TLS and DTLS Security Modules
draft-urien-uta-tls-dtls-security-module-09
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | Pascal Urien | ||
Last updated | 2020-06-17 (Latest revision 2019-12-15) | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Security and trust are very critical topics in the context of the anywhere, anytime, anything internet connectivity. TLS and DTLS are two major IETF protocols widely used to secure IP exchanges. According to CoAP, DTLS is the protocol used by constraint nodes in the Internet of Things (IoT) context. In this draft we specify an ISO7816 interface for TLS and DTLS secure modules based on ISO7816 secure chips, which are today manufactured per billions every year. Secure elements are cheap secure microcontrollers whose size is about 25mm2 and whose security is ranked by evaluations typically according to Common Criteria (CC) standards. The support of TLS and DTLS is based on the EAP-TLS protocol, and the IETF draft "EAP Support in smartcard" describing EAP-TLS support for secure elements. First implementation demonstrates that such low cost security modules are realistic, with a setup time for handshake completion under the second.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)