TLS is the standard protocol
used for securing TCP based Internet traffic. Previous versions of
TLS were known as SSL.
Datagram TLS (DTLS) is a protocol based on TLS that is capable of
securing datagram transport (UDP for instance).
DTLS is well suited for securing applications that are delay
sensitive (and hence use datagram transport), tunnelling
applications (VPN), and applications that tend to run out
of file descriptors or socket buffers.
[ apr 27, 2005 ]
DTLS is now part of of the OpenSSL repository.
openssl-0.9.8 will probably be the first release with DTLS support.
[ apr 26, 2005 ]
DTLS patch to openssl-0.9.7g
is available.
[ apr 19, 2005 ]
DTLS patch to OpenSSL CVS (tarball) is
available. To install:
$ tar -zxf openssl-cvs-head.tgz $ cd openssl-cvs-head $ patch -p1 < ../dtls.patchLook at apps/s_server.c and apps/s_client.c for an example of how to use DTLS (more documentation on its way!)
You can read the paper on DTLS
presented at NDSS
'04 and the
Internet draft for more information on the protocol.
There has also been some discussion on the TLS mailing list.