Work Programme - Work Item Detailed Report

	Work Item Reference	ETSI Doc. Number	STF	Technical Body in Charge	Standard Not Ready For Download
	DTR/CYBER-00106	TR 103 953		CYBER
	Current Status (Click to View Full Schedule)	Latest Version	Cover Date	Standstill	Creation Date
	Draft receipt by ETSI Secretariat (2024-06-14)	0.0.6 Draft		View Standstill Information	2023-01-30
	Rapporteur	Technical Officer		Harmonised Standard
	Roger Eriksson	Kim Nordström		No

Title	Cyber Security (CYBER); Guidelines for TLMSP Usage Guidelines for TLMSP Usage
Scope and Field of Application	TLMSP (ETSI TS 103 523-2) is a feature-rich protocol and it could be unclear to some users how to configure it in different scenarios, i.e. when different application layer protocols are used, and when used for different services. A TR providing guidelines on the following topics is proposed: 1. how to map different parts (such as header fields, sub-parts of payload, etc) of the application layer protocol onto different TLMSP contexts, 2. how to assign access rights (read/write/delete/insert) to those contexts, 3. recommendations on usage of deletions and insertions by authorized middleboxes, 4. suitable format and content of TLMSP audit containers, 5. how to (in more specific detail) a. apply dynamic discovery of middleboxes, b. use the TLMSP alternative modes (TLS-fallback and TLMSP-proxying). In particular the items 2-5 will depend not only on the application protocol, but also on specifics of the service running over that protocol such as the type/functionality of middleboxes present, security threats, relevant security policies, etc. As the work progresses, other topics could be included, as identified. Examples of application layer protocols in scope include at least: HTTP, … Examples of services in scope includes at least: external access into corporate network, internet access from inside corporate network, data center usage, malware protection,…
Supporting Organizations	Cadzow Communications, ADVENICA AB, NCSC, BT plc, CIS

Keywords

Projects

Clusters

Frequencies

Mandates

Directives

Cyber Security

Security

Official Journal

Remarks

2024-06-13 nordstromkim Final draft for approval proposal in contribution CYBER(24)038024 was Accepted by CYBER

2024-06-04 erikssonro Draft contributed - V 0.0.6 contributed for Decision in CYBER(24)038024 as Final draft for approval

2024-06-04 erikssonro A new draft is uploaded - V 0.0.6 with status: Final draft for approval - with comment: Minor editorial changes

2024-05-29 erikssonro Draft contributed - V 0.0.5 contributed for Decision in CYBER(24)038008 as Final draft for approval

2024-05-29 erikssonro A new draft is uploaded - V 0.0.5 with status: Final draft for approval

2024-02-13 erikssonro Draft contributed - V 0.0.4 contributed for Discussion in CYBER(24)037007 as Early draft

2024-02-12 erikssonro A new draft is uploaded - V 0.0.4 with status: Early draft

2023-12-06 erikssonro Draft contributed - V 0.0.3 contributed for Discussion in CYBER(23)036025r1 as Early draft

2023-12-06 erikssonro Early draft proposal in contribution CYBER(23)036025 was Revised by CYBER

2023-11-30 erikssonro Draft contributed - V 0.0.3 contributed for Discussion in CYBER(23)036025 as Early draft

2023-11-30 erikssonro A new draft is uploaded - V 0.0.3 with status: Early draft

2023-09-11 erikssonro Draft contributed - V 0.0.2 contributed for Discussion in CYBER(23)035007 as Early draft

2023-09-11 erikssonro A new draft is uploaded - V 0.0.2 with status: Early draft

2023-05-16 erikssonro Draft contributed - V 0.0.1 contributed for Discussion in CYBER(23)034022 as Early draft

2023-05-16 erikssonro A new draft is uploaded - V 0.0.1 with status: Early draft

2023-02-24 ERIKSSON TB adoption of WI CYBER, see contribution CYBER(23)033008

2023-01-30 ERIKSSON WI proposed to TB CYBER, see contribution CYBER(23)033008