RFC 3436 (rfc3436) - Page 2 of 9

Transport Layer Security over Stream Control Transmission Protocol

RFC 3436                     TLS over SCTP                December 2002


1.  Introduction

1.1.  Overview

   This document describes the usage of the Transport Layer Security
   (TLS) protocol, as defined in [RFC 2246], over the Stream Control
   Transmission Protocol (SCTP), as defined in [RFC 2960] and [RFC 3309].

   TLS is designed to run on top of a byte-stream oriented transport
   protocol providing a reliable, in-sequence delivery.  Thus, TLS is
   currently mainly being used on top of the Transmission Control
   Protocol (TCP), as defined in [RFC 793].

   Comparing TCP and SCTP, the latter provides additional features and
   this document shows how TLS should be used with SCTP to provide some
   of these additional features to the TLS user.

   This document defines:

   -   how to use the multiple streams feature of SCTP.

   -   how to handle the message oriented nature of SCTP.

   It should be noted that the TLS user can take advantage of the multi-
   homing support of SCTP.  The dynamic reconfiguration of IP-addresses,
   as currently being discussed, can also be used with the described
   solution.

   The method described in this document does not require any changes of
   TLS or SCTP.  It is only required that SCTP implementations support
   the optional feature of fragmentation of SCTP user messages.

1.2.  Terminology

   This document uses the following terms:

      Association:
         An SCTP association.

      Connection:
         A TLS connection.

      Session:
         A TLS session.

      Stream:
         A unidirectional stream of an SCTP association.  It is uniquely
         identified by a stream identifier.



Jungmaier, et al.           Standards Track