Skip to main content

Datagram Transport Layer Security (DTLS) over Stream Control Transmission Protocol (SCTP)

Document Type Replaced Internet-Draft (candidate for tsvwg WG)
Expired & archived
Authors Magnus Westerlund , John Preuß Mattsson , Claudio Porfiri , Michael Tüxen
Last updated 2021-03-25 (Latest revision 2021-02-22)
Replaced by draft-ietf-tsvwg-dtls-over-sctp-bis
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Stream WG state Call For Adoption By WG Issued
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-tsvwg-dtls-over-sctp-bis
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document describes a proposed update for the usage of the Datagram Transport Layer Security (DTLS) protocol to protect user messages sent over the Stream Control Transmission Protocol (SCTP). DTLS over SCTP provides mutual authentication, confidentiality, integrity protection, and replay protection for applications that use SCTP as their transport protocol and allows client/server applications to communicate in a way that is designed to give communications privacy and to prevent eavesdropping and detect tampering or message forgery. Applications using DTLS over SCTP can use almost all transport features provided by SCTP and its extensions. This document intends to obsolete RFC 6083 and removes the 16 kB limitation on user message size by defining a secure user message fragmentation so that multiple DTLS records can be used to protect a single user message. It further updates the DTLS versions to use, as well as the HMAC algorithms for SCTP-AUTH, and simplifies the implementation by some stricter requirements on the establishment procedures.


Magnus Westerlund
John Preuß Mattsson
Claudio Porfiri
Michael Tüxen

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)