[SDL 0317] SDL Protocol Security Specification

[theresalech]

Proposal: SDL Protocol Security Specification

This proposal adds the documentation and specification around protected communication, encryption and handshake to the SDL protocol specification. It is a collaborated effort with Ford and Luxoft to protect the implemented SDL security from unexpected changes and to allow SDL Evolution proposals to improve it.

Review: https://github.com/smartdevicelink/sdl_evolution/issues/1070

Steering Committee Decision: The Steering Committee voted to accept this proposal with the following revisions:

1. Remove "Note: Communication partners should set this field to zero" from the "Frame Info" and "Data Size" descriptions in the Change 1 table (https://github.com/smartdevicelink/sdl_evolution/blob/master/proposals/0317-sdl-protocol-security-specification.md#change-1-update-frame-header-fields-description).
2. In Proposed solution section (4.2.5 Start Service), change "See "Secured Communication" section for more details." to "See "7. Secured Communication" section for more details."
3. In Proposed solution section (7. Secured Communication), change "It is possible to establish a secured and encrypted communication with the system by setting the frame header encryption flag to 1 when starting a new service." to "It is possible to establish a secured and encrypted communication with the system by setting the frame header encryption flag to 1 when starting a new service or by sending another StartService with the encryption flag to 1 when the service is already established (this the required flow for the RPC service)."
4. Update Impact on existing code section to remove code changes related to Core/Mobile libraries, and update Impacted Platforms to only include "Protocol".

The proposal .md file was updated to reflect these revisions on 6/10/21

[jacobkeeler]

Closing via #41