idnits 2.17.1 draft-ietf-dtn-mtcpcl-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 23, 2019) is 1830 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 7525 (Obsoleted by RFC 9325) ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Delay-Tolerant Networking Working Group S. Burleigh 2 Internet Draft JPL, Calif. Inst. Of Technology 3 Intended status: Standards Track April 23, 2019 4 Expires: September 2019 6 Minimal TCP Convergence-Layer Protocol 7 draft-ietf-dtn-mtcpcl-01.txt 9 Status of this Memo 11 This Internet-Draft is submitted in full conformance with the 12 provisions of BCP 78 and BCP 79. 14 Internet-Drafts are working documents of the Internet Engineering 15 Task Force (IETF), its areas, and its working groups. Note that 16 other groups may also distribute working documents as Internet- 17 Drafts. 19 Internet-Drafts are draft documents valid for a maximum of six 20 months and may be updated, replaced, or obsoleted by other documents 21 at any time. It is inappropriate to use Internet-Drafts as 22 reference material or to cite them other than as "work in progress." 24 The list of current Internet-Drafts can be accessed at 25 http://www.ietf.org/ietf/1id-abstracts.txt 27 The list of Internet-Draft Shadow Directories can be accessed at 28 http://www.ietf.org/shadow.html 30 This Internet-Draft will expire on October 25, 2019. 32 Copyright Notice 34 Copyright (c) 2019 IETF Trust and the persons identified as the 35 document authors. All rights reserved. 37 This document is subject to BCP 78 and the IETF Trust's Legal 38 Provisions Relating to IETF Documents 39 (http://trustee.ietf.org/license-info) in effect on the date of 40 publication of this document. Please review these documents 41 carefully, as they describe your rights and restrictions with 42 respect to this document. Code Components extracted from this 43 document must include Simplified BSD License text as described in 44 Section 4.e of the Trust Legal Provisions and are provided without 45 warranty as described in the Simplified BSD License. 47 Abstract 49 This document describes a Minimal TCP (MTCP) "convergence-layer" 50 protocol for the Delay-Tolerant Networking (DTN) Bundle Protocol 51 (BP). MTCP uses Transmission Control Protocol (TCP) to transmit BP 52 "bundles" from one BP node to another node to which it is 53 topologically adjacent in the BP network. The services provided by 54 the MTCP convergence-layer protocol adapter utilize a standard TCP 55 connection for the purposes of bundle transmission. 57 Table of Contents 59 1. Introduction...................................................2 60 2. Conventions used in this document..............................3 61 3. MTCP Design Elements...........................................3 62 3.1. MTCP Sessions.............................................3 63 3.2. MTCP Protocol Data Units..................................4 64 4. MTCP Procedures................................................4 65 4.1. MPDU Transmission.........................................4 66 4.2. Reception Session Formation...............................5 67 4.3. MPDU Reception............................................5 68 5. Security Considerations........................................5 69 6. IANA Considerations............................................6 70 7. References.....................................................6 71 7.1. Normative References......................................6 72 7.2. Informative References....................................7 73 8. Acknowledgments................................................7 74 Appendix A. For More Information..................................8 76 1. Introduction 78 This document describes the Minimal TCP (MTCP) protocol, a Delay- 79 Tolerant Networking (DTN) Bundle Protocol (BP) [RFC5050] 80 "convergence layer" protocol that uses a standard TCP connection to 81 transmit bundles from one BP node to another node to which it is 82 topologically adjacent in the BP network. 84 Conformance to the MTCP convergence-layer protocol specification is 85 OPTIONAL for BP nodes. 87 Each BP node that conforms to the MTCP specification includes an 88 MTCP convergence-layer adapter (MCLA). Every MCLA engages in 89 communication via the Transmission Control Protocol [RFC0793]. 91 Like any convergence-layer adapter, the MTCP CLA provides: 93 . A transmission service that sends an outbound bundle (from the 94 bundle protocol agent) to a peer CLA via the MTCP convergence 95 layer protocol. 96 . A reception service that delivers to the bundle protocol agent 97 an inbound bundle that was sent by a peer CLA via the MTCP 98 convergence layer protocol. 