draft-ietf-isms-dtls-tm-13.txt   draft-ietf-isms-dtls-tm-14.txt 
ISMS W. Hardaker ISMS W. Hardaker
Internet-Draft Sparta, Inc. Internet-Draft Sparta, Inc.
Intended status: Standards Track May 7, 2010 Intended status: Standards Track May 7, 2010
Expires: November 8, 2010 Expires: November 8, 2010
Transport Layer Security (TLS) Transport Model for the Simple Network Transport Layer Security (TLS) Transport Model for the Simple Network
Management Protocol (SNMP) Management Protocol (SNMP)
draft-ietf-isms-dtls-tm-13.txt draft-ietf-isms-dtls-tm-14.txt
Abstract Abstract
This document describes a Transport Model for the Simple Network This document describes a Transport Model for the Simple Network
Management Protocol (SNMP), that uses either the Transport Layer Management Protocol (SNMP), that uses either the Transport Layer
Security protocol or the Datagram Transport Layer Security (DTLS) Security protocol or the Datagram Transport Layer Security (DTLS)
protocol. The TLS and DTLS protocols provide authentication and protocol. The TLS and DTLS protocols provide authentication and
privacy services for SNMP applications. This document describes how privacy services for SNMP applications. This document describes how
the TLS Transport Model (TLSTM) implements the needed features of a the TLS Transport Model (TLSTM) implements the needed features of a
SNMP Transport Subsystem to make this protection possible in an SNMP Transport Subsystem to make this protection possible in an
skipping to change at page 22, line 7 skipping to change at page 22, line 7
multiple DTLS connections, which is specifically needed for DTLS over multiple DTLS connections, which is specifically needed for DTLS over
UDP sessions. It is assumed that TLS protocol implementations UDP sessions. It is assumed that TLS protocol implementations
already provide appropriate message demultiplexing. already provide appropriate message demultiplexing.
Section 5.1.2 describes the transport processing required once the Section 5.1.2 describes the transport processing required once the
(D)TLS processing has been completed. This will be needed for all (D)TLS processing has been completed. This will be needed for all
(D)TLS-based connections. (D)TLS-based connections.
5.1.1. DTLS over UDP Processing for Incoming Messages 5.1.1. DTLS over UDP Processing for Incoming Messages
For connection-oriented transport protocols, such as TCP, the Demultiplexing of incoming packets into separate DTLS sessions MUST
transport protocol takes care of demultiplexing incoming packets to be implemented. For connection-oriented transport protocols, such as
the right connection. Depending on the DTLS implementation, for DTLS TCP, the transport protocol takes care of demultiplexing incoming
over UDP, this demultiplexing may need to be done by the TLSTM packets to the right connection. Depending on the DTLS
implementation, for DTLS over UDP, this demultiplexing will either
need to be done within the TLS implementation or by the TLSTM
implementation. implementation.
Like TCP, DTLS over UDP uses the four-tuple <source IP, destination Like TCP, DTLS over UDP uses the four-tuple <source IP, destination
IP, source port, destination port> for identifying the connection IP, source port, destination port> for identifying the connection
(and relevant DTLS connection state). This means that when (and relevant DTLS connection state). This means that when
establishing a new session, implementations MUST use a different UDP establishing a new session, implementations MUST use a different UDP
source port number for each active connection to a remote destination source port number for each active connection to a remote destination
IP-address/port-number combination to ensure the remote entity can IP-address/port-number combination to ensure the remote entity can
disambiguate between multiple connections. disambiguate between multiple connections.
 End of changes. 2 change blocks. 
5 lines changed or deleted 7 lines changed or added

This html diff was produced by rfcdiff 1.38. The latest version is available from http://tools.ietf.org/tools/rfcdiff/