Cryptographic protection of TCP Streams (tcpcrypt)
draft-bittau-tcpinc-tcpcrypt-04
Document | Type |
Replaced Internet-Draft
(individual in tsv area)
Expired & archived
|
|
---|---|---|---|
Authors | Andrea Bittau, Dan Boneh , Daniel B. Giffin , Mike Hamburg , Mark J. Handley , David Mazieres , Quinn Slack , Eric W. Smith | ||
Last updated | 2015-10-17 | ||
Replaced by | draft-ietf-tcpinc-tcpcrypt | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Intended RFC status | Proposed Standard | ||
Formats | |||
Stream | WG state | (None) | |
Document shepherd | (None) | ||
IESG | IESG state | Replaced by draft-ietf-tcpinc-tcpcrypt | |
Action Holders |
(None)
|
||
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | Martin Stiemerling | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document specifies tcpcrypt, a cryptographic protocol that protects TCP payload data and is negotiated by means of the TCP Encryption Negotiation Option (TCP-ENO) [I-D.ietf-tcpinc-tcpeno]. Tcpcrypt coexists with middleboxes by tolerating resegmentation, NATs, and other manipulations of the TCP header. The protocol is self-contained and specifically tailored to TCP implementations, which often reside in kernels or other environments in which large external software dependencies can be undesirable. Because of option size restrictions, the protocol requires one additional one-way message latency to perform key exchange. However, this cost is avoided between two hosts that have recently established a previous tcpcrypt connection.
Authors
Andrea Bittau
Dan Boneh
Daniel B. Giffin
Mike Hamburg
Mark J. Handley
David Mazieres
Quinn Slack
Eric W. Smith
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)