378 [RFC7049] Borman, C. and P. Hoffman, "Concise Binary Object 2379 Representation (CBOR)", RFC 7049, October 2013. 2381 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2382 2119 Key Words", BCP 14, RFC 8174, May 2017. 2384 [URI] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 2385 Resource Identifier (URI): Generic Syntax", RFC 3986, STD 66, 2386 January 2005. 2388 [URIREG] Thaler, D., Hansen, T., and T. Hardie, "Guidelines and 2389 Registration Procedures for URI Schemes", RFC 7595, BCP 35, June 2390 2015. 2392 11.2. Informative References 2394 [ARCH] V. Cerf et al., "Delay-Tolerant Network Architecture", RFC 2395 4838, April 2007. 2397 [BIBE] Burleigh, S., "Bundle-in-Bundle Encapsulation", Work In 2398 Progress, June 2017. 2400 [RFC3987] Duerst, M. and M. Suignard, "Internationalized Resource 2401 Identifiers (IRIs)", RFC 3987, January 2005. 2403 [RFC5050] Scott, K. and S. Burleigh, "Bundle Protocol 2404 Specification", RFC 5050, November 2007. 2406 [RFC6255] Blanchet, M., "Delay-Tolerant Networking Bundle Protocol 2407 IANA Registries", RFC 6255, May 2011. 2409 [RFC6257] Symington, S., Farrell, S., Weiss, H., and P. Lovell, 2410 "Bundle Security Protocol Specification", RFC 6257, May 2011. 2412 [RFC6258] Symington, S., "Delay-Tolerant Networking Metadata 2413 Extension Block", RFC 6258, May 2011. 2415 [RFC6259] Symington, S., "Delay-Tolerant Networking Previous-Hop 2416 Insertion Block", RFC 6259, May 2011. 2418 [RFC6260] Burleigh, S., "Compressed Bundle Header Encoding (CBHE)", 2419 RFC 6260, May 2011. 2421 [RFC7143] Chadalapaka, M., Satran, J., Meth, K., and D. Black, 2422 "Internet Small Computer System Interface (iSCSI) Protocol 2423 (Consolidated)", RFC 7143, April 2014. 2425 [SIGC] Fall, K., "A Delay-Tolerant Network Architecture for 2426 Challenged Internets", SIGCOMM 2003. 2428 [UTC] Arias, E. and B. Guinot, "Coordinated universal time UTC: 2429 historical background and perspectives" in "Journees systemes de 2430 reference spatio-temporels", 2004. 2432 12. Acknowledgments 2434 This work is freely adapted from RFC 5050, which was an effort of 2435 the Delay Tolerant Networking Research Group. The following DTNRG 2436 participants contributed significant technical material and/or 2437 inputs to that document: Dr. Vinton Cerf of Google, Scott Burleigh, 2438 Adrian Hooke, and Leigh Torgerson of the Jet Propulsion Laboratory, 2439 Michael Demmer of the University of California at Berkeley, Robert 2440 Durst, Keith Scott, and Susan Symington of The MITRE Corporation, 2441 Kevin Fall of Carnegie Mellon University, Stephen Farrell of Trinity 2442 College Dublin, Howard Weiss and Peter Lovell of SPARTA, Inc., and 2443 Manikantan Ramadas of Ohio University. 2445 This document was prepared using 2-Word-v2.0.template.dot. 2447 13. Significant Changes from RFC 5050 2449 Points on which this draft significantly differs from RFC 5050 2450 include the following: 2452 . Clarify the difference between transmission and forwarding. 2453 . Migrate custody transfer to the bundle-in-bundle encapsulation 2454 specification [BIBE]. 2455 . Introduce the concept of "node ID" as functionally distinct 2456 from endpoint ID, while having the same syntax. 2457 . Restructure primary block, making it immutable. Add optional 2458 CRC. 2459 . Add optional CRCs to non-primary blocks. 2460 . Add block ID number to canonical block format (to support 2461 BPSEC). 