draft-ietf-lwig-security-protocol-comparison-04.txt   draft-ietf-lwig-security-protocol-comparison-05.txt 
LWIG Working Group J. Mattsson LWIG Working Group J. Mattsson
Internet-Draft F. Palombini Internet-Draft F. Palombini
Intended status: Informational Ericsson AB Intended status: Informational Ericsson AB
Expires: September 10, 2020 M. Vucinic Expires: May 6, 2021 M. Vucinic
INRIA INRIA
March 09, 2020 November 02, 2020
Comparison of CoAP Security Protocols Comparison of CoAP Security Protocols
draft-ietf-lwig-security-protocol-comparison-04 draft-ietf-lwig-security-protocol-comparison-05
Abstract Abstract
This document analyzes and compares the sizes of key exchange flights This document analyzes and compares the sizes of key exchange flights
and the per-packet message size overheads when using different and the per-packet message size overheads when using different
security protocols to secure CoAP. The analyzed security protocols security protocols to secure CoAP. The analyzed security protocols
are DTLS 1.2, DTLS 1.3, TLS 1.2, TLS 1.3, EDHOC, OSCORE, and Group are DTLS 1.2, DTLS 1.3, TLS 1.2, TLS 1.3, EDHOC, OSCORE, and Group
OSCORE. The DTLS and TLS record layers are analyzed with and without OSCORE. The DTLS and TLS record layers are analyzed with and without
6LoWPAN-GHC compression. DTLS is analyzed with and without 6LoWPAN-GHC compression. DTLS is analyzed with and without
Connection ID. Connection ID.
skipping to change at page 1, line 38 skipping to change at page 1, line 38
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 10, 2020. This Internet-Draft will expire on May 6, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 28 skipping to change at page 2, line 28
2.2.4. Cached Information . . . . . . . . . . . . . . . . . 12 2.2.4. Cached Information . . . . . . . . . . . . . . . . . 12
2.2.5. Resumption . . . . . . . . . . . . . . . . . . . . . 13 2.2.5. Resumption . . . . . . . . . . . . . . . . . . . . . 13
2.2.6. Without Connection ID . . . . . . . . . . . . . . . . 14 2.2.6. Without Connection ID . . . . . . . . . . . . . . . . 14
2.2.7. DTLS Raw Public Keys . . . . . . . . . . . . . . . . 15 2.2.7. DTLS Raw Public Keys . . . . . . . . . . . . . . . . 15
2.3. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . . 16 2.3. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.3.1. Message Sizes RPK + ECDHE . . . . . . . . . . . . . . 16 2.3.1. Message Sizes RPK + ECDHE . . . . . . . . . . . . . . 16
2.3.2. Message Sizes PSK + ECDHE . . . . . . . . . . . . . . 22 2.3.2. Message Sizes PSK + ECDHE . . . . . . . . . . . . . . 22
2.3.3. Message Sizes PSK . . . . . . . . . . . . . . . . . . 23 2.3.3. Message Sizes PSK . . . . . . . . . . . . . . . . . . 23
2.4. EDHOC . . . . . . . . . . . . . . . . . . . . . . . . . . 24 2.4. EDHOC . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.4.1. Message Sizes RPK . . . . . . . . . . . . . . . . . . 24 2.4.1. Message Sizes RPK . . . . . . . . . . . . . . . . . . 24
2.4.2. Message Sizes PSK . . . . . . . . . . . . . . . . . . 25 2.4.2. Summary . . . . . . . . . . . . . . . . . . . . . . . 25
2.4.3. message_1 . . . . . . . . . . . . . . . . . . . . . . 25 2.5. Conclusion . . . . . . . . . . . . . . . . . . . . . . . 25
2.4.4. message_2 . . . . . . . . . . . . . . . . . . . . . . 25 3. Overhead for Protection of Application Data . . . . . . . . . 26
2.4.5. message_3 . . . . . . . . . . . . . . . . . . . . . . 26 3.1. Summary . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.4.6. Summary . . . . . . . . . . . . . . . . . . . . . . . 26 3.2. DTLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . . 28
2.5. Conclusion . . . . . . . . . . . . . . . . . . . . . . . 26 3.2.1. DTLS 1.2 . . . . . . . . . . . . . . . . . . . . . . 28
3. Overhead for Protection of Application Data . . . . . . . . . 27 3.2.2. DTLS 1.2 with 6LoWPAN-GHC . . . . . . . . . . . . . . 28
