C.1 Bundle Protocol Data Objects

Within the set of the Request for Comments (RFCs) which define the Bundle Protocol version 7 (BPv7) and Bundle Protocol Security (BPSec) mechanisms, there are several data objects that define the blocks used to encode and protect information carried in a bundle. This appendix provides a definition of those structures using the Concise Data Definition Language (CDDL) as an aid to the developer to understand the specific fields to be included in each of these structures.

BPSec, defined in RFC 9172 [1], extends BPv7 as defined in RFC 9171 [2] and is the required specification to provide security services for BPv7. Whereas BPv7 defines the basic structure for bundles and blocks, BPSec defines the basic blocks for security infrastructure – the Block Integrity Block (BIB) and the Block Confidentiality Block (BCB).

The BIB and BCB share a common block-type-specific data field structure to carry security-related information. Security related information is generated by a security context defining the cipher suites and cryptographic processing that, when combined with a robust security policy, provide security for a BPv7 implementation. A pair of example security contexts, the Default Security Contexts for BPSec, are defined in RFC 9173 [3].

This appendix details the following objects to better describe expected messages used in BPSec implementation:

• BPv7 (RFC 9171)
  • – Bundle
  • – Primary Block
  • – Canonical ...