2462 . Add definition of bundle age extension block. 2463 . Add definition of previous node extension block. 2464 . Add definition of hop count extension block. 2465 . Remove Quality of Service markings. 2466 . Change from SDNVs to CBOR representation. 2468 Appendix A. For More Information 2470 Copyright (c) 2020 IETF Trust and the persons identified as authors 2471 of the code. All rights reserved. 2473 Redistribution and use in source and binary forms, with or without 2474 modification, is permitted pursuant to, and subject to the license 2475 terms contained in, the Simplified BSD License set forth in Section 2476 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents 2477 (http://trustee.ietf.org/license-info). 2479 Appendix B. CDDL expression 2481 For informational purposes, Carsten Bormann and Brian Sipos have 2482 kindly provided an expression of the Bundle Protocol specification 2483 in the Concise Data Definition Language (CDDL). That CDDL 2484 expression is presented below. Note that wherever the CDDL 2485 expression is in disagreement with the textual representation of the 2486 BP specification presented in the earlier sections of this document, 2487 the textual representation rules. 2489 start = bundle / #6.55799(bundle) 2491 ; Times before 2000 are invalid 2493 dtn-time = uint 2495 ; CRC enumerated type 2497 crc-type = &( 2499 crc-none: 0, 2501 crc-16bit: 1, 2503 crc-32bit: 2 2505 ) 2507 ; Either 16-bit or 32-bit 2509 crc-value = (bstr .size 2) / (bstr .size 4) 2511 creation-timestamp = [ 2513 dtn-time, ; absolute time of creation 2515 sequence: uint ; sequence within the time 2517 ] 2519 eid = $eid .within eid-structure 2521 eid-structure = [ 2523 uri-code: uint, 2524 SSP: any 2526 ] 2528 $eid /= [ 2530 uri-code: 1, 2532 SSP: (tstr / 0) 2534 ] 2536 $eid /= [ 2538 uri-code: 2, 2540 SSP: [ 2542 nodenum: uint, 2544 servicenum: uint 2546 ] 2548 ] 2550 ; The root bundle array 2552 bundle = [primary-block, *extension-block, payload-block] 2554 primary-block = [ 2556 version: 7, 2558 bundle-control-flags, 2560 crc-type, 2562 destination: eid, 2564 source-node: eid, 2566 report-to: eid, 2568 creation-timestamp, 2570 lifetime: uint, 2571 ? ( 2573 fragment-offset: uint, 2575 total-application-data-length: uint 2577 ), 2579 ? crc-value, 2581 ] 2583 bundle-control-flags = uint .bits bundleflagbits 2585 bundleflagbits = &( 2587 reserved: 21, 2589 reserved: 20, 2591 reserved: 19, 2593 bundle-deletion-status-reports-are-requested: 18, 2595 bundle-delivery-status-reports-are-requested: 17, 2597 bundle-forwarding-status-reports-are-requested: 16, 2599 reserved: 15, 2601 bundle-reception-status-reports-are-requested: 14, 2603 reserved: 13, 2605 reserved: 12, 2607 reserved: 11, 2609 reserved: 10, 2611 reserved: 9, 2613 reserved: 8, 2615 reserved: 7, 2616 status-time-is-requested-in-all-status-reports: 6, 2618 user-application-acknowledgement-is-requested: 5, 2620 reserved: 4, 2622 reserved: 3, 2624 bundle-must-not-be-fragmented: 2, 2626 payload-is-an-administrative-record: 1, 2628 bundle-is-a-fragment: 0 2630 ) 2632 ; Abstract shared structure of all non-primary blocks 2634 canonical-block-structure = [ 2636 block-type-code: uint, 2638 block-number: uint, 2640 block-control-flags, 2642 crc-type, 2644 ; Each block type defines the content within the bytestring 2646 block-type-specific-data, 2648 ? crc-value 2650 ] 2652 block-control-flags = uint .bits blockflagbits 2654 