6.5.6 DTLS and SCTP
Although DTLS can run under any reliable or unreliable layer, there are
special requirements for SCTP according to [RFC6083]. We summarize the
most important below, however for a full treatment we refer to [RFC6083].
- The MTU set via gnutls_dtls_set_mtu must be 2^14.
- Replay detection must be disabled; use the flag
GNUTLS_NO_REPLAY_PROTECTION with gnutls_init.
- Retransmission of messages must be disabled; use gnutls_dtls_set_timeouts
with a retransmission timeout larger than the total.
- Handshake, Alert and ChangeCipherSpec messages must be sent over stream 