Security is a function, not a layer

Document Type Expired Internet-Draft (individual)
Author Mirja K├╝hlewind 
Last updated 2019-09-01 (latest revision 2019-02-28)
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document argues that security functions should be implemented on each layer as needed. Especially security functions should not be separated in its own layer. Having security scoped to the needs of each layer makes it possible to separate different functions correctly without the risk of impacting security on another layer. Note that this does not mean that each layer needs to maintain and negotiate it's on security context.


Mirja K├╝hlewind (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)