blockflagbits = &( 2656 reserved: 7, 2658 reserved: 6, 2660 reserved: 5, 2662 block-must-be-removed-from-bundle-if-it-cannot-be-processed: 4, 2663 reserved: 3, 2665 bundle-must-be-deleted-if-block-cannot-be-processed: 2, 2667 status-report-must-be-transmitted-if-block-cannot-be-processed: 1, 2669 block-must-be-replicated-in-every-fragment: 0 2671 ) 2673 block-type-specific-data = bstr / #6.24(bstr) 2675 ; Actual CBOR data embedded in a bytestring, with optional tag to 2676 indicate so 2678 embedded-cbor = (bstr .cbor Item) / #6.24(bstr .cbor Item) 2680 ; Extension block type, which does not specialize other than the 2681 code/number 2683 extension-block = $extension-block-structure .within canonical- 2684 block-structure 2686 ; Generic shared structure of all non-primary blocks 2688 extension-block-use = [ 2690 block-type-code: CodeValue, 2692 block-number: (uint .gt 1), 2694 block-control-flags, 2696 crc-type, 2698 BlockData, 2700 ? crc-value 2702 ] 2704 ; Payload block type 2706 payload-block = payload-block-structure .within canonical-block- 2707 structure 2708 payload-block-structure = [ 2710 block-type-code: 1, 2712 block-number: 1, 2714 block-control-flags, 2716 crc-type, 2718 $payload-block-data, 2720 ? crc-value 2722 ] 2724 ; Arbitrary payload data, including non-CBOR bytestring 2726 $payload-block-data /= block-type-specific-data 2728 ; Administrative record as a payload data specialization 2730 $payload-block-data /= embedded-cbor 2732 admin-record = $admin-record .within admin-record-structure 2734 admin-record-structure = [ 2736 record-type-code: uint, 2738 record-content: any 2740 ] 2742 ; Only one defined record type 2744 $admin-record /= [1, status-record-content] 2746 status-record-content = [ 2748 bundle-status-information, 2750 status-report-reason-code: uint, 2752 source-node-eid: eid, 2754 subject-creation-timestamp: creation-timestamp, 2755 ? ( 2757 subject-payload-offset: uint, 2759 subject-payload-length: uint 2761 ) 2763 ] 2765 bundle-status-information = [ 2767 reporting-node-received-bundle: status-info-content, 2769 reporting-node-forwarded-bundle: status-info-content, 2771 reporting-node-delivered-bundle: status-info-content, 2773 reporting-node-deleted-bundle: status-info-content 2775 ] 2777 status-info-content = [ 2779 status-indicator: bool, 2781 ? timestamp: dtn-time 2783 ] 2785 ; Previous Node extension block 2787 $extension-block-structure /= 2789 extension-block-use<6, embedded-cbor> 2791 ext-data-previous-node = eid 2793 ; Bundle Age extension block 2795 $extension-block-structure /= 2797 extension-block-use<7, embedded-cbor> 2799 ext-data-bundle-age = uint 2801 ; Hop Count extension block 2802 $extension-block-structure /= 2804 extension-block-use<10, embedded-cbor> 2806 ext-data-hop-count = [ 2808 hop-limit: uint, 2810 hop-count: uint 2812 ] 2814 Authors' Addresses 2816 Scott Burleigh 2817 Jet Propulsion Laboratory, California Institute of Technology 2818 4800 Oak Grove Dr. 2819 Pasadena, CA 91109-8099 2820 US 2821 Phone: +1 818 393 3353 2822 Email: Scott.C.Burleigh@jpl.nasa.gov 2824 Kevin Fall 2825 Roland Computing Services 2826 3871 Piedmont Ave. Suite 8 2827 Oakland, CA 94611 2828 US 2829 Email: kfall+rcs@kfall.com 2831 Edward J. Birrane 2832 Johns Hopkins University Applied Physics Laboratory 2833 11100 Johns Hopkins Rd 2834 Laurel, MD 20723 2835 US 2836 Phone: +1 443 778 7423 2837 Email: Edward.Birrane@jhuapl.edu