Search RFCs
RFC 8548
Cryptographic Protection of TCP Streams (tcpcrypt),May 2019
- File formats:
- Status:
- EXPERIMENTAL
- Authors:
- A. Bittau
D. Giffin
M. Handley
D. Mazieres
Q. Slack
E. Smith - Stream:
- IETF
- Source:
- tcpinc (tsv)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC8548
Discuss this RFC: Send questions or comments to the mailing listtcpinc@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8548
Abstract
This document specifies "tcpcrypt", a TCP encryption protocoldesigned for use in conjunction with the TCP Encryption NegotiationOption (TCP-ENO). Tcpcrypt coexists with middleboxes by toleratingresegmentation, NATs, and other manipulations of the TCP header. Theprotocol is self-contained and specifically tailored to TCPimplementations, which often reside in kernels or other environmentsin which large external software dependencies can be undesirable.Because the size of TCP options is limited, the protocol requires oneadditional one-way message latency to perform key exchange beforeapplication data can be transmitted. However, the extra latency canbe avoided between two hosts that have recently established aprevious tcpcrypt connection.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.