[tsvwg] [Fwd: I-D Action: draft-westerlund-tsvwg-dtls-over-sctp-bis-01.txt]
Magnus Westerlund <magnus.westerlund@ericsson.com> Mon, 22 February 2021 17:34 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D90F3A1E30 for <tsvwg@ietfa.amsl.com>; Mon, 22 Feb 2021 09:34:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.671
X-Spam-Level:
X-Spam-Status: No, score=-2.671 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.57, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n6TcP1-AGxUH for <tsvwg@ietfa.amsl.com>; Mon, 22 Feb 2021 09:34:46 -0800 (PST)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20076.outbound.protection.outlook.com [40.107.2.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2157E3A0BCF for <tsvwg@ietf.org>; Mon, 22 Feb 2021 09:34:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=humscog3f9WgJpoZIBryYIYLfiHmAd8nswFdp8W+vIl6OanTBhuAzuVmzaY8hDLhg/yZWqeerQpvzTaCor/AAs9+x/dDf5UNDY8hyfprLIB1WXAMvQDYjIO/V/WXfWew4iFOKSDwJnUfCGccs0hWxk86pLLf0HlnESLW4vMfe1HYrjKeCIPLG3lm2I2M6XCkCcPFNPQgfdfJ8jnNd7jD5VR2hz88C4L3b2peDIUlZeIXDd7sHvc+PQk3e0FeR4eGYzG9eWyMqIU2s2DltD743mstKgVoO0axFzlg9/lmnw1AHb6C9xY5l7Gv9o6AYOWBiJqY2LqAzTNyYliltJLDeA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0srJQyAJA04lqA8zHnbPTiYnuG4xt10QvZHPu/nSjpI=; b=gOGtzvmPpAkyHLkgpu4KSSMiKUiUctsAW6svRBLutp52V7vbPQspcrPjG7DtwdoPzp78Jj9Lo+P3xxLqwkzYVWlVZyQ5p0hBwk4hPSlXCc70m2j1HuurxLqqVcZsGTynX2JLO94hORhw2Mc2p2n4HMuvo9fupvW4J3MtM4kbNfNQRTGRaLNe53Mh9AbDzQP5zzzRQDMuJVbL+XoZede6HQUWUVD4QVFiBgVlcMBUZCwwEwneG4CzYN3xboW0nPg64h/zx9iAKmPr8vMtOCW38o4dP+vaj45KVUUrZ2IvIXsNwRPejNfwcPz7w7hJp34AqksYQ4g0c4E7Nt4VhutjyQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0srJQyAJA04lqA8zHnbPTiYnuG4xt10QvZHPu/nSjpI=; b=G5xqxj4mY34a+IzCVhHx4olQVQvikxxpmsG+GTnA7l8B8WJ8+6XsGSMZ4CRGV1+RJD3QSp2ptIuxkwKGWMXhrY1qGbao9lLGnunKlU1dIYouMh8+V0WNcctc4RrbupQQq0r/4UrZilk7+nmVQxinuUOjVx+2bmlLa6SOxdVmL2g=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR0701MB2681.eurprd07.prod.outlook.com (2603:10a6:3:99::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.12; Mon, 22 Feb 2021 17:34:43 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::350a:7431:a670:a5b5]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::350a:7431:a670:a5b5%5]) with mapi id 15.20.3890.011; Mon, 22 Feb 2021 17:34:43 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "tsvwg@ietf.org" <tsvwg@ietf.org>
Thread-Topic: [Fwd: I-D Action: draft-westerlund-tsvwg-dtls-over-sctp-bis-01.txt]
Thread-Index: AQHXCUEBcki/BaO1bUSDAHRZSSk9Wg==
Date: Mon, 22 Feb 2021 17:34:42 +0000
Message-ID: <1167fdf257041b17825cb2ef695e140ecc6c393b.camel@ericsson.com>
References: <161401408139.12953.14729396441612064464@ietfa.amsl.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [192.176.1.81]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 830f4672-d153-4f9d-b8c2-08d8d75823d6
x-ms-traffictypediagnostic: HE1PR0701MB2681:
x-ms-exchange-minimumurldomainage: github.com#4885
