RFC 9146
Connection Identifier for DTLS 1.2, March 2022
- File formats:
- Also available: XML file for editing
- Status:
- PROPOSED STANDARD
- Updates:
- RFC 6347
- Authors:
- E. Rescorla, Ed.
H. Tschofenig, Ed.
T. Fossati
A. Kraus - Stream:
- IETF
- Source:
- tls (sec)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9146
Discuss this RFC: Send questions or comments to the mailing list tls@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9146
Abstract
This document specifies the Connection ID (CID) construct for the Datagram Transport Layer Security (DTLS) protocol version 1.2.
A CID is an identifier carried in the record layer header that gives the recipient additional information for selecting the appropriate security association. In "classical" DTLS, selecting a security association of an incoming DTLS record is accomplished with the help of the 5-tuple. If the source IP address and/or source port changes during the lifetime of an ongoing DTLS session, then the receiver will be unable to locate the correct security context.
The new ciphertext record format with the CID also provides content type encryption and record layer padding.
This document updates RFC 6347.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.