Aeronautical Telecommunication Network Panel

WG-B/4 REPORT Draft A

AERONAUTICAL TELECOMMUNICATION NETWORK PANEL

Report of the 4th ATNP Working Group B Meeting 7-10 October 2002, Toulouse, France

1. Meeting Organisational Issues 1.1 The fourth meeting of the ICAO Aeronautical Telecommunication Network Panel Working Group B was held in Toulouse, France on the 7th - 10th October 2002. The meeting was chaired by the Rapporteur, Brian Cardwell, and was attended by some 18 Members from 5 States and 1 International Organisation. 14 Working Papers (WP) presented. A copy of the Agenda for the meeting is at Appendix A, the list of Working Papers is attached at Appendix B and the list of attendees is at Appendix C.

1.2 The chairman thanked DGAC & STNA, on behalf of WG B, for hosting the meeting.

1.3 As there were new members, the chairman invited the attendees to introduce themselves.

2. Approval of the Agenda The agenda, as presented in WP401, was approved after insertion of Item 3B "Report of WG B/3". 3. Input from other Groups The Rapporteur referred to the Panel Secretary's report that would be presented to the Joint Working Group Meeting. It contained several items of relevance to WG B, namely: . the CLNP Priority mapping table has been approved by the AMCP WGs and will be included in Amd 78 to Annex 10 in Nov 2003. Doc 9705 should be updated to match Doc 9705, but should an update to Doc 9705 not be published in advance of Amd 78. . the AEEC communique regarding security key management was sent to the AEEC and acknowledged. As yet there is no reply, but it is expected to be discussed at the AEEC General Assembly during Oct 02. . The MET Divisional Meeting had recommended limited use of the public internet with appropriate security provisions. ATNP may wish to react to assist in the determination of the policy for use of the public internet. . Several Regional meetings had considered the issue of AMHS over TCP/IP, the overall result being Regional confusion over the choice of two incompatible comms sub- networks. Again, no work is formally requested from the ATNP at this time, but it may be appropriate to prepare in advance of a future action from the ANC. . One Region had requested Grade of Service advice to assist with the leasing of ATN Communications from commercial service providers.

3B Review of WG-B/3 Report The Rapporteur presented WP402, "Report of 3rd WG B Meeting" to check progression of actions and work items. Page 1 of 11 WG-B/4 REPORT Draft A Action 1/5, relating to zlib, still remained open and the Rapporteur again took responsibility for closing this action before the next meeting. Action 1/5 - contact zlib author/owner to protect ATN future use of zlib - Cardwell Action 3/1 - Contact 'Convergent MIB' authors to determine if they would consent to the removal of their commercial logos from the document to enable publication on the ICAO website. Not progressed, the Rapporteur took on the task. Action 3/1 - contact Convergent MIB authors to determine if logos could be removed - Cardwell Action 3/2 - Further study of SNMP/CMIP interaction to determine if any new SARPs/GM are necessary. Action remains open. Action 3/2 - Further study the CMIP/SNMP interaction issue to determine if the current SARPs/GM adequately address this. Any subsequent papers to SG B2 - Leon Sayadian

It was noted that the future meeting plans outlined in section 12 of the report had taken place. The outputs to other groups listed in section 13 had been delivered and only one remained open, the "AEEC Communique for Avionics Key Management" is still pending a reply.

4. SG B1 - ATN Internet Communication Service 4.1. Report of SG B1-4 4.1.1. Brian Cardwell, the SG B1 Chairman, presented WP403, "Report of the fifth SG B1 Meeting". The SG had: . progressed the primary work item, namely the development of an IP SNDCF. Initial validation had commenced on the draft text and a final text was expected before the end of the year. . received updates of the work of AEEC 664 which is working on the standardisation of TCP/IP for use within airframes. AEEC would be the first recipients of the "Merits of the ATN Internet Communication Service" information paper. . noted the work of AEEC 637 and some (currently unsupported) moves to remove AOC from that text. . received an paper on MPLS and IPSec. Whilst the MPLS is beyond the ToRs of the ATNP (too low down the comms stack) the IPSec item was forwarded to SG B3 for further input. It may be appropriate to produce some GM on the use of IPSec as a sensible implementation of IP subnets. . Reviewed the only current PDR against SV 5. PDR M2100006 . received a paper from the FAA outlining the work of the Asia/Pac transition task force. ICD had been developed to enable the deployment of a ground ATN Internetwork in support of, initially, the AMHS application - a positive step towards implementation.

