RFC 3554 (rfc3554) - Page 1 of 9
On the Use of Stream Control Transmission Protocol (SCTP) with IPsec
Alternative Format: Original Text Document
Network Working Group S. Bellovin
Request for Comments: 3554 J. Ioannidis
Category: Standards Track AT&T Labs - Research
A. Keromytis
Columbia University
R. Stewart
Cisco
July 2003
On the Use of Stream Control Transmission Protocol (SCTP) with IPsec
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract
This document describes functional requirements for IPsec (RFC 2401)
and Internet Key Exchange (IKE) (RFC 2409) to facilitate their use in
securing SCTP (RFC 2960) traffic.
1. Introduction
The Stream Control Transmission Protocol (SCTP) is a reliable
transport protocol operating on top of a connection-less packet
network such as IP. SCTP is designed to transport PSTN signaling
messages over IP networks, but is capable of broader applications.
When SCTP is used over IP networks, it may utilize the IP security
protocol suite [RFC 2402][RFC 2406] for integrity and confidentiality.
To dynamically establish IPsec Security Associations (SAs), a key
negotiation protocol such as IKE [RFC 2409] may be used.
This document describes functional requirements for IPsec and IKE to
facilitate their use in securing SCTP traffic. In particular, we
discuss additional support in the form of a new ID type in IKE
[RFC 2409] and implementation choices in the IPsec processing to
accommodate for the multiplicity of source and destination addresses
associated with a single SCTP association.
Bellovin, et. al. Standards Track