100 Transmission of bundles via MTCP is "reliable" to the extent that 101 TCP itself is reliable. MTCP provides no supplementary error 102 detection and recovery procedures. In particular, MTCP does not 103 provide to the sender any interim reporting of reception progress. 105 2. Conventions used in this document 107 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 108 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 109 document are to be interpreted as described in RFC-2119 [RFC2119]. 111 In this document, these words will appear with that interpretation 112 only when in ALL CAPS. Lower case uses of these words are not to be 113 interpreted as carrying RFC-2119 significance. 115 3. MTCP Design Elements 117 3.1. MTCP Sessions 119 An MTCP "session" is formed when a TCP connection is established by 120 the matching of an active TCP OPEN request issued by some MCLA, 121 termed the session's "sender", with a passive TCP OPEN request 122 issued by some MCLA, termed the session's "receiver". That portion 123 of the state of a session that is exposed to the session's sender is 124 termed the "transmission element" of the session. That portion of 125 the state of a session that is exposed to the session's receiver is 126 termed the "reception element" of the session. 128 The values of the parameters constraining MTCP's TCP connection 129 establishment, including the establishment of Transport Layer 130 Security (TLS; [RFC8446]) sessions within the connections, SHALL be 131 provided by management, by means that are beyond the scope of this 132 specification. No TCP port number will be reserved for MTCP 133 connection purposes. 135 The use of TLS to secure MTCP sessions is optional but is strongly 136 recommended. When it is determined, by management, that an MTCP 137 session between a given sender and receiver is to be secured by TLS: 139 . Following establishment of the session's TCP connection, the 140 sender and receiver SHALL undertake a TLS handshake in 141 accordance with [RFC8446] with the sender acting in the role of 142 "client". The parameter settings governing each such handshake 143 (again, determined by management) are an implementation matter, 144 but the handshake SHOULD conform to all recommended best 145 practices of [RFC7525] and its updates and successors. 146 . If the handshake does not result in successful establishment of 147 a TLS session, then the session's TCP connection SHALL be 148 terminated and the attempt to form an MTCP session SHALL be 149 abandoned. 151 MTCP sessions are unidirectional; that is, bundles transmitted via 152 an MTCP session are transmitted only from the session's sender to 153 its receiver. When bidirectional exchange of bundles between MCLAs 154 via MTCP is required, two MTCP sessions are formed, one in each 155 direction. 157 Closure of either element of a session MAY occur either upon request 158 of the bundle protocol agent or upon detection of any error. 159 Closure of either element of an MTCP session SHALL cause the 160 corresponding TCP connection to be terminated (unless termination of 161 that connection was in fact the cause of the closure of that session 162 element). Since termination of the associated TCP connection will 163 result in errors at the other element of the session, termination of 164 either element of the session will effectively terminate the 165 session. 167 3.2. MTCP Protocol Data Units 169 An MTCP protocol data unit (MPDU) is simply a serialized bundle in a 170 CBOR representation that indicates the length of that serialized 171 bundle. An MPDU is constructed as follows. 173 Each MPDU SHALL be a single serialized BP bundle, termed the 174 "encapsulated bundle", represented as a CBOR byte string of definite 175 length (NOT an indefinite-length byte string). 177 4. MTCP Procedures 179 4.1. MPDU Transmission 181 When an MCLA is requested by the bundle protocol agent to send a 182 bundle to a peer MCLA identified by some IP address and port number: 184 . If no MTCP session enabling transmission to that MCLA has been 185 formed, the MCLA SHALL attempt to form that session. If this 186 attempt is unsuccessful, the MCLA SHALL inform the bundle 187 protocol agent that its data sending procedures with regard to 188 this bundle have concluded and transmission of the bundle was 189 unsuccessful; no further steps of this procedure will be 190 attempted. 191 . The MCLA SHALL form an MPDU from the subject bundle. 192 . The MCLA SHALL attempt to send this MPDU to the peer MCLA by 193 TCP via the transmission element of the session formed for this 194 purpose. 