Issue 3272: SECIOP Sequencing Layer is superfluous and redundant (sec-rev) Source: Syracuse University (Dr. Polar Humenn, polar(at)adiron.com) Nature: Uncategorized Issue Severity: Summary: Security RTF 1.2 introduced (incorrectly) a data link seqencing protocol into SECIOP. Since SECIOP is a transport protocol, meaning that it is required to be handled over a reliable transport. The Sequencing layer was introduced because of a missunderstaning of GIOP fragmentation, message ordering, and the GIOP connection. Solution: Propose to remove the SECIOP sequencing layer and references to it. Resolution: closed with revised text Revised Text: Paragraph 1160: Remove "(or message fragments)". Paragraph 1161: Remove "(e.g., to support request fragmentation)". Eliminate Paragraph 1162 and Figure 15-59 on page 12-225 Eliminate Paragraph 1163 on page 12-226 Change Paragraph 1164 to: The SECIOP Context Management Layer encapsulates GSS based tokens in SECIOP messages. It is driven by the finite state machines defined in Table15-13 on page15-239 and Table15-14 on page15-242. Paragraph 1166: Remove Bullet 3 starting with "SECIOP ensures that fragments are sent over transport connections in their sequence number order." Replace Bullet 4 starting with "When a transport connection is closed," with: A secure association is viewed by the GIOP layer as if it were a transport connection. Therefore, GIOP operates in the same manner as a connection closure when a secure association is discarded. When a transport underneath SECIOP is closed, all SECIOP secure associations are effectively discarded. Remove bullet 5 starting with "There is always a listener at the" Remove Bullet 6 starting with "Both the client and server may initiate"Remove bullet 7 starting with "SECIOP sequence numbers should never wrap" Remove bullet 8 starting with "There is Data Protection protocol information" Remove Section 15.9.2 "SECIOP Sequencing Layer" page 15-227 to 15-233 Section 15.9.4 "SECIOP Context Management Finite State Machine Tables" Replace all the bullets paragraph 1210 with: ° Each TCP connection may be associated with multiple FSMs. ° Each ContextId is associated with one and only one FSM. Appendix A.8: Secure Inter-ORB Protocol (SECIOP) Remove definition of "struct SequencingHeader" on page 15-335 Actions taken: February 4, 2000: received issue August 3, 2001: closed issue Discussion: End of Annotations:===== X-Authentication-Warning: marcy.adiron.com: polar owned process doing -bs Date: Fri, 4 Feb 2000 11:25:11 -0500 (EST) From: Polar Humenn To: issues@omg.org Subject: Security RTF Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-UIDL: W^(!!C!X!!@[Ld9i`2e9 Document: Security RTF 1.7 Severity: Critical Subject: SECIOP Sequencing Layer is superfluous and redundant Security RTF 1.2 introduced (incorrectly) a data link seqencing protocol into SECIOP. Since SECIOP is a transport protocol, meaning that it is required to be handled over a reliable transport. The Sequencing layer was introduced because of a missunderstaning of GIOP fragmentation, message ordering, and the GIOP connection. Solution: Propose to remove the SECIOP sequencing layer and references to it. ------------------------------------------------------------------- Polar Humenn Adiron, LLC mailto:polar@adiron.com 2-212 CST Phone: 315-443-3171 Syracuse, NY 13244-4100 Fax: 315-443-4745 http://www.adiron.com