Skip to main content

Encrypted Sessions In CCNx (ESIC)

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Marc Mosko , Christopher A. Wood
Last updated 2018-04-19 (Latest revision 2017-09-12)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document describes how to transport CCNx packets inside an encrypted session between peers that share a traffic secret, such as that which is derived from [CCNxKE]. The peers create an outer naming context to identify the encryption session in one direction between the consumer and the producer. The consumer sends encrypted Interest messages to the producer, who responds with encrypted Content Objects. Inside the outer context, the consumer sends Interests with different names, which the producer may respond to or may send InterestReturns for. There does not need to be a naming relationship between the outer names and the inner names. The inner content is still protected by normal CCNx authentication mechanisms and possiby encrypted under other schemes.


Marc Mosko
Christopher A. Wood

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)