…Rtype.) This document applies to both TLS [ RFC5246 ] and Datagram TLS (DTLS) [ RFC6347 ]. In order to make the document more readable, it mostly only talks about "TLS", but in all cases, it means "TLS or DTLS". Although the references in this paragraph are to TLS and DTLS versio…
… Layer Security (TLS) [ RFC5246 ] or Datagram Transport Layer Security (DTLS) [ RFC6347 ] transport endpoint. DANE relies on the DNS Security Extensions (DNSSEC) [ RFC4033 ]. DANE TLSA records validated by DNSSEC can be used to augment or replace the use of trusted public Certifi…
…ection). This is primarily useful for non-connection-oriented transports (see [ RFC6347 ] for an example of this). - Allowing the server to offload state to the client, thus allowing it to send a HelloRetryRequest without storing any state. The server can do this by storing the h…
…. Technology for providing this service (for instance, SRTP [ RFC3711 ], DTLS [ RFC6347 ] and DTLS-SRTP [ RFC5763 ]) is well understood. However, we must examine this technology in the WebRTC context, where the threat model is somewhat different. In general, it is important to un…
…347 ] was originally defined as a delta from TLS 1.1 [ RFC4346 ] and DTLS 1.2 [ RFC6347 ] was defined as a series of deltas to TLS 1.2 [ RFC5246 ]. There is no DTLS 1.1; that version number was skipped in order to harmonize version numbers with TLS. This specification describes t…
…version 1.2 or later of the Datagram Transport Layer Security (DTLS) protocol [ RFC6347 ]. ChaCha [ CHACHA ] is a stream cipher developed by D. J. Bernstein in 2008. It is a refinement of Salsa20, which is one of the selected ciphers in the eSTREAM portfolio [ ESTREAM ], and was …
US
rfc8446
https://www.rfc-editor.org/rfc/inline-errata/rfc8446.html
…tection). This is primarily useful for non-connection-oriented transports (see [RFC6347] for an example of this). - Allowing the server to offload state to the client, thus allowing it to send a HelloRetryRequest without storing any state. The server can do this by storing the ha…
…nd ¶ DTLS on top of UDP is realized according to the procedures in defined in [ RFC6347 ] . ¶ 8. TCP/DTLS/SCTP Transport Realization The TCP/DTLS/SCTP transport is realized as described below: ¶ SCTP on top of DTLS is realized according to the procedures defined in [ RFC8261 ] ; …
… defined in [ RFC4347 ] ; the present latest version, DTLS 1.2, is defined in [ RFC6347 ] ; and an upcoming version, DTLS 1.3, is defined in [ TLS-DTLS13 ] . ¶ 2. Conventions The key words " MUST ", " MUST NOT ", " REQUIRED ", " SHALL ", " SHALL NOT ", " SHOULD ", " SHOULD NOT ",…
…col (SCTP) [ RFC4960 encapsulated on Datagram Transport Layer Security (DTLS) [ RFC6347 ] to benefit from their transport and security already standardized features. . Opening handshake The opening handshake is based on the multimedia session description exchange that happens bet…
…]. o Stateless session tickets [RFC5077]. o A datagram mode of operation, DTLS [RFC6347]. o Application-layer protocol negotiation [RFC7301]. 6. Security Considerations This entire document aims to improve security by prohibiting the use of a protocol that is not secure. Barnes, …
…0 RFC4347 was originally defined as a delta from TLS 1.1 RFC4346 , and DTLS 1.2 RFC6347 was defined as a series of deltas to TLS 1.2 RFC5246 . There is no DTLS 1.1; that version number was skipped in order to harmonize version numbers with TLS. This specification describes the mo…
…vely over CoAP. o Security binding to Datagram Transport Layer Security (DTLS) [RFC6347]. 1.2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to b…
…ection). This is primarily useful for non-connection-oriented transports (see [ RFC6347 ] for an example of this). - Allowing the server to offload state to the client, thus allowing it to send a HelloRetryRequest without storing any state. The server can do this by storing the h…
…tection). This is primarily useful for non-connection-oriented transports (see [RFC6347] for an example of this). - Allowing the server to offload state to the client, thus allowing it to send a HelloRetryRequest without storing any state. The server can do this by storing the ha…