[gnutls-help] DTLS Handshake between server and client.

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue Jun 24 11:57:02 CEST 2014


On Mon, Jun 23, 2014 at 9:14 AM, Sandeep Kumar <sandeepdas.cse at gmail.com> wrote:
> Hi,
> I've implemented a test program for server and client using the existing
> example of gnu-tls. This program emulates DTLS handshake over SCTP.
> There are several messages starting from client hello then hello verify
> request etc.
> All i want to know is that whether is it mandatory for server to verify the
> cookie for DTLS because if its case of SCTP the same is already done while
> complete SCTP Handshake.

A server doesn't need to send cookies, unless you want to protect from
a denial of service attack (possible under UDP, no idea whether
possible under SCTP). For more information see:
http://gnutls.org/manual/html_node/DTLS-sessions.html#DTLS-sessions

regards,
Nikos



More information about the Gnutls-help mailing list