Session Security Envelope

Document Type Expired Internet-Draft (individual)
Authors Robert Moskowitz  , Igor Faynberg  , Huilan Lu  , Susan Hares  , Pierpaolo Giacomin
Last updated 2017-12-29 (latest revision 2017-06-27)
Stream (None)
Intended RFC status (None)
Expired & archived
plain text xml htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This memo specifies the details of the Session Security Envelope (SSE). SSE is a session protocol aiming to guarantee confidentiality, integrity and authentication completely independently by the underlying context, namely network and transport layers. A single session using the SEE protocol can include a single transport session or multiple transport sessions. This mean that SSE can survive the break-down in network and transport layers or to attacks carried against them. SSE is also applicable in networks lacking in classic inter-networking and transport protocols SSE relies on modern AEAD block cipher modes of operations, a class of block cipher modes which allows, at the same time, to authenticate the message while encrypting a part of it.


Robert Moskowitz (
Igor Faynberg (
Huilan Lu (
Susan Hares (
Pierpaolo Giacomin (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)