User's Manual
Configuring RIPSO on an IP Interface
308625-14.00 Rev 00
3-3
The format of the security label is as follows:
• Octet 1 contains a type value of 82
(16)
, identifying the basic security option
format.
• Octet 2 specifies the length of the option (three or more octets, depending on
the presence or absence of authority flags).
• Octet 3 specifies the security classification levels for the datagrams. Valid
security classification levels include:
• Octet 4 and beyond identify the protection authorities under whose rules the
datagram is classified at the specified level. (If no authorities have been
identified, then this field is not used.)
The first 7 bits (0 through 6) are flags. Each flag represents a protection
authority. The flags defined for octet 4 are as follows:
3D
(16)
Top S e cret
5A
(16)
Secret
96
(16)
Confidential
AB
(16)
Unclassified
Bit 0 GENSER General Services (as per DoD 5200.28)
Bit 1 SIOP-ESI DoD (Organization of the Joint Chiefs of Staff)
Bit 2 SCI Central Intelligence Agency
Bit 3 NSA National Security Agency
Bit 4 DOE Department of Energy
Bit 5 Reserved
Bit 6 Reserved
Bit 7 Termination
indicator
Note: Bit 7 acts as a “more” bit, indicating that another octet (containing
additional authority flags) follows.