195 o If that transmission is completed without error, the MCLA 196 SHALL inform the bundle protocol agent that its data 197 sending procedures with regard to this bundle have 198 concluded and transmission of the bundle was successful. 199 o Otherwise: 200 . The transmission element SHALL be closed. 201 . The MCLA SHALL inform the bundle protocol agent that 202 its data sending procedures with regard to this 203 bundle have concluded and transmission of the bundle 204 was unsuccessful. 206 4.2. Reception Session Formation 208 An MCLA that is required to receive (rather than only transmit) 209 bundles SHALL issue a passive TCP OPEN. Whenever TCP matches that 210 passive OPEN with an active TCP OPEN issued by some MCLA, an MTCP 211 session is formed as noted earlier; MPDUs may be received via the 212 reception element of such session. 214 4.3. MPDU Reception 216 From the moment at which an MTCP session reception element is first 217 exposed to the moment at which it is closed, in a continuous cycle, 218 the corresponding session's receiver SHALL: 220 . Attempt to receive, by TCP via the corresponding session, a 221 serialized BP bundle represented as a CBOR byte string of 222 definite length. If this attempt fails for any reason, the 223 reception element SHALL be closed and no further steps of this 224 procedure will be attempted. 225 . Deliver the received serialized bundle to the bundle protocol 226 agent. 228 5. Security Considerations 230 Because MTCP constitutes a nearly negligible extension of TCP, it 231 introduces virtually no security considerations beyond the well- 232 known TCP security considerations. To address these considerations, 233 the use of TLS to secure MTCP sessions is strongly recommended. 235 Even when TLS is used to secure an MTCP session, the ciphersuite 236 specified for the TLS session may be insecure. For example, TLS can 237 be configured to support authentication without confidentiality. 238 MCLA management MUST ensure that the ciphersuites employed to secure 239 MTCP sessions meet transport security requirements. This constraint 240 echoes constraints on STARTTLS in [RFC2595]. 242 An adversary could mount a denial-of-service attack by repeatedly 243 establishing and terminating MTCP sessions; well-understood DOS 244 attack mitigations would apply. 246 Maliciously formed bundle lengths could disrupt the operation of 247 MTCP session receivers, but MTCP implementations need to be robust 248 against incorrect bundle lengths in any case. 250 Maliciously crafted serialized bundles could be received and 251 delivered to the bundle protocol agent, but that is not an MTCP- 252 specific security consideration: all bundles delivered to the BPA by 253 all convergence-layer adapters need to be processed in awareness of 254 this possibility. 256 6. IANA Considerations 258 No new IANA considerations apply. 260 7. References 262 7.1. Normative References 264 [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, 265 "Recommendations for Secure Use of Transport Layer Security (TLS) 266 and Datagram Transport Layer Security (DTLS)", BCP 195, RFC 7525, 267 May 2015. 269 [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, RFC 270 793, DOI 10.17487/RFC0793, September 1981. 272 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 273 Requirement Levels", BCP 14, RFC 2119, March 1997. 275 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 276 Version 1.3", RFC 8446, August 2018. 278 7.2. Informative References 280 [RFC2595] Newman, C., "Using TLS with IMAP, POP3 and ACAP", RFC 281 2595, August 2018. 283 [RFC5050] Scott, K. and S. Burleigh, "Bundle Protocol 284 Specification", RFC 5050, November 2007. 286 8. Acknowledgments 288 This document was prepared using 2-Word-v2.0.template.dot. 290 Appendix A. For More Information 292 Please refer comments to dtn@ietf.org. The Delay Tolerant Networking 293 Research Group (DTNRG) Web site is located at http://www.dtnrg.org. 295 Copyright (c) 2019 IETF Trust and the persons identified as authors 296 of the code. All rights reserved. 298 Redistribution and use in source and binary forms, with or without 299 modification, is permitted pursuant to, and subject to the license 300 terms contained in, the Simplified BSD License set forth in Section 301 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents 302 (http://trustee.ietf.org/license-info). 304 Authors' Address 306 Scott Burleigh 307 Jet Propulsion Laboratory, California Institute of Technology 308 4800 Oak Grove Dr. 309 Pasadena, CA 91109-8099 310 US 311 Phone: +1 818 393 3353 312 Email: Scott.Burleigh@jpl.nasa.gov