A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : A lightweight security extension for the Unidirectional Lightweight Encapsulation (ULE) protocol
Author(s) : M. Noisternig, B. Collini-Nocker
Filename : draft-noisternig-ipdvb-ulesec-01.txt
Pages : 42
Date : 2008-07-14
The Unidirectional Lightweight Encapsulation (ULE) protocol is an
efficient and extensible transport mechanism for IP over MPEG-2
networks. Such networks are often operated on broadcast wireless
channels, and are thus specifically vulnerable to attacks. Passive
attacks, such as eaves-dropping, are simple to perform and emphasize
the importance of security support within ULE.
This document defines a mandatory security extension for the ULE
protocol that is designed with the aim of being conservative in
bandwidth consumption and lightweight in the sense that it allows for
implementation in low-cost, resource-scarce (mobile) receiver
devices. The extension may be easily adapted to the Generic Stream
Encapsulation (GSE) protocol, which uses the same extension header
mechanism. The document describes the format of the security
extension header, specifies default security algorithms to be used
with this extension, and gives detailed processing descriptions for
devices implementing the security extension.
Conventions used in this document
The following DVB specific terms are taken from [RFC4326] and
recapitulated here for easy lookup:
DVB: Digital Video Broadcast. A framework and set of associated
standards published by the European Telecommunications Standards
Institute (ETSI) for the transmission of video, audio, and data using
the ISO MPEG-2 standard [MPEG2].
MPEG-2: A set of standards specified by the Motion Picture Experts
Group (MPEG) and standardized by the International Standards
Organization (ISO/IEC 13818-1) [MPEG2] and ITU-T [H222].
NPA: Network Point of Attachment. In this document, refers to a 48-
bit destination address (resembling an IEEE MAC address) within the
MPEG-2 transmission network that is used to identify individual
receivers or groups of receivers.
PDU: Protocol Data Unit. Examples of a PDU include Ethernet frames,
IPv4 or IPv6 datagrams, and other network packets.
PID: Packet Identifier [MPEG2]. A 13-bit field carried in the header
of TS cells. This is used to identify the TS Logical Channel to
which a TS cell belongs [MPEG2].
SNDU: SubNetwork Data Unit. An encapsulated PDU sent as an MPEG-2
payload unit.
TS: Transport Stream [MPEG2]. A method of transmission at the MPEG-2
level using TS cells; it represents layer 2 of the ISO/OSI reference
model.
TS Logical Channel: Transport Stream Logical Channel. In this
document, this term identifies a channel at the MPEG-2 level [MPEG2].
All packets sent over a TS Logical Channel carry the same PID value.
ULE: Unidirectional Lightweight Encapsulation [RFC4326]. A protocol
that encapsulates PDUs into SNDUs that are sent in a series of TS
cells using a single TS Logical Channel.
Terms and abbreviations from cryptography are explained when they
first appear within this document.
All numbers encoded in protocols are to be interpreted in network
byte order.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL", when
appearing within this document, are to be interpreted as described in
[RFC2119].
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-noisternig-ipdvb-ulesec-01.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-noisternig-ipdvb-ulesec-01.txt>
-
_______________________________________________
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
