…s-deprecate-obsolete-kex-08 0x00,0x03 TLS_RSA_EXPORT_WITH_RC4_40_MD5 RFC4346 ][ RFC6347 ][ RFC-ietf-tls-deprecate-obsolete-kex-08 0x00,0x04 TLS_RSA_WITH_RC4_128_MD5 RFC5246 ][ RFC6347 ][ RFC-ietf-tls-deprecate-obsolete-kex-08 0x00,0x05 TLS_RSA_WITH_RC4_128_SHA RFC5246 ][ RFC6347 …

… client SHOULD retransmit the DTLS ClientHello according to Section 4.2.4.1 of [RFC6347] . After 15 seconds, it SHOULD cease attempts to retransmit its ClientHello. The client MAY repeat that procedure to discover if DNS over DTLS service becomes available from the DNS server, bu…

…], and the latest version when this RFC was published, DTLS 1.2, is defined in [RFC6347]. This encapsulation is used, for example, within the WebRTC protocol suite (see [RTC-OVERVIEW] for an overview) for transporting non-SRTP data between browsers. The architecture of this stack…

…th Transport Layer Security [ RFC8446 ] and Datagram Transport Layer Security [ RFC6347 ] . ¶ 3. Overview of Operation This section gives an overview of the operation of TURN. It is non-normative. ¶ In a typical configuration, a TURN client is connected to a private network [ RFC…

…e and Bob can set up a secure channel or channels. This is performed via DTLS [ RFC6347 ] and DTLS-SRTP [ RFC5763 ] keying for SRTP [ RFC3711 ] for the media channel and SCTP over DTLS [ RFC8261 ] for data channels. Specifically, Alice and Bob perform a DTLS handshake on every co…

…, and the latest version when this RFC was published, DTLS 1.2, is defined in [ RFC6347 ]. This encapsulation is used, for example, within the WebRTC protocol suite (see [ RTC-OVERVIEW ] for an overview) for transporting non-SRTP data between browsers. The architecture of this st…

…, and the latest version when this RFC was published, DTLS 1.2, is defined in [ RFC6347 ]. This encapsulation is used, for example, within the WebRTC protocol suite (see [ RTC-OVERVIEW ] for an overview) for transporting non-SRTP data between browsers. The architecture of this st…

…rt Layer Security (TLS) [RFC5246] and Datagram Transport Security Layer (DTLS) [RFC6347] are widely used to protect data exchanged over application protocols such as HTTP, SMTP, IMAP, POP, SIP, and XMPP. Over the last few years, several serious attacks on TLS have emerged, includ…

…plementations MUST properly handle remote endpoints which do ICE-Lite. o DTLS [ RFC6347 ] or DTLS-SRTP [ RFC5763 ], MUST be used, as appropriate for the media type, as specified in [ I-D.ietf-rtcweb-security-arch ] The SDES SRTP keying mechanism from [ RFC4568 ] MUST NOT be used,…

…Rtype.) This document applies to both TLS [ RFC5246 ] and Datagram TLS (DTLS) [ RFC6347 ]. In order to make the document more readable, it mostly only talks about "TLS", but in all cases, it means "TLS or DTLS". Although the references in this paragraph are to TLS and DTLS versio…

… Layer Security (TLS) [ RFC5246 ] or Datagram Transport Layer Security (DTLS) [ RFC6347 ] transport endpoint. DANE relies on the DNS Security Extensions (DNSSEC) [ RFC4033 ]. DANE TLSA records validated by DNSSEC can be used to augment or replace the use of trusted public Certifi…

…ection). This is primarily useful for non-connection-oriented transports (see [ RFC6347 ] for an example of this). - Allowing the server to offload state to the client, thus allowing it to send a HelloRetryRequest without storing any state. The server can do this by storing the h…

…. Technology for providing this service (for instance, SRTP [ RFC3711 ], DTLS [ RFC6347 ] and DTLS-SRTP [ RFC5763 ]) is well understood. However, we must examine this technology in the WebRTC context, where the threat model is somewhat different. In general, it is important to un…

…347 ] was originally defined as a delta from TLS 1.1 [ RFC4346 ] and DTLS 1.2 [ RFC6347 ] was defined as a series of deltas to TLS 1.2 [ RFC5246 ]. There is no DTLS 1.1; that version number was skipped in order to harmonize version numbers with TLS. This specification describes t…

…version 1.2 or later of the Datagram Transport Layer Security (DTLS) protocol [ RFC6347 ]. ChaCha [ CHACHA ] is a stream cipher developed by D. J. Bernstein in 2008. It is a refinement of Salsa20, which is one of the selected ciphers in the eSTREAM portfolio [ ESTREAM ], and was …