Hi all, Owen and I have been working on a new version of ATLS, which you can find here: https://tools.ietf.org/html/draft-friel-tls-atls-03
The plain version (with the DTLS record layer for protecting application data) is used by Cisco and by us in products. We did, however, add extra functionality to allow the establishment of an OSCORE and COSE security context. (Conceptually, this is similar to what was done many years ago with the DTLS-SRTP framework for media security.) What this work provides us is re-use of existing TLS/DTLS stacks for application layer security. While the actual standardization work is rather small, we noticed that the idea of using TLS/DTLS handshake at the application layer is still something that's difficult to understand. I ran into people who thought it is not possible to use TLS/DTLS handshake at the application layer. For those people, the additional background text in the draft is quite helpful. Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