x-microsoft-antispam-prvs: <HE1PR0701MB2681C19E6569E3C545C7442595819@HE1PR0701MB2681.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: OR6UjIvXMd77w/BlMjNJSoPbCMX2JHGpXozGsUVsPyXEib9MSRDXwrzC1KjcDbMrfO6aloc2HuLDXUpfdsDzWX22c0wiWZm2b8Jh/eHDy6qnKnVS96/0AmQT7mz1aaToTJ1xUx14QqRBIfbyj/6i/SmKQtXex4O5ix9Hn6l2xmsi0S/w7JyfKHUSG1VvxfcJzSthMMVBiOKRsE8DIJzV8IZYPoYRhOcGoMe3ci3pOHsqHzyX3ISR6sF6mjhjIz+qsqC+N3WKxiEMk7cc6e1NLcAAtCBIXiX9UsQQtKNeow4ZTxsnJqgZ74gEJzt2pnzIil5EdPZQM/UkO6tydXaqsh5b8mzESFbLi25zpfmZkiZ0CNrC66jnRfNZdmeUuiASzjWfIh0dPEDnGuTp6XWjWAdx4YVdfA6UsQhrIyO5AkFYxtCVNapebV6nY6uRkIemtm/KxREZ5DyPJ5j416oV08SYuNN9RaMA5qlzFUWE76D18m4ecXXI3GKekXnBD3m2DjKrmu3WuhwTIOlLp6xndwPCxbxnsFKEbMg6FZ7KIE6ufhLI7P5otn3h9lz1nz096uC0jU1SffTk5p84DNIbM7NpLC7h4uyegdwdSlR6bXdV+ipBeRAQwfjeKZBhAZmgyJCSRWDL4PoaxSGnvmjvBg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(396003)(376002)(366004)(346002)(39860400002)(6486002)(86362001)(66616009)(66476007)(5660300002)(478600001)(44832011)(4744005)(99936003)(71200400001)(6506007)(966005)(66446008)(66946007)(186003)(83380400001)(8676002)(6512007)(2906002)(64756008)(8936002)(6916009)(26005)(76116006)(66556008)(2616005)(36756003)(316002)(99106002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 5wgDW4Fc0yvKSh7COpgDgxYNmO7dmVtBiNmEm9jDxG6DMCAFdeyFjm2k2jml15wf9Mduw5Orlt8ICyjVbbRKWp6Ns3I35YrVCBe8pvfMWuT/8J3sazpz8SJ08S7HvVmSJeSs4XXsFZBcalxEeOj0NeOsihcAbwnwNa4DIbhVLnpBWVXbrhCkvt00405IiBY3QOWk9oQVUFQZM75cS4HU56WdcGtrtTYPDnTg1kES6Qbep9281A1e/5udsJL2hq4P3Mmn8bLxOOLx9Iy17IZ5F4Ve1LyQFu7u4v/UPo6OKo+P7dc9XxC3OevQ24Bo+uiImNTblipQQJk/M06GDNvsgR66SFgVha2BqC/01Sk6TVu0/GJx7jrVfNHk0ztu8Pax2DS4G0hkniNPfJlJGfE3z/o2AxqAID/Kpl3LGjkYgOgdPdHN1ld9b31mjShOIGZoJqZijMiB84PAtJ0dNmhN8C28zIHOAI0e88lN33NzFLj4XNMYpkAk2C/2TqXJRfT56mvKFHorJB+Bnw+OfwlBbtwuJJJSuTBLHtq1CtiGZkQPl+LKHXX8NwIR0f225VKxq66qOM7sFKcPRiGdGnrjXYHPr98FAiATtT5yrplJsVw8irHuCMn/D6GS86RgYE+BevIof900os/TLyRnQ1H6MKu6NDj8UfRS06RPPxoZFt9sR9lZveGwBXSJFdSBYtOLa7/edbZTpErtxcDOX51KLBizY2pYdY6wg6JihNfRkxQcOpNFudVUpXIEZptjEXe4RvanEq/ciCKUNI783nkvU7sE0VOuM59iakSXir6a4olXZU5A3Io7ahnjxV6u9DGAhRW4dSmWBvvzG3X0MzI2xpTygeeYhth0jjQFGCut06pRA+QooujARKHGN6TDjMOIwLhI55GgWOzsptPrQvuoNTJLY3sXrHGMQtiRJh4JZBanUmepH+X8L97AIBx2u7HlrMBzJzW4poUVAJw5jKHkrsInloFmTr+PQJ6z5S3k7Fa7wg43++Z/MuRSB+PPLfjTeGnYsR5PyPv+fkKkcxQNhdAoetp4x/MId3Si5hbbEpAoEB8LiZCrVLxekPjQIX51nHLQyZs7M80xDU5h79UQMB9ddJmtSAQd1AfhWM2Y3KUaHT3rbW7vw3Dr/mtjuP7Z47uVsWHbIbsawMF+OmnhdPCDIA/ppsHgb34Hlt3bHNEPLlbUgUOUrT3DsYCAgPdXTxu/CUy29WvLV52fAoKoSiMq1cjn+OLCJ5E8wLwjrp/RczgNkKXenV6oBvB7vDHQ8It3RYho/XrnlFbF/hh8vB3t2wWEVmx9IJJzdM5TST9dnc9KT3MnNKI7hUlqDNXY
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/x-pkcs7-signature"; boundary="=-GhEP6Sz66jzrfqYCssXQ"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 830f4672-d153-4f9d-b8c2-08d8d75823d6
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Feb 2021 17:34:43.0254 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 8/ym0eSdubBLmAWGwImcglRnavsUmy4VRKRL1Jna14UBNTMLZlTADzSBPMxY7zp9Ng4QA3GCpkCGQrr03eM9Y9yEeLGOcIyGq824jpW6Ho0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2681
