[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Datagram TLS
On Fri, 30 Jan 2004, Scott Fluhrer wrote:
>
>
> On Fri, 30 Jan 2004, Eric Rescorla wrote:
>
> > This seems relevant to these working groups.
> >
> > Although TLS is quite useful as a generic security layer protocol for
> > lots of applications, it is limited by its reliance on datagram
> > transport. It seems like it would be useful to deploy TLS-style security
> > for datagram apps. To this end, Nagendra Modadugu and I have designed a
> > variant on TLS which works properly over datagram transport but is
> > otherwise intended to be as similar to TLS as possible.
> >
> > http://www.ietf.org/internet-drafts/draft-rescorla-dtls-00.txt
> >
> > Comments welcome...
>
> One obvious question is how you handle the switchover if one of the sides
> decides to rekey. In this case, a packet encrypted with the old key
> might be slow, and arrive at the destination after the rekey
> negotiation has completed. TLS handles this because it can assume strict
> message ordering. IPSec handles this with the SPI value. How does DTLS
> prevent a packet being decrypted with the wrong key?
Never mind... While writing this, I came across the epoch flag, that
handles precisely this. I went to cancel the email and accidentally hit
Send... :-(
--
scott