Stream Control Transmission Protocol (SCTP) Security Threats

Document Type Replaced Internet-Draft (individual)
Author Randall Stewart 
Last updated 2006-01-20 (latest revision 2005-10-27)
Replaced by RFC 5062
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-tsvwg-sctpthreat
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Stream Control Transmission Protocol RFC2960 [2] is a multi-homed transport protocol. As such, unique security threats exists that are addressed in various ways within the protocol itself. This document attempts to detail the known security threats and there countermeasures as detailed in the current version of the SCTP Implementors guide (SCTP-IG). It is hoped that this information will provide some useful background information for many of the newest requirements spelled out in the SCTP-IG.


Randall Stewart (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)