Datagram Transport Layer Security (DTLS)? What is it?
- DTLS is used to assemble TLS over datagram (UDP/Protocol 17, Datagram Congestion Control Protocol (DCCP), see RFC-4340 for further insights, etc...).
- Conflicting of existing answers abroad, DTLS is not an implementation of TLS over UDP (or datagram protocols in general).
- It includes characteristics of a TLS-like handshake, modified to work over datagram protocols.
- The implementation does handle the problems of packet reordering and loss, but only for the packets used for the DTLS handshake (and cipher selection).
- Furthermore, while the DTLS protocol (v1.2) is assumed from the TLS protocol (v1.2) and claims to "provide equivalent security guarantees", it does not. In 2013, researchers identified major security shortcomings in both implementations, DTLS and in the TLS protocol itself, that since been rectified, at least in current draft proposal of DTLS1.3.
- For further readings please see the IEEE draft: Datagram Transport Layer Security (DTLS) Protocol Version 1.3, as of the latest revision 2020-03-09.