1 / 10

1609.2 Status

1609.2 Status. William Whyte, Security Innovation February 34, 2010. /. To-do list after December meeting. PAR change Clause 4: Sequence diagrams Security Management PICS Examples Motivation Small amount of tidying up in profile text. Changes based on December meeting.

jarah
Download Presentation

1609.2 Status

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 1609.2 Status William Whyte, Security Innovation February 34, 2010 • /

  2. To-do list after December meeting • PAR change • Clause 4: Sequence diagrams • Security Management • PICS • Examples • Motivation • Small amount of tidying up in profile text

  3. Changes based on December meeting • WSA Cert Chain Length • WaveSecurityServices-SignedWsa.confirm now returns only the WSA with cert chain • WaveSecurityServices-SignedWsaValidation.request supports signed WSA with digest, single cert, or cert chain. • “Profile”  “Security Profile”; “MIB”  “Security Data Store” (SDS) • SignerIdentifier and SignerIdentifierCertChainLength • SignerIdentifier: “As guidance, an application that may send time-critical messages to or from a platform traveling at high speed should send its certificate chain at least one time a second” • SignerIdentifierCertChainLength: “For most applications, setting this value to “-1” will be appropriate.” • AcceptableSignerType removed from WaveSecurityServices-SignedMessageValidation.request and from profile • ToBeSignedWSA: • No longer uses the “dummy” PSID 24 • Instead, defined a signed_wsa message type • Minimal change to clauses 6.2.1 (1609Dot2Message), 6.2.2 (ContentType), 6.2.3 (SignedMessage), 6.2.7 (ToBeSignedMessage) • Good dry run for authenticating 1609.1 management messages • Architecture Diagram: • Reverted to version from current 1609.3 with no regrets

  4. PAR change

  5. Clause 4: Sequence diagrams

  6. Security Profile • Clarified meaning of fields in profile • Provided profile for SAE BSM as discussed in December • Referencing BSM following discussion with SAE: “The following security profile shall be used for the SAE J2735 Basic Safety Message (BSM).  This security profile shall be superseded by any 1609.2 security profile published by SAE and intended for use with that message.” • WME profile used to set defaults for some values

  7. Security Management - CRLs Application CRLs, Root Cert Update CA Security Management Entity (SME) 1609.2 Message SAP Internal to Security Services Global Security SDS Application Security SDS

  8. Security Management – Application 1. Request Cert Application 2. Cert Request 4. Notification CA Security Management Entity (SME) 4a. Store Cert (on success) 3. Response (Cert or Error) 1609.2 Message SAP Internal to Security Services Global Security SDS Application Security SDS

  9. Certificate Request Sequence Flow

  10. Remaining ToDos • PICS • Examples • Motivation

More Related