Appendix A. Overview of DTLS

Appendix A. Overview of DTLS

This section provides a brief overview of Datagram TLS (DTLS) for those who are not familiar with it. DTLS is a channel security protocol based on the well-known Transport Layer Security (TLS) [RFC5246] protocol. Where TLS depends on a reliable transport channel (typically TCP), DTLS has been adapted to support unreliable transports such as UDP. Otherwise, DTLS is nearly identical to TLS and generally supports the same cryptographic mechanisms.

Each DTLS association begins with a handshake exchange during which the peers authenticate each other and negotiate algorithms, modes, and other parameters and establish shared keying material. In order to support unreliable transport, each side maintains retransmission timers to provide reliable delivery of these messages. Once the handshake is completed, encrypted data may be sent.

Client                                               Server

ClientHello                  -------->
                                                   ServerHello
                                                  Certificate*
                                            ServerKeyExchange*
                                           CertificateRequest*
                            <--------      ServerHelloDone
Certificate*
ClientKeyExchange
CertificateVerify*
[ChangeCipherSpec]
Finished                     -------->
                                            [ChangeCipherSpec]
                            <--------             Finished
Application Data             <------->     Application Data

         '*' indicates messages that are not always sent.

Application data is protected by being sent as a series of DTLS "records". These records are independent and can be processed correctly even in the face of loss or reordering. In DTLS-SRTP, this record protocol is replaced with SRTP [RFC3711].