diff options
Diffstat (limited to 'doc/cha-gtls-app.texi')
-rw-r--r-- | doc/cha-gtls-app.texi | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 37b00514da..18f8938697 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -794,6 +794,7 @@ remaining until the next retransmission, or better the time until * Asynchronous operation:: * Reducing round-trips:: * DTLS sessions:: +* DTLS and SCTP:: @end menu @node Asynchronous operation @@ -914,6 +915,23 @@ a path MTU discovery mechanism @xcite{RFC4821}. @showfuncC{gnutls_dtls_set_mtu,gnutls_dtls_get_mtu,gnutls_dtls_get_data_mtu} +@node DTLS and SCTP +@subsection DTLS and SCTP + +Although DTLS can run under any reliable or unreliable layer, there are +special requirements for SCTP according to @xcite{RFC6083}. We summarize the +most important below, however for a full treatment we refer to @xcite{RFC6083}. + +@itemize +@item The MTU set via @funcref{gnutls_dtls_set_mtu} must be 2^14. +@item Replay detection must be disabled; use the flag @code{GNUTLS_NO_REPLAY_PROTECTION} with @funcref{gnutls_init}. +@item Retransmission of messages must be disabled; use @funcref{gnutls_dtls_set_timeouts} + with a retransmission timeout larger than the total. +@item Handshake, Alert and ChangeCipherSpec messages must be sent over stream 0 with unlimited reliability + and with the ordered delivery feature. +@item During a rehandshake, the caching of messages with unknown epoch is + not handled by GnuTLS; this must be implemented in a special pull function. +@end itemize @node TLS handshake @section TLS handshake |