资料包传输层安全 (英语:Datagram Transport Layer Security ,缩写为 DTLS),又译数据包传输层安全 ,是一种通讯协议,它向基于数据报 的应用提供发送安全性,使应用能以一种防止窃听、篡改 、伪造的方式[1] [2] 通信。DTLS协议基于面向字符串流 的TLS 协议,意在提供类似的安全保护。DTLS常用于流媒体 。由于DTLS采用UDP或SCTP而不是TCP,它能在用于创建VPN通道时避免“TCP熔断问题”。[3] [4]
下列文档定义DTLS:
DTLS 1.0的底层为TLS 1.1,DTLS 1.2的底层为TLS 1.2,DTLS 1.3的底层为TLS 1.3。DTLS 1.1并不存在,为了与TLS版本编号相协调,这个版本编号略过了。[2] 就像前期的DTLS版本一样,DTLS 1.3意在提供“[与TLS 1.3]等价的安全性保证,除顺序保护/不可重放性”。[6]
函数库 [ 编辑 ]
参考资料 [ 编辑 ]
^ 1.0 1.1 Rescorla, Eric; Modadugu, Nagendra. Datagram Transport Layer Security . April 2006. RFC 4347.
^ 2.0 2.1 2.2 Rescorla, Eric; Modadugu, Nagendra. Datagram Transport Layer Security Version 1.2 . January 2012. RFC 6347.
^ Titz, Olaf. Why TCP Over TCP Is A Bad Idea . 2001-04-23 [2015-10-17 ] . (原始内容存档 于2015-09-01).
^ Honda, Osamu; Ohsaki, Hiroyuki; Imase, Makoto; Ishizuka, Mika; Murayama, Junichi. Understanding TCP over TCP: effects of TCP tunneling on end-to-end throughput and latency. Atiquzzaman, Mohammed; Balandin, Sergey I (编). Performance, Quality of Service, and Control of Next-Generation Communication and Sensor Networks III 6011 . October 2005. Bibcode:2005SPIE.6011..138H . CiteSeerX 10.1.1.78.5815 . S2CID 8945952 . doi:10.1117/12.630496 .
^ Peck, M.; Igoe, K. Suite B Profile for Datagram Transport Layer Security / Secure Real-time Transport Protocol (DTLS-SRTP) . IETF . 2012-09-25 [2022-09-08 ] . (原始内容存档 于2021-02-25).
^ The Datagram Transport Layer Security (DTLS) Protocol Version 1.3 . [2022-09-08 ] . (原始内容存档 于2022-04-01).
^ LibreSSL 3.3.2 Release Notes . The OpenBSD Project. 2021-05-01 [2021-06-13 ] . (原始内容存档 于2022-12-05).
^ Julien Kauffmann. libsystools: A TLS/DTLS open source library for Windows/Linux using OpenSSL . SourceForge . [2022-09-08 ] . (原始内容存档 于2022-09-09).
^ 9.0 9.1 mbed TLS 2.0.0 released . ARM. 2015-07-13 [2015-08-25 ] . (原始内容存档 于2015-09-25).
^ NSS 3.14 release notes . Mozilla Developer Network. Mozilla. [2012-10-27 ] . (原始内容 存档于2013-01-17).
^ NSS 3.16.2 release notes . Mozilla Developer Network. Mozilla. 2014-06-30 [2014-06-30 ] . (原始内容存档 于2021-12-07).
^ As of version 1.0.2 . The OpenSSL Project. The OpenSSL Project. 2015-01-22 [2015-01-26 ] . (原始内容 存档于2014-09-04).
^ Ray Brown. pydtls - Datagram Transport Layer Security for Python . GitHub . [2022-09-08 ] . (原始内容存档 于2018-06-11).
^ Ray Brown. DTLS for Python . Python Software Foundation . [2022-09-08 ] . (原始内容存档 于2016-03-03).
^ Ray Brown/Mobius Software LTD. pydtls - Datagram Transport Layer Security for Python . GitHub . [2022-09-08 ] . (原始内容存档 于2022-09-08).
^ Ray Brown/Mobius Software LTD. DTLS for Python3 Based on PyDTLS . Python Software Foundation .
^ 17.0 17.1 An update is available that adds support for DTLS in Windows 7 SP1 and Windows Server 2008 R2 SP1 . Microsoft. [13 November 2012] . (原始内容存档 于2014-02-03).
^ Justinha. TLS (Schannel SSP) changes in Windows 10 and Windows Server 2016 . docs.microsoft.com. [2017-09-01 ] . (原始内容存档 于2018-02-28) (美国英语) .
^ Technical Note TN2287: iOS 5 and TLS 1.2 Interoperability Issues . iOS Developer Library. Apple Inc. [2012-05-03 ] . (原始内容存档 于2015-04-03).
^ Olaf Bergmann. tinydtls . Eclipse基金会 . [2022-09-08 ] . (原始内容存档 于2022-09-01).
^ Peter Waher. Waher.Security.DTLS . Waher Data AB . [2022-09-08 ] . (原始内容存档 于2022-09-08).
^ Dmitriy Tsvettsikh. Secure UDP communications using DTLS in pure js . GitHub . [2022-09-08 ] . (原始内容存档 于2019-03-23).
^ Dmitriy Tsvettsikh. DTLS in pure js . npm . [2022-09-08 ] . (原始内容存档 于2019-08-14).
^ Mobius Software LTD. Non blocking Java DTLS 实现 based on BouncyCastle and Netty . Mobius Software LTD . [2022-09-08 ] . (原始内容存档 于2019-03-23).
^ Sean DuBois. pion/dtls: DTLS 1.2 Server/Client 实现 for Go . GitHub . [2022-09-08 ] . (原始内容存档 于2019-12-26).
^ californium/scandium: DTLS 1.2 Server/Client 实现 for java and coap. Includes connection id extension. . Eclipse基金会 . [2022-09-08 ] . (原始内容存档 于2020-07-17).
^ SNF4J.ORG. Simple Network Framework for Java (SNF4J). . GitHub . [2022-09-08 ] . (原始内容存档 于2022-09-09).