5. SG B2 - Communication Infrastructure Services 5.1. Report of SG B2 Tony Kerr stated that there had been no formal meetings of SG B2 since Phuket (Mar 2002), hence no SG B2 meeting reports, however there had been a considerable amount of e-mail correspondance to progress the work of the SG.

5.2. SV4 - ULCS

Page 2 of 11 WG-B/4 REPORT Draft A 5.2.1. In WP412, "SME4 Status Report", Tony Kerr summarised the CCB status of SV4 (the output of the Toulouse CCB Meeting). He reported that there had been seven PDRs against SV4 Ed3. . M2020001 had been resolved in Phuket . M2020002 had been forwarded in Phuket. Further work had been completed and the PDR had been resolved, however there was still ongoing work to clarify when the securtiy contect should be maintained over sucessive dialogues between two peers and when it should be terminated. This is being progressed with SG B3. . M2020003 was discussed in the joint SG B2/3 meeting in Phuket where it was forwarded for further work. A comprehensive review of error states was undertaken a working paper has been prepared - this is still under discussion in the working groups and thus the PDR remains forwarded. . M2020004 was editorials and is accepted. . M2080002 refers to the use of the Transfer End Flag. The ATN provisions originally assumed the end flag could be ignored, but it can't so it is being added. There is no interop impact, but it does add one bit to every a/g exchange. . M2090002 is a recent PDR that also applies to SV8. When SV8 is corrected, SV4, specifically the Security ASO, will be updated to align with SV8. . M2090006 contains a number of defects that are being worked on the SME4 e-mail list. Whilst they are being progressed the PDR remains accepted, although two of the defects are probably bugs and thus level B rather than C as currently listed. The defects are grouped under one PDR number because they are all in the same area of text and are easier to progress and correct as a set. Most are restricted to a single para of SARPs, other than the third defect (the Sec ASO lower interface boundary is not cleanly specified) which will require more substantial changes - a separate WP will be developed to defined upper and lower boundaries of the SSO. SV4 remains basically stable, further validation and the introduction of the security ASO have exacerbated inherent problems that these PDRs are correcting.

5.2.2. There have been no changes to the SV4-related GM since Phuket. However PDR M2080002 identifies GM changes necessary to explain the addition of the end flag. This change will be included in a replacement GM .wpd file and will be included in Ed 2 of 9739. Action 4/1 - Update ULCS GM and supply new 'camera ready' file toWG B Rapporteur - Tony Kerr

5.2.3. Tony Kerr presented WP406, "Summary Report of 'ULCS and Security ASO Exception Handling' Issues". This paper summarises the work on exception and abort handling (arising from PDR M2020003) and was developed jointly between SG B2 and SG B3. Some of the work will be progressed via the CCB process and a further detailed working paper would be developed to progress the service boundary issues. The recommendation progression was agreed, and, subject to ongoing support of this work, it should be complete before the next WG B meeting in six months time.

5.2.4. Tony Kerr presented WP407, "Summary Report of 'Persistance of Security State Information' Issue". This paper resulted from joint work between SG B2 and SG B3 and was a summary of the work since the joint SG B2/3 meeting in

Page 3 of 11 WG-B/4 REPORT Draft A Phuket. The issue relates to the clarification of when security information should be maintained or deleted, and the mapping of security context to dialogue establishment. An example issue is whether failure of one a/g application between two peers should prevent establishment of subsequent a/g applications between the same two peers or whether a new security context needed to be established by a new CM logon. It is not clear whether this is an acceptable mode of operation, although it is the most secure mode of operation. A further consideration is whether existing applications between those two peers should also be terminated or left to continue. The security framework is flexible enough to do whatever is required, however operational input/guidance is required to inform the security and upper layers subgroups what the SARPs need to do. This is an Institutional Issue and will be forwarded to SG A1 via the JWG meeting. Action 4/2 - Forward the request for operational guidance to SG A1 via the JWG - Rapporteur 5.3. SV6 - SM There have been no SV6 issues or developments since the Phuket meeting. There is a need for a new SV6 SME; States and Organisations are invited to make nominations to the CCB/JWG.

