%% You should probably cite draft-friel-tls-atls instead of this I-D. @techreport{tschofenig-layered-tls-00, number = {draft-tschofenig-layered-tls-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-tschofenig-layered-tls/00/}, author = {Hannes Tschofenig and Mark Baugher}, title = {{Layered DTLS/TLS}}, pagetotal = 15, year = 2017, month = oct, day = 30, abstract = {TLS and increasingly also DTLS are frequently used to provide channel security for Internet of Things (IoT) communication. On the Web and smart phones, TLS is already the defacto approach for securing protocol interactions. While the end-to-end security offered by TLS, particularly TLS 1.3, is already too much for some, there are others who believe that TLS is insufficient. While the former group is working on ways to weaken TLS security, the latter group is interested in designing an application layer security solution. Whether application-layer security is used in addition to or as a substitute for transport-layer security is of secondary importance. However, the security needs for such an application layer solution are similar, if not identical, to those that drove the design of TLS. This is for an obvious reason: Security requirements are not tied to the name of a security protocol nor to the layer at which it is executed. One can make this observation also in other areas, such as with the increasing similarity of Internet Key Exchange (IKE) and the TLS handshake protocols. These discussions within the IETF inspired the document authors to explore whether TLS could actually be used also at the application layer and how complex it would be. We call this approach "Layered TLS" since TLS may, in some scenarios, be executed at two layers: above the transport layer in the traditional manner and also at the application layer.}, }