[Docs] [txt|pdf] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: (draft-tuexen-tsvwg-dtls-for-sctp) 00 01 02 03 04 05 06 RFC 6083

Network Working Group                                          M. Tuexen
Internet-Draft                                             R. Seggelmann
Intended status: Standards Track      Muenster Univ. of Applied Sciences
Expires: March 5, 2011                                       E. Rescorla
                                                              RTFM, Inc.
                                                       September 1, 2010


Datagram Transport Layer Security (DTLS) for Stream Control Transmission
                            Protocol (SCTP)
                 draft-ietf-tsvwg-dtls-for-sctp-06.txt

Abstract

   This document describes the usage of the Datagram Transport Layer
   Security (DTLS) protocol over the Stream Control Transmission
   Protocol (SCTP).

   DTLS over SCTP provides communications privacy for applications that
   use SCTP as its transport protocol and allows client/server
   applications to communicate in a way that is designed to prevent
   eavesdropping and detect tampering or message forgery.

   Applications using DTLS over SCTP can use almost all transport
   features provided by SCTP and its extensions.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on March 5, 2011.

Copyright Notice

   Copyright (c) 2010 IETF Trust and the persons identified as the
   document authors.  All rights reserved.




Tuexen, et al.            Expires March 5, 2011                 [Page 1]

Internet-Draft                DTLS for SCTP               September 2010


   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
   2.  Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . 4
   3.  DTLS Considerations . . . . . . . . . . . . . . . . . . . . . . 4
   4.  SCTP Considerations . . . . . . . . . . . . . . . . . . . . . . 5
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7
   6.  Security Considerations . . . . . . . . . . . . . . . . . . . . 8
   7.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 8
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . . . 8
     8.1.  Normative References  . . . . . . . . . . . . . . . . . . . 8
     8.2.  Informative References  . . . . . . . . . . . . . . . . . . 9
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . . . 9



























Tuexen, et al.            Expires March 5, 2011                 [Page 2]

Internet-Draft                DTLS for SCTP               September 2010


1.  Introduction

1.1.  Overview

   This document describes the usage of the Datagram Transport Layer
   Security (DTLS) protocol, as defined in [RFC4347], over the Stream
   Control Transmission Protocol (SCTP), as defined in [RFC4960].

   DTLS over SCTP provides communications privacy for applications that
   use SCTP as its transport protocol and allows client/server
   applications to communicate in a way that is designed to prevent
   eavesdropping and detect tampering or message forgery.

   Applications using DTLS over SCTP can use almost all transport
   features provided by SCTP and its extensions.

   TLS, from which DTLS was derived, is designed to run on top of a
   byte-stream oriented transport protocol providing a reliable, in-
   sequence delivery.  Thus, TLS is currently mainly being used on top
   of the Transmission Control Protocol (TCP), as defined in [RFC0793].

   TLS over SCTP as described in [RFC3436] has some serious limitations:

   o  It does not support the unordered delivery of SCTP user messages.

   o  It does not support partial reliability as defined in [RFC3758].

   o  It only supports the usage of the same number of streams in both
      directions.

   o  It uses a TLS connection for every bidirectional stream, which
      requires a substantial amount of resources and message exchanges
      if a large number of streams is used.

   DTLS over SCTP as described in this document overcomes these
   limitations of TLS over SCTP.  Especially DTLS/SCTP supports

   o  preservation of message boundaries.

   o  a large number of uni-directional and bi-directional streams.

   o  ordered and unordered delivery of SCTP user messages.

   o  the partial reliability extension as defined in [RFC3758].

   o  the dynamic address reconfiguration extension as defined in
      [RFC5061].




Tuexen, et al.            Expires March 5, 2011                 [Page 3]

Internet-Draft                DTLS for SCTP               September 2010


   However, the following limitations still apply:

   o  The maximum user message size is 2^14 bytes, which is the DTLS
      limit.

   o  The DTLS user cannot perform the SCTP-AUTH key management, because
      this is done by the DTLS layer.

   The method described in this document requires that the SCTP
   implementation supports the optional feature of fragmentation of SCTP
   user messages as defined in [RFC4960] and the SCTP authentication
   extension defined in [RFC4895].

1.2.  Terminology

   This document uses the following terms:

   Association:  An SCTP association.

   Stream:  A unidirectional stream of an SCTP association.  It is
      uniquely identified by a stream identifier.

1.3.  Abbreviations

   DTLS:  Datagram Transport Layer Security.

   MTU:  Maximum Transmission Unit.

   PPID:  Payload Protocol Identifier.

   SCTP:  Stream Control Transmission Protocol.

   TCP:  Transmission Control Protocol.

   TLS:  Transport Layer Security.


2.  Conventions

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].


3.  DTLS Considerations






Tuexen, et al.            Expires March 5, 2011                 [Page 4]

Internet-Draft                DTLS for SCTP               September 2010


3.1.  Version of DTLS

   This document is based on [RFC4347] and it is expected that DTLS/SCTP
   as described in this document will work with future versions of DTLS.

3.2.  Message Sizes

   DTLS limits the DTLS user message size to the current Path MTU minus
   the header sizes.  For the purposes of running over SCTP, the DTLS
   path MTU MUST be considered to be 2^14.

3.3.  Replay Detection

   The replay detection of DTLS may result in the DTLS layer dropping
   messages.  Since DTLS/SCTP provides a reliable service if requested
   by the application, replay detection cannot be used.  Therefore,
   replay detection of DTLS MUST NOT be used.

3.4.  Path MTU Discovery

   SCTP provides Path MTU discovery and fragmentation / reassembly for
   user-messages.  According to Section 3.2 DTLS can send maximum sized
   messages.  Therefore, Path MTU discovery of DTLS MUST NOT be used.

3.5.  Retransmission of Messages

   SCTP provides a reliable