5.4. SV7 - DIR There have been two PDRs rasied on DIR since Phuket. Both are class C (Clarifiaction) and have been submitted from SG A3. There is no new validation activity since Phuket, but development work, thus validation, is expected over the next six months.

5.5. SV9- REG There have been no SV9 issues or developments since the Phuket meeting. However, SG B3 are considering use of SV 9 to register the security algorithm identifiers.

5.6. Future Work Programme and Schedule Many, but not all, of the work items are security related so joint meetings with SG B3 will be beneficial. Other than those joint meetings, SG B2 will continue to work electronically via the SG B2 e-mail list.

6. SG B3 - ATN Security Services 6.1. Report of SG B3 meetings since WG B/3 Tom McParland presented WP404, "Summary of SG B3 Activities" which reported the status of the SG B3 tasks. A considerable amount of work had been undertaken and key tasks progressed. (Doc 9705, PDRs and GM are reported below). Major work items have included addressing PDRs, responding to the AMHS security issues raised in Phuket, and development of the Confidentiality enhancements. There are a number of tasks assigned to SG B3 that have not been started yet, but are scheduled for completion prior to ATNP/4 in 2004. In order that these tasks can be completed the SG needs further resource and all States and Organisations are requested to provide resource. A new issue that had arisen in the Toulouse series of meetings was use of subnet security, e.g. IPSec. It was decided that whilst this was a viable work item for SG B3, it would have to take a lower priority than the existing work items.

Page 4 of 11 WG-B/4 REPORT Draft A 6.2. Doc 9705 SV8 Status (including PDRs) Simon Blake-Wilson presented WP405, "Summary of Edition 3 Security PDRs". This paper summarises the PDRs against the current published Doc 9705 Ed 3 SV8. There are a lot of PDRs (12, inc. 3 class A PDRS) but this is a good sign as they have arisen from ffurther validation activities and from the work to add confidentiality. All but one of the PDRs is contained to SV8; the final PDR also affects SV4, but only the Sec ASO added in Ed 3, thus there is no interoperability problem with Doc 9705 Ed 1 and Ed 2 implementations. The PDRs will be progressed within the CCB (5 had been Resolved in the Toulouse CCB meeting). A SME8 e-mail list will be created to assist with this. Simon Blake-Wilson will take on the SME8 role.

Simon Blake-Wilson presented WP408, "Summary Report of Confidentiality Solution". This paper relates to the major enhancement to SV8, i.e. the addition SARPs to enable confidential communications. With the same level of resource, and access to SG B2 and SG A2, the SARPs text should be completed by the next WG B meeting in six months.

WP409, "Summary Report of 'Addition of Confidentiality in ULCS and Application' Issue", and WP410, "Response to AMHS Security Questions" will be presented in the JWG meeting as they are relevant to both WG A and WG B.

WP411, "SG B3 Future Work Programme" formally listed the tasks SG B3 are addressing and the current status of these items. Several of the tasks could not be progressed further without input from the Institutional Issues SG (SG A1). Tom McParland would prepare a JWG meeting to explain these Institutional Issues and recommend that they are forwarded to SG A1 for progression. SG B3 could provide assistance to SG A1 when requested.

6.3. Doc 9739 Status The GM previously submitted in Phuket remains valid however there are three small corrections necessary in, for example, the results to key derivation algorithms. It is not possible to correct these in the meeting and careful work is required to check and produce the correct numerical strings. This will take about a week and it was proposed to delay publication of the Doc 9739 Ed 2. This would need raising at the JWG. Action 4/3 - Update SV8 related GM and supply 'camera ready' files to WG B Rapporteur - Tom McParland SG B3 have identified a number of other areas in the existing GM where improvements could be made and are collating GM material for the new work items. In the interest of publishing a new version of the GM (Ed 2) as soon as possible, the improvements to the current text will be held back and included with the addition of new GM material in a future, and as yet unscheduled, edition (Ed 3) of Doc 9739.

