DDS-SECURITY 1.2 RTF Avatar
  1. OMG Issue

DDSSEC12 — Meeting CNSSP-15 security requirements

  • Key: DDSSEC12-90
  • Status: open  
  • Source: Real-Time Innovations ( Gerardo Pardo-Castellote)
  • Summary:

    The goal of this issues is to identify incorporate any additions that would allow systems built using DDS-Security to meet the CNSSP-15 security requirements.
    https://imlive.s3.amazonaws.com/Federal%20Government/ID151830346965529215587195222610265670631/CNSSP15.pdf)

    This is an important requirements for many systems and we are running into many users that are asking whether DDS-Security can be used to meet CNSSP-15 security requirements.

    It seems like currently the "builtin plugins" are not enough because they do not include support for stronger asymmetric key algorithms. For example when using ECDSA digital signatures the minimal requirement is using 384-bit keys (e,g, NITS's Curve P-384). However the builtin plugins only include support for 256 bit EC keys.

  • Reported: DDS-SECURITY 1.1b1 — Fri, 11 Jun 2021 01:34 GMT
  • Updated: Thu, 21 Oct 2021 10:42 GMT