Connection Identifier for DTLS 1.2, March 2022
- File formats:
- PROPOSED STANDARD
- RFC 6347
- E. Rescorla, Ed.
H. Tschofenig, Ed.
- tls (sec)
Discuss this RFC: Send questions or comments to email@example.com
This document specifies the Connection ID (CID) construct for the Datagram Transport Layer Security (DTLS) protocol version 1.2.
A CID is an identifier carried in the record layer header that gives the recipient additional information for selecting the appropriate security association. In "classical" DTLS, selecting a security association of an incoming DTLS record is accomplished with the help of the 5-tuple. If the source IP address and/or source port changes during the lifetime of an ongoing DTLS session, then the receiver will be unable to locate the correct security context.
The new ciphertext record format with the CID also provides content type encryption and record layer padding.
This document updates RFC 6347.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.