US: GTFS static - Secure Internet (ITS)
Description:
This solution is used within Canada and the U.S.. It combines standards associated with US: GTFS static with those for I-I: Secure Internet (ITS). The US: GTFS static standards include upper-layer standards required to implement static, public, transit-related communications. The I-I: Secure Internet (ITS) standards include lower-layer standards that support secure communications between ITS equipment using X.509 or IEEE 1609.2 security certificates.Relevant Regions:
- Canada
- United States
Comm Profile: I-I: Secure Internet (ITS)
Comm Class: WAN - Wide Area Network
Standards in Profile:
| Level | Standard |
|---|---|
| Access | Internet Subnet Alternatives |
| Mgmt | Bundle: SNMPv3 MIB |
| Security | Secure Session Alternatives |
| TransNet | Internet Transport Alternatives |
| TransNet | IP Alternatives |
Data Profile: US: GTFS static
Standards in Profile:
| Level | Standard |
|---|---|
| Facilities | IETF RFC 4180 CSV Files |
| Facilities | IETF RFC 7159 JSON |
| Facilities | IETF RFC 9110 HTTP Semantics |
| Facilities | IETF RFC 9112 HTTP/1.1 |
| Facilities | ISO 21320-1 ZIP |
| ITS Application Entity | General Transit Feed Specification |
Solution Issues Severity: 10
The severity issue score calculation only includes issues associated with standards that are included by default.
Solution Issues:
| Default | Severity | Name | Type | Description |
|---|---|---|---|---|
| False | Medium | Option not standardized | Standardization Gap | The option set includes at least one option that is not (yet) defined in a standard. |
| False | Medium | Uncertainty about trust revocation mechanism | Security Gap | The mechanisms used to prevent bad actors from sending authorized messages is unproven. |
| True | Low | Not a standard (minor) | Standardization Gap | The document is publicly available and widely used but it is not currently a formal standard. |
| True | Medium | Outdated security reference | Security Gap | The standard solution includes an outdated security reference. |
| True | Medium | Performance not fully defined (medium) | ITS Info Gap | The performance rules are not fully defined for this information flow. |
| True | Medium | Secure data access not provided | Security Gap | The solution does not define rules on how the application entity authenticates requests to accept or provide data. |