Skip to main content

Datagram Transport Layer Security (DTLS) in the Stream Control Transmission Protocol (SCTP) CRYPTO Chunk

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Magnus Westerlund , John Preuß Mattsson , Claudio Porfiri
Last updated 2023-12-30 (Latest revision 2023-06-28)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document defines a usage of Datagram Transport Layer Security (DTLS) 1.2 or 1.3 to protect the content of Stream Control Transmission Protocol (SCTP) packets using the framework provided by the SCTP CRYPTO chunk which we name DTLS in SCTP. DTLS in SCTP provides encryption, source authentication, integrity and replay protection for the SCTP association with mutual authentication of the peers. The specification is also targeting very long-lived sessions of weeks and months and supports mutual re-authentication and rekeying with ephemeral key exchange. This is intended as an alternative to using DTLS/SCTP (RFC 6083) and SCTP-AUTH (RFC 4895).


Magnus Westerlund
John Preuß Mattsson
Claudio Porfiri

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)