6.4. Further Validation Results No working papers presented. 6.5. Future Work Programme and Schedule WP404 summarised the work programme. SG B3 plan to have several meetings before the next WG B meeting. These would be announced on the SG B3 e-mail list.

Page 5 of 11 WG-B/4 REPORT Draft A 7. Output of WG-B to other WG-A+B and other To the JWG (A+B+CCB) Meeting . WPs 409, 410 and 411 would be presented to the JWG meeting. . The WG B Rapporteur presented WP413, "WG B Programme". This was updated by the WG and the resultant paper will be presented to the JWG for information.

8. Groups Future meetings of WG-B and its SGs . WG B will meet again in 6-7 months ( March 03), the location would be determined in the JWG meeting. . SG B1 will meet once before then, in about 3 months time; date/location tba. . SG B2 will need to meet with SG B3 and SG A2 to as necessary, but wold primarily operate by e-mail. . SG B3 will meet several times before March 03, and these meetings will be announced in advance on the SG B3 e-mail list. The first would likely be in the Washington DC area in ~Dec 02.

9. A.O.B. As a result of the JWG meeting, and the Panel Secretary's paper to that meeting, WG B (and SG B1 in particular) would take a preliminary look at the the technical issues around the use of the public internet for ATC communications. See JWG 4 WP04 for background to this task.

Page 6 of 11 WG-B/4 REPORT Draft A Appendix A

AERONAUTICAL TELECOMMUNICATION NETWORK PANEL

4th Meeting of Working Group B – ATN Communication Service 7-10 October 2002, Toulouse, France

Draft Agenda

1. Meeting Organisational Issues

2. Approval of the Agenda

3. Input from Other Groups 3.1. Panel Secretary’s Report

3B. Report of WG B-3

4. SG B1 - ATN Internet Communication Service 4.1. Report of SG B1-4 4.2. Doc 9705 SV 5 Status (PDRs) 4.3. Doc 9739 Status 4.4. Further Validation Results 4.5. Future Work Programme & Schedule

5. SG B2 - Communication Infrastructure Services 5.1. Report of SG B2 5.2. SV 4 ULCS 5.2.1. Doc 9705 SV 4 Status (PDRs) 5.2.2. Doc 9739 Status 5.2.3. Further Validation Results 5.3. SV6 SM -Update of work/issues since Phuket 5.4. SV 7 DIR - Update of work/issues since Phuket 5.5. SV 9 REG - Update of work/issues since Phuket 5.6. Future Work Programme & Schedule

Page 7 of 11 WG-B/4 REPORT Draft A

6. SG B3 - ATN Security Services 6.1. Report of SG B3 meetings since WG B/3 6.2. Doc 9705 SV 8 Status (PDRs) 6.3. Doc 9739 Status 6.4. Further Validation Results 6.5. Future Work Programme & Schedule

7. Output of WG-B to JWG and other Groups

8. Future meetings of WG-B and its SGs

9. A.O.B.

***END***

Page 8 of 11 WG-B/4 REPORT Draft A Appendix B - Working Paper List for WG B Meeting 4.

ATNP Working Group B – ATN Communication Service Working Paper List

Fourth Meeting Toulouse, France 7- 10 October 2002

WP No. Agenda Presenter WP Title Item WP400 1 Rapporteur Working paper list for 4th WG-B Meeting WP401 2 Rapporteur Agenda WP402 3B Rapporteur Report of third WG B Meeting WP403 4 B. Cardwell Report of the 5th SG B1 Meeting WP404 6 T. McParland Report of Security Sub-Group (SG B3) Activities WP405 6 S. Blake-Wilson Summary Report of Edition 3 Security PDRs WP406 5 T. Kerr Summary Report of UCLS and Security ASO Issues WP407 6 T. Kerr Summary Report of "Persistance of Security State Information" Issue WP408 6 S. Blake-Wilson Summary Report of Confidentiality Solution WP409 5/6 T. Kerr Summary Report of "Addition of Confidentiality in UCLS and Applications" Issue WP410 6 S. Blake-Wilson Response to AMHS Security Questions (SGB3W0808a) WP411 6 T. McParland SGB3 Work Program WP412 5 T. Kerr SME4 Report WP413 7 B. Cardwell WG B Work Programme

