RFC 9146

Connection Identifier for DTLS 1.2, March 2022

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Also available: XML file for editing
 
Status:
PROPOSED STANDARD
Updates:
RFC 6347
Authors:
E. Rescorla, Ed.
H. Tschofenig, Ed.
T. Fossati
A. Kraus
Stream:
IETF
Source:
tls (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9146

Discuss this RFC: Send questions or comments to the mailing list tls@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9146


Abstract

This document specifies the Connection ID (CID) construct for the Datagram Transport Layer Security (DTLS) protocol version 1.2.

A CID is an identifier carried in the record layer header that gives the recipient additional information for selecting the appropriate security association. In "classical" DTLS, selecting a security association of an incoming DTLS record is accomplished with the help of the 5-tuple. If the source IP address and/or source port changes during the lifetime of an ongoing DTLS session, then the receiver will be unable to locate the correct security context.

The new ciphertext record format with the CID also provides content type encryption and record layer padding.

This document updates RFC 6347.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search