TLS and DTLS Security Modules

Document Type Expired Internet-Draft (individual)
Author Pascal Urien 
Last updated 2020-06-17 (latest revision 2019-12-15)
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Security and trust are very critical topics in the context of the anywhere, anytime, anything internet connectivity. TLS and DTLS are two major IETF protocols widely used to secure IP exchanges. According to CoAP, DTLS is the protocol used by constraint nodes in the Internet of Things (IoT) context. In this draft we specify an ISO7816 interface for TLS and DTLS secure modules based on ISO7816 secure chips, which are today manufactured per billions every year. Secure elements are cheap secure microcontrollers whose size is about 25mm2 and whose security is ranked by evaluations typically according to Common Criteria (CC) standards. The support of TLS and DTLS is based on the EAP-TLS protocol, and the IETF draft "EAP Support in smartcard" describing EAP-TLS support for secure elements. First implementation demonstrates that such low cost security modules are realistic, with a setup time for handshake completion under the second.


Pascal Urien (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)