Flimsy Agenda Presenter Flimsy Title No. Item FL#401

Page 9 of 11 WG-B/4 REPORT Draft A Appendix C - Attendee list for 4th ATNP B Meeting

NAME ORGANIZATION ADDRESS PHONE/FAX E-MAIL ADDRESS BROWN, Mark Oki Electric 4-10-3 Shibaura, Minato-ku, Tokyo +81-3-3454-2111 [email protected] Industry Co., Ltd 108-8551, JAPAN +81-3-3798 7623 BURGEMEISTER, Alvin B-twelve Assoc, 1103 W, Meeker St, Kent, +1-253-859-0515 [email protected] (Boeing) WA 98032-5751 US +1-253-852-4732 CARDWELL, Brian NATS Spectrum House, Gatwick Road, 44-1293-576 401 [email protected] Gatwick Airport South, 44-1293-576 381 West Sussex, UK RH6 0LG JAMPATHON, Aeronautical Radio 102 Ngamduplee, Tung Mahamek, 662-285-9006 [email protected] Bhumisathit of Thailand sathorn 662-285-9100 Bangkok 10120, THAILAND KERR, Tony CIVAL Consulting Conifers, Longhill Rd, Ascot, +44 1252 724386 [email protected] Ltd. Berkshire, +44 1252 724384 [email protected] SL5 8RE, UK KITCHENS, Kelly FAA/TRIOS 2216 N. Harrison St, Arlington, VA +1-202-645-5931 [email protected] 22205, US m MCPARLAND, Tom BCI/FAA BCI +1 609-641-9698 [email protected] 6712 Washington Ave, Suite 101 +1 609-641-0203 Egg Harbor Twp, NJ 08234 USA MOULTON, Jim ONS/FAA 22636 Glenn Drive, Suite 305 +1.703.481.9590 [email protected] Sterling, VA 20164 +1.703.481.9509 USA NAOVARATKOONCHA Aeronautical Radio 102 Ngamduplee, Tung Mahamek, 662-285-9578 [email protected] I, Thavit of Thailand sathorn Bangkok 10120, THAILAND PATEL, Vic FAA ACT-350 WJH Tech Centre, Atlantic City +1-609-485-5046 [email protected] Airport, Atlantic City, NJ, 08405, US PHILLIPS, Brent FAA 800 Independence Av, Washington 1-202-358-5311 [email protected]

Page 10 of 11 WG-B/4 REPORT Draft A DC 20591, USA +1-202-358-4922 PHRUKKUMWONG, Aeronautical Radio 102 Ngamduplee, Tung Mahamek, 662-285-9250 [email protected] Chanyut of Thailand sathorn 622-285-9253 Bangkok 10120, THAILAND RICCI, Christine STNA 1 Av Dr M Grynfogel B.P.1084 +33 5 62 14 54 82 christine.ricci@aviation- 31035 Toulouse, Cedex, FRANCE +33 5 62 14 54 02 civile.gouv.fr ROBINSON, David FAA/ AIR130 800 Independence Av, Washington +1-202-267-8625 [email protected] DC 20591, USA SAYADIAN, Leon FAA/ ASD-140 800 Independence Av, Washington +1-202-358 5316 [email protected] DC 20591, USA +1-202-358-4922 SUPANUNDHA, Aeronautical Radio 102 Ngamduplee, Tung Mahamek, 662-285-9246 [email protected] Nuttawat of Thailand sathorn 662-285-9253 Bangkok 10120, THAILAND VABRE, Pierre STNA 1 Avenue du Dr M Grynfogel - BP +33 5 62 14 57 61 pierre.vabre@aviation- 1084, 31035, Toulouse Cedex, +33 5 62 14 civile.gouv.fr FRANCE WILSON-BLAKE, Simon Certicom Corp 5520 Explorer Drive, 4th Floor, 905-501-3786 [email protected] Mississauga, Ontario, Canada L4W 905-507-4230 5L1

Page 11 of 11