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/NGmwqt27hdHi-rSzgGNn_KP-Ank>
Subject: [tsvwg] [Fwd: I-D Action: draft-westerlund-tsvwg-dtls-over-sctp-bis-01.txt]
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Feb 2021 17:34:49 -0000
Hi, We have updated the draft to address an number of issues, including the feedback we gotten from Gorry. One of the major changes in this version is to use the SCTP Adaptation Layer Indication mechanism to indicate that it is DTLS over SCTP one like to do and have thus been able to remove one of the proposed SCTP parameters reducing the impicat on the SCTP stack to support this update. We have also enabled renegotiation for DTLS 1.2 as that is a necessary feature to enable long living DTLS/SCTP associations. DTLS 1.3 rekeying also have some implications on the security parameters that are being discussed. We think this update of RFC 6083 is necessary due to several aspects and hope that more people are interested and willing to support in reviewing and discussing it. You can also submit and disuss issues here: https://github.com/gloinul/draft-westerlund-tsvwg-dtls-over-sctp-bis/issues Cheers Magnus Westerlund
--- Begin Message ---A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Datagram Transport Layer Security (DTLS) over Stream Control Transmission Protocol (SCTP) Authors : Magnus Westerlund John Preuß Mattsson Claudio Porfiri Michael Tüxen Filename : draft-westerlund-tsvwg-dtls-over-sctp-bis-01.txt Pages : 22 Date : 2021-02-22 Abstract: This document describes a proposed update for the usage of the Datagram Transport Layer Security (DTLS) protocol to protect user messages sent over the Stream Control Transmission Protocol (SCTP). DTLS over SCTP provides mutual authentication, confidentiality, integrity protection, and replay protection for applications that use SCTP as their transport protocol and allows client/server applications to communicate in a way that is designed to give communications privacy and to prevent eavesdropping and detect tampering or message forgery. Applications using DTLS over SCTP can use almost all transport features provided by SCTP and its extensions. This document intends to obsolete RFC 6083 and removes the 16 kB limitation on user message size by defining a secure user message fragmentation so that multiple DTLS records can be used to protect a single user message. It further updates the DTLS versions to use, as well as the HMAC algorithms for SCTP-AUTH, and simplifies the implementation by some stricter requirements on the establishment procedures. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-westerlund-tsvwg-dtls-over-sctp-bis/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-westerlund-tsvwg-dtls-over-sctp-bis-01.html A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-westerlund-tsvwg-dtls-over-sctp-bis-01 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt--- End Message ---
- [tsvwg] [Fwd: I-D Action: draft-westerlund-tsvwg-… Magnus Westerlund