3.1. Summary . . . . . . . . . . . . . . . . . . . . . . . . . 27 3.2.3. DTLS 1.2 with Connection ID . . . . . . . . . . . . . 29
3.2. DTLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . . 29 3.2.4. DTLS 1.2 with Connection ID and 6LoWPAN-GHC . . . . . 30
3.2.1. DTLS 1.2 . . . . . . . . . . . . . . . . . . . . . . 29 3.3. DTLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . 30
3.2.2. DTLS 1.2 with 6LoWPAN-GHC . . . . . . . . . . . . . . 29 3.3.1. DTLS 1.3 . . . . . . . . . . . . . . . . . . . . . . 30
3.2.3. DTLS 1.2 with Connection ID . . . . . . . . . . . . . 30 3.3.2. DTLS 1.3 with 6LoWPAN-GHC . . . . . . . . . . . . . . 31
3.2.4. DTLS 1.2 with Connection ID and 6LoWPAN-GHC . . . . . 31 3.3.3. DTLS 1.3 with Connection ID . . . . . . . . . . . . . 31
3.3. DTLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . 31 3.3.4. DTLS 1.3 with Connection ID and 6LoWPAN-GHC . . . . . 32
3.3.1. DTLS 1.3 . . . . . . . . . . . . . . . . . . . . . . 31 3.4. TLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . . . 32
3.3.2. DTLS 1.3 with 6LoWPAN-GHC . . . . . . . . . . . . . . 32 3.4.1. TLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . 32
3.3.3. DTLS 1.3 with Connection ID . . . . . . . . . . . . . 32 3.4.2. TLS 1.2 with 6LoWPAN-GHC . . . . . . . . . . . . . . 33
3.3.4. DTLS 1.3 with Connection ID and 6LoWPAN-GHC . . . . . 33 3.5. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . . 33
3.4. TLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . . . 33 3.5.1. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . 33
3.4.1. TLS 1.2 . . . . . . . . . . . . . . . . . . . . . . . 33 3.5.2. TLS 1.3 with 6LoWPAN-GHC . . . . . . . . . . . . . . 34
3.4.2. TLS 1.2 with 6LoWPAN-GHC . . . . . . . . . . . . . . 34 3.6. OSCORE . . . . . . . . . . . . . . . . . . . . . . . . . 34
3.5. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . . . 34 3.7. Group OSCORE . . . . . . . . . . . . . . . . . . . . . . 36
3.5.1. TLS 1.3 . . . . . . . . . . . . . . . . . . . . . . . 34 3.8. Conclusion . . . . . . . . . . . . . . . . . . . . . . . 36
3.5.2. TLS 1.3 with 6LoWPAN-GHC . . . . . . . . . . . . . . 35 4. Security Considerations . . . . . . . . . . . . . . . . . . . 37
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 37
3.6. OSCORE . . . . . . . . . . . . . . . . . . . . . . . . . 35 6. Informative References . . . . . . . . . . . . . . . . . . . 37
3.7. Group OSCORE . . . . . . . . . . . . . . . . . . . . . . 37 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 39
3.8. Conclusion . . . . . . . . . . . . . . . . . . . . . . . 37 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 39
4. Security Considerations . . . . . . . . . . . . . . . . . . . 38
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 38
6. Informative References . . . . . . . . . . . . . . . . . . . 38
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 40
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 40
1. Introduction 1. Introduction
This document analyzes and compares the sizes of key exchange flights This document analyzes and compares the sizes of key exchange flights
and the per-packet message size overheads when using different and the per-packet message size overheads when using different
security protocols to secure CoAP over UPD [RFC7252] and TCP security protocols to secure CoAP over UPD [RFC7252] and TCP
[RFC8323]. The analyzed security protocols are DTLS 1.2 [RFC6347], [RFC8323]. The analyzed security protocols are DTLS 1.2 [RFC6347],
DTLS 1.3 [I-D.ietf-tls-dtls13], TLS 1.2 [RFC5246], TLS 1.3 [RFC8446], DTLS 1.3 [I-D.ietf-tls-dtls13], TLS 1.2 [RFC5246], TLS 1.3 [RFC8446],
EDHOC [I-D.selander-lake-edhoc], OSCORE [RFC8613], and Group OSCORE EDHOC [I-D.ietf-lake-edhoc], OSCORE [RFC8613], and Group OSCORE
[I-D.ietf-core-oscore-groupcomm]. [I-D.ietf-core-oscore-groupcomm].
