A Survey of the Interaction between Security Protocols and Transport Services
RFC 8922

Document Type RFC - Informational (October 2020; No errata)
Authors Theresa Enghardt  , Tommy Pauly  , Colin Perkins  , Kyle Rose  , Christopher Wood 
Last updated 2020-10-21
Replaces draft-pauly-taps-transport-security
Stream IETF
Formats plain text html xml pdf htmlized bibtex
Reviews
Additional Resources
- GitHub Repository
- Mailing list discussion
Stream WG state Submitted to IESG for Publication
Document shepherd Philipp Tiesel
Shepherd write-up Show (last changed 2019-10-04)
IESG IESG state RFC 8922 (Informational)
Consensus Boilerplate Yes
Telechat date
Responsible AD Magnus Westerlund
Send notices to Philipp Tiesel <philipp@tiesel.net>, caw@heapingbits.net
IANA IANA review state Version Changed - Review Needed
IANA action state No IANA Actions


Internet Engineering Task Force (IETF)                       T. Enghardt
Request for Comments: 8922                                     TU Berlin
Category: Informational                                         T. Pauly
ISSN: 2070-1721                                               Apple Inc.
                                                              C. Perkins
                                                   University of Glasgow
                                                                 K. Rose
                                               Akamai Technologies, Inc.
                                                                 C. Wood
                                                              Cloudflare
                                                            October 2020

  A Survey of the Interaction between Security Protocols and Transport
                                Services

Abstract

   This document provides a survey of commonly used or notable network
   security protocols, with a focus on how they interact and integrate
   with applications and transport protocols.  Its goal is to supplement
   efforts to define and catalog Transport Services by describing the
   interfaces required to add security protocols.  This survey is not
   limited to protocols developed within the scope or context of the
   IETF, and those included represent a superset of features a Transport
   Services system may need to support.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are candidates for any level of Internet
   Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8922.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction
     1.1.  Goals
     1.2.  Non-goals
   2.  Terminology
   3.  Transport Security Protocol Descriptions
     3.1.  Application Payload Security Protocols
       3.1.1.  TLS
       3.1.2.  DTLS
     3.2.  Application-Specific Security Protocols
       3.2.1.  Secure RTP
     3.3.  Transport-Layer Security Protocols
       3.3.1.  IETF QUIC
       3.3.2.  Google QUIC
       3.3.3.  tcpcrypt
       3.3.4.  MinimaLT
       3.3.5.  CurveCP
     3.4.  Packet Security Protocols
       3.4.1.  IPsec
       3.4.2.  WireGuard
       3.4.3.  OpenVPN
   4.  Transport Dependencies
     4.1.  Reliable Byte-Stream Transports
     4.2.  Unreliable Datagram Transports
       4.2.1.  Datagram Protocols with Defined Byte-Stream Mappings
     4.3.  Transport-Specific Dependencies
   5.  Application Interface
     5.1.  Pre-connection Interfaces
     5.2.  Connection Interfaces
     5.3.  Post-connection Interfaces
     5.4.  Summary of Interfaces Exposed by Protocols
   6.  IANA Considerations
   7.  Security Considerations
   8.  Privacy Considerations
   9.  Informative References
   Acknowledgments
   Authors' Addresses

1.  Introduction

   Services and features provided by transport protocols have been
   cataloged in [RFC8095].  This document supplements that work by
   surveying commonly used and notable network security protocols, and
   identifying the interfaces between these protocols and both transport
   protocols and applications.  It examines Transport Layer Security
   (TLS), Datagram Transport Layer Security (DTLS), IETF QUIC, Google
   QUIC (gQUIC), tcpcrypt, Internet Protocol Security (IPsec), Secure
   Real-time Transport Protocol (SRTP) with DTLS, WireGuard, CurveCP,
   and MinimaLT.  For each protocol, this document provides a brief
   description.  Then, it describes the interfaces between these
   protocols and transports in Section 4 and the interfaces between
   these protocols and applications in Section 5.

   A Transport Services system exposes an interface for applications to
   access various (secure) transport protocol features.  The security
   protocols included in this survey represent a superset of
Show full document text