{"draft":"draft-ietf-tls-dtls-connection-id-13","doc_id":"RFC9146","title":"Connection Identifier for DTLS 1.2","authors":["E. Rescorla, Ed.","H. Tschofenig, Ed.","T. Fossati","A. Kraus"],"format":["HTML","TEXT","PDF","XML"],"page_count":"14","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Transport Layer Security","abstract":"This document specifies the Connection ID (CID) construct for the\r\nDatagram Transport Layer Security (DTLS) protocol version 1.2.\r\n\r\nA CID is an identifier carried in the record layer header that gives\r\nthe recipient additional information for selecting the appropriate\r\nsecurity association. In \"classical\" DTLS, selecting a security\r\nassociation of an incoming DTLS record is accomplished with the help\r\nof the 5-tuple. If the source IP address and\/or source port changes\r\nduring the lifetime of an ongoing DTLS session, then the receiver\r\nwill be unable to locate the correct security context.\r\n\r\nThe new ciphertext record format with the CID also provides content\r\ntype encryption and record layer padding.\r\n\r\nThis document updates RFC 6347.","pub_date":"March 2022","keywords":["NAT rebinding"],"obsoletes":[],"obsoleted_by":[],"updates":["RFC6347"],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9146","errata_url":null}