The DTLS and TLS record layers are analyzed with and without 6LoWPAN- The DTLS and TLS record layers are analyzed with and without 6LoWPAN-
GHC compression. DTLS is anlyzed with and without Connection ID GHC compression. DTLS is anlyzed with and without Connection ID
[I-D.ietf-tls-dtls-connection-id]. Readers are expected to be [I-D.ietf-tls-dtls-connection-id]. Readers are expected to be
familiar with some of the terms described in RFC 7925 [RFC7925], such familiar with some of the terms described in RFC 7925 [RFC7925], such
as ICV. Section 2 compares the overhead of key exchange, while as ICV. Section 2 compares the overhead of key exchange, while
Section 3 covers the overhead for protection of application data. Section 3 covers the overhead for protection of application data.
2. Overhead of Key Exchange Protocols 2. Overhead of Key Exchange Protocols
skipping to change at page 4, line 24 skipping to change at page 4, line 21
The DTLS overhead is dependent on the parameter Connection ID. The The DTLS overhead is dependent on the parameter Connection ID. The
following overheads apply for all Connection IDs of the same length, following overheads apply for all Connection IDs of the same length,
when Connection ID is used. when Connection ID is used.
The EDHOC overhead is dependent on the key identifiers included. The The EDHOC overhead is dependent on the key identifiers included. The
following overheads apply for Sender IDs of the same length. following overheads apply for Sender IDs of the same length.
All the overhead are dependent on the tag length. The following All the overhead are dependent on the tag length. The following
overheads apply for tags of the same length. overheads apply for tags of the same length.
Figure 1 compares the message sizes of EDHOC Figure 1 compares the message sizes of EDHOC [I-D.ietf-lake-edhoc]
[I-D.selander-lake-edhoc] with the DTLS 1.3 [I-D.ietf-tls-dtls13] and with the DTLS 1.3 [I-D.ietf-tls-dtls13] and TLS 1.3 [RFC8446]
TLS 1.3 [RFC8446] handshakes with connection ID. handshakes with connection ID.
===================================================================== =====================================================================
Flight #1 #2 #3 Total Flight #1 #2 #3 Total
--------------------------------------------------------------------- ---------------------------------------------------------------------
DTLS 1.3 RPK + ECDHE 150 373 213 736 DTLS 1.3 RPK + ECDHE 150 373 213 736
DTLS 1.3 Cached X.509/RPK + ECDHE 182 347 213 742 DTLS 1.3 Cached X.509/RPK + ECDHE 182 347 213 742
DTLS 1.3 PSK + ECDHE 184 190 57 431 DTLS 1.3 PSK + ECDHE 184 190 57 431
DTLS 1.3 PSK 134 150 57 341 DTLS 1.3 PSK 134 150 57 341
--------------------------------------------------------------------- ---------------------------------------------------------------------
EDHOC RPK + ECDHE 37 46 20 103 EDHOC RPK + ECDHE 37 46 20 103
EDHOC PSK + ECDHE 38 44 10 92 EDHOC X.509 + ECDHE 37 117 91 245
===================================================================== =====================================================================
Figure 1: Comparison of message sizes in bytes with Connection ID Figure 1: Comparison of message sizes in bytes with Connection ID
Figure 2 compares of message sizes of DTLS 1.3 [I-D.ietf-tls-dtls13] Figure 2 compares of message sizes of DTLS 1.3 [I-D.ietf-tls-dtls13]
and TLS 1.3 [RFC8446] handshakes without connection ID. and TLS 1.3 [RFC8446] handshakes without connection ID.
===================================================================== =====================================================================
Flight #1 #2 #3 Total Flight #1 #2 #3 Total
--------------------------------------------------------------------- ---------------------------------------------------------------------
skipping to change at page 17, line 32 skipping to change at page 17, line 32
Compression Methods (null) (2 bytes): Compression Methods (null) (2 bytes):
01 00 01 00
Extensions Length (2 bytes): Extensions Length (2 bytes):
LL LL LL LL
Extension - Supported Groups (x25519) (8 bytes): Extension - Supported Groups (x25519) (8 bytes):
00 0a 00 04 00 02 00 1d 00 0a 00 04 00 02 00 1d
Extension - Signature Algorithms (ecdsa_secp256r1_sha256) (8 bytes): Extension - Signature Algorithms(ecdsa_secp256r1_sha256)(8 bytes):
00 0d 00 04 00 02 08 07 00 0d 00 04 00 02 08 07
Extension - Key Share (42 bytes): Extension - Key Share (42 bytes):
00 33 00 26 00 24 00 1d 00 20 00 33 00 26 00 24 00 1d 00 20
00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15
16 17 18 19 1a 1b 1c 1d 1e 1f 16 17 18 19 1a 1b 1c 1d 1e 1f
Extension - Supported Versions (1.3) (7 bytes): Extension - Supported Versions (1.3) (7 bytes):
00 2b 00 03 02 03 04 00 2b 00 03 02 03 04
skipping to change at page 19, line 16 skipping to change at page 19, line 16
Handshake Header - Certificate Request (4 bytes): Handshake Header - Certificate Request (4 bytes):
0d LL LL LL 0d LL LL LL
Request Context (1 bytes): Request Context (1 bytes):
00 00
Extensions Length (2 bytes): Extensions Length (2 bytes):
LL LL LL LL
Extension - Signature Algorithms (ecdsa_secp256r1_sha256) (8 bytes): Extension - Signature Algorithms(ecdsa_secp256r1_sha256)(8 bytes):
00 0d 00 04 00 02 08 07 00 0d 00 04 00 02 08 07
Handshake Header - Certificate (4 bytes): Handshake Header - Certificate (4 bytes):
0b LL LL LL 0b LL LL LL
Request Context (1 bytes): Request Context (1 bytes):
00 00
Certificate List Length (3 bytes): Certificate List Length (3 bytes):
LL LL LL LL LL LL
skipping to change at page 24, line 29 skipping to change at page 24, line 29
2.3.3.3. flight_3 2.3.3.3. flight_3
There are no differences in overhead compared to Section 2.3.2.3. There are no differences in overhead compared to Section 2.3.2.3.
TLS 1.3 PSK flight_3 gives 57 bytes of overhead. TLS 1.3 PSK flight_3 gives 57 bytes of overhead.
2.4. EDHOC 2.4. EDHOC
This section gives an estimate of the message sizes of EDHOC with This section gives an estimate of the message sizes of EDHOC with
different authentication methods. All examples are given in CBOR authenticated with static Diffie-Hellman keys. All examples are
diagnostic notation and hexadecimal. given in CBOR diagnostic notation and hexadecimal, and are based on
the test vectors in Appendix B.2 of [I-D.ietf-lake-edhoc].
2.4.1. Message Sizes RPK 2.4.1. Message Sizes RPK
2.4.1.1. message_1 2.4.1.1. message_1
message_1 = ( message_1 = (
13, 13,
0, 0,
h'8D3EF56D1B750A4351D68AC250A0E883790EFC80A538A444EE9E2B57E244 h'8D3EF56D1B750A4351D68AC250A0E883790EFC80A538A444EE9E2B57E244
1A7C', 1A7C',
skipping to change at page 25, line 29 skipping to change at page 25, line 29
2.4.1.3. message_3 2.4.1.3. message_3
message_3 = ( message_3 = (
8, 8,
h'53C3991999A5FFB86921E99B607C067770E0' h'53C3991999A5FFB86921E99B607C067770E0'
) )
message_3 (20 bytes): message_3 (20 bytes):
08 52 53 c3 99 19 99 a5 ff b8 69 21 e9 9b 60 7c 06 77 70 e0 08 52 53 c3 99 19 99 a5 ff b8 69 21 e9 9b 60 7c 06 77 70 e0
2.4.2. Message Sizes PSK 2.4.2. Summary
2.4.3. message_1
message_1 = (
17,
0,
h'3662C4A71D624E8A4D9DFF879ABC6E2A0E745F82F497F7AFBEBFF3B01A8F
AB57',
14,
-17
)
message_1 (38 bytes):
11 00 58 20 36 62 c4 a7 1d 62 4e 8a 4d 9d ff 87 9a bc 6e 2a
0e 74 5f 82 f4 97 f7 af be bf f3 b0 1a 8f ab 57 0e 30
2.4.4. message_2
message_2 = (
h'A3967F6CF99B6DDC7E7C219D0D119A383F754001DF33515971EC6C842553
B776',
-24,
h'4F355451E069226F'
)
message_2 (44 bytes):
58 20 a3 96 7f 6c f9 9b 6d dc 7e 7c 21 9d 0d 11 9a 38 3f 75
40 01 df 33 51 59 71 ec 6c 84 25 53 b7 76 37 48 4f 35 54 51
e0 69 22 6f
2.4.5. message_3
message_3 = (
-24,
h'763BD2F3C10F0D45'
)
message_3 (10 bytes):
37 48 76 3b d2 f3 c1 0f 0d 45
2.4.6. Summary
The previous examples of typical message sizes are summarized in The typical message sizes for the previous example and for an example
of EDHOC authenticated with signature keys and X.509 certificates
based on Appendix B.1 of [I-D.ietf-lake-edhoc] are summarized in
Figure 5. Figure 5.
===================================================================== ===============================
PSK RPK x5t x5chain RPK x5t
--------------------------------------------------------------------- -------------------------------
message_1 38 37 37 37 message_1 37 37
message_2 44 46 117 110 + Certificate chain message_2 46 117
message_3 10 20 91 84 + Certificate chain message_3 20 91
--------------------------------------------------------------------- -------------------------------
Total 92 103 245 231 + Certificate chains Total 103 245
===================================================================== ===============================
Figure 5: Typical message sizes in bytes Figure 5: Typical message sizes in bytes
2.5. Conclusion 2.5. Conclusion
To do a fair comparison, one has to choose a specific deployment and To do a fair comparison, one has to choose a specific deployment and
look at the topology, the whole protocol stack, frame sizes (e.g. 51 look at the topology, the whole protocol stack, frame sizes (e.g. 51
or 128 bytes), how and where in the protocol stack fragmentation is or 128 bytes), how and where in the protocol stack fragmentation is
done, and the expected packet loss. Note that the number of byte in done, and the expected packet loss. Note that the number of bytes in
each frame that is available for the key exchange protocol may depend each frame that is available for the key exchange protocol may depend
on the underlying protocol layers as well as the number of hops in on the underlying protocol layers as well as on the number of hops in
multi-hop networks. The packet loss depends may depend on how many multi-hop networks. The packet loss may depend on how many other
other devices that are transmitting at the same time, and may devices are transmitting at the same time, and may increase during
increase during network formation. The total overhead will be larger network formation. The total overhead will be larger due to
due to mechanisms for fragmentation, retransmission, and packet mechanisms for fragmentation, retransmission, and packet ordering.
ordering. The overhead of fragmentation is roughly proportional to The overhead of fragmentation is roughly proportional to the number
the number of fragments, while the expected overhead due to of fragments, while the expected overhead due to retransmission in
retransmission in noisy environments is a superlinear function of the noisy environments is a superlinear function of the flight sizes.
flight sizes.
3. Overhead for Protection of Application Data 3. Overhead for Protection of Application Data
To enable comparison, all the overhead calculations in this section To enable comparison, all the overhead calculations in this section
use AES-CCM with a tag length of 8 bytes (e.g. AES_128_CCM_8 or AES- use AES-CCM with a tag length of 8 bytes (e.g. AES_128_CCM_8 or AES-
CCM-16-64), a plaintext of 6 bytes, and the sequence number '05'. CCM-16-64), a plaintext of 6 bytes, and the sequence number '05'.
This follows the example in [RFC7400], Figure 16. This follows the example in [RFC7400], Figure 16.
Note that the compressed overhead calculations for DLTS 1.2, DTLS Note that the compressed overhead calculations for DLTS 1.2, DTLS
1.3, TLS 1.2 and TLS 1.3 are dependent on the parameters epoch, 1.3, TLS 1.2 and TLS 1.3 are dependent on the parameters epoch,
skipping to change at page 38, line 34 skipping to change at page 37, line 34
5. IANA Considerations 5. IANA Considerations
This document has no actions for IANA. This document has no actions for IANA.
6. Informative References 6. Informative References
[I-D.ietf-core-oscore-groupcomm] [I-D.ietf-core-oscore-groupcomm]
Tiloca, M., Selander, G., Palombini, F., and J. Park, Tiloca, M., Selander, G., Palombini, F., and J. Park,
"Group OSCORE - Secure Group Communication for CoAP", "Group OSCORE - Secure Group Communication for CoAP",
draft-ietf-core-oscore-groupcomm-06 (work in progress), draft-ietf-core-oscore-groupcomm-09 (work in progress),
November 2019. June 2020.
[I-D.ietf-lake-edhoc]
Selander, G., Mattsson, J., and F. Palombini, "Ephemeral
Diffie-Hellman Over COSE (EDHOC)", draft-ietf-lake-
edhoc-01 (work in progress), August 2020.
[I-D.ietf-tls-dtls-connection-id] [I-D.ietf-tls-dtls-connection-id]
Rescorla, E., Tschofenig, H., and T. Fossati, "Connection Rescorla, E., Tschofenig, H., and T. Fossati, "Connection
Identifiers for DTLS 1.2", draft-ietf-tls-dtls-connection- Identifiers for DTLS 1.2", draft-ietf-tls-dtls-connection-
id-07 (work in progress), October 2019. id-07 (work in progress), October 2019.
[I-D.ietf-tls-dtls13] [I-D.ietf-tls-dtls13]
Rescorla, E., Tschofenig, H., and N. Modadugu, "The Rescorla, E., Tschofenig, H., and N. Modadugu, "The
Datagram Transport Layer Security (DTLS) Protocol Version Datagram Transport Layer Security (DTLS) Protocol Version
1.3", draft-ietf-tls-dtls13-34 (work in progress), 1.3", draft-ietf-tls-dtls13-38 (work in progress), May
November 2019. 2020.
[I-D.rescorla-tls-ctls] [I-D.rescorla-tls-ctls]
Rescorla, E., Barnes, R., and H. Tschofenig, "Compact TLS Rescorla, E., Barnes, R., and H. Tschofenig, "Compact TLS
1.3", draft-rescorla-tls-ctls-03 (work in progress), 1.3", draft-rescorla-tls-ctls-04 (work in progress), March
November 2019. 2020.
[I-D.selander-lake-edhoc]
Selander, G., Mattsson, J., and F. Palombini, "Ephemeral
Diffie-Hellman Over COSE (EDHOC)", draft-selander-lake-
edhoc-00 (work in progress), November 2019.
[IoT-Cert] [IoT-Cert]
Forsby, F., "Digital Certificates for the Internet of Forsby, F., "Digital Certificates for the Internet of
Things", June 2017, <https://kth.diva- Things", June 2017, <https://kth.diva-
portal.org/smash/get/diva2:1153958/FULLTEXT01.pdf>. portal.org/smash/get/diva2:1153958/FULLTEXT01.pdf>.
[OlegHahm-ghc] [OlegHahm-ghc]
Hahm, O., "Generic Header Compression", July 2016, Hahm, O., "Generic Header Compression", July 2016,
<https://github.com/OlegHahm/ghc>. <https://github.com/OlegHahm/ghc>.
 End of changes. 19 change blocks. 
118 lines changed or deleted 75 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/