From: owner-atnp_sgb2@cena.fr on behalf of Tony Kerr [tony.kerr@cival.co.uk] Sent: 14 October 2002 14:34 To: atnp_ccb_chair@tls.cena.fr Cc: atnp_sgb2@tls.cena.fr; atnp_ccb_sme4@tls.cena.fr; atnp_sgb3@tls.cena.fr Subject: PDR M2080002 - ULCS - SE-Transfer End Flag - RESOLVED Title: ULCS - SE-Transfer End Flag PDR Reference: M2080002 Originator Reference: SARPs Document Reference: Ed 3 Sub-Volume IV, section 4.8.5 (SA-CF) CAMAL Document Reference: Draft ed 2, Part IV, section 2.15 P/OICS Document Reference - Status: RESOLVED Impact: B PDR Revision Date: 04 Oct 2002 (Proposed -> Resolved) 23 Sep 2002 (Accepted -> Proposed) 05 Sep 2002 (Submitted -> Accepted) 13 Aug 2002 (Submitted) Submitting State/Organization: CIVAL Consulting Ltd Submitting Author Name: A J Kerr Submitting Author E-mail Address: tony.kerr@cival.co.uk Submitting Author Supplemental Contact Information: Tel: +44 (0)1252 724386 SARPs Date: Doc 9705 Ed 3 (Jul 02) P/OICS Date: - SARPs Language: English Summary of Defect: According to the Security Exchange Protocol Machine (SEPM) defined in normative Annex A of the SESE protocol specification (ISO/IEC 11586-3 | ITU-T Rec. X.832), the End Flag of the SE-Transfer service is used to control SEPM state transitions. In the ATN Security ASO specification, the End Flag is "not used" in all invocations of SE-TRANSFER. The effect of this is that the flag takes its default value of FALSE and SEPM gets stuck in STA1 Exchange State as soon as the first SE-Transfer req is issued or SETR APDU is received. This in turn could lead to SESE implementations detecting false sequence errors in security exchanges, and also affects the handling of SE-U-Abort req and SEAB APDU input events, which are only valid in STA1. According to the SESE service definition (ISO/IEC 11586-2 | ITU-T Rec. X.831), the End Flag is "U" (User option) in SE-Transfer req and "C(=)" in SE-Transfer ind. However, endFlag is NOT optional in the ASN.1 definition of the SETransfer APDU; it is DEFAULT FALSE. Support for the end flag is mandatory in the PICS. Assigned SME: Sub-Volume IV SME Proposed SARPs amendment: In Table 4.8-7, change End flag from "not used" to "False" In Table 4.8-13, change End flag from "not used" to "True" In Table 4.8-17, change End flag from "not used" to "True" Proposed CAMAL (ed 2) amendment: In Table IV-2-29, change End flag from "Not used" to "False" In Table IV-2-32, change End flag from "Not used" to "False" In Table IV-2-40, change End flag from "absent" to "True" In Table IV-2-43, change End flag from "absent" to "True" In Table IV-2-58, change End flag from "Not used" to "False" In Table IV-2-61, change End flag from "Not used" to "False" In Table IV-2-68, change End flag from "absent" to "True" In Table IV-2-71, change End flag from "absent" to "True" In Table IV-2-78, change End flag from "absent" to "True" In Table IV-2-81, change End flag from "absent" to "True" In Table IV-2-88, change End flag from "absent" to "True" In Table IV-2-91, change End flag from "absent" to "True" In Table IV-2-98, change End flag from "absent" to "True" In Table IV-2-99, change End flag from "absent" to "True" In Table IV-2-106, change End flag from "absent" to "True" In Table IV-2-109, change End flag from "absent" to "True" In Table IV-2-116, change End flag from "absent" to "True" In Table IV-2-119, change End flag from "absent" to "True" In 2.15.6.2: REPLACE "endFlag = FALSE (default value)" with "endFlag = TRUE" REPLACE "2X ('X' is the binary string '001'B)" WITH "23" REPLACE 01 0 Bitmap: invocationId absent (default noInvocationId, startFlag present, endFlag absent (default FALSE) WITH 01 1 Bitmap: invocationId absent (default noInvocationId, startFlag present, endFlag present AFTER "1 (u)startFlag(/u) BOOLEAN = TRUE" APPEND "1 (u)endFlag(/u) BOOLEAN = TRUE" ((u) indicates underline) In 2.15.6.3: REPLACE "endFlag = FALSE (default value)" with "endFlag = TRUE" REPLACE "0X ('X' is the binary string '00'B)" WITH "0X ('X' is the binary string '001'B)" REPLACE 00 0 Bitmap: invocationId absent (default noInvocationId, startFlag absent (default FALSE), endFlag absent (default FALSE) WITH 00 1 Bitmap: invocationId absent (default noInvocationId, startFlag absent (default FALSE), endFlag present AFTER "0000 00 Padding to octet boundary for seItem" APPEND "1 (u)endFlag(/u) BOOLEAN = TRUE" ((u) indicates underline) Impact on interoperability: Without the amendment proposed in this PDR, endFlag will always have the default FALSE value and hence be omitted from SETransfer APDUs. With the amendment, endFlag will be TRUE in all currently defined security exchanges apart from the initial signed key management message. This will add one extra bit to the air-ground message in these cases. SASO implementations that exceed the SARPs requirements and rigorously check the value of the end flag may fail when receiving a SETR with the flag unexpectedly set to TRUE. PDR Validation Status: Inspection should be sufficient. SME Recommendation to CCB: Resolved CCB Decision: Resolved (CCB/16, Toulouse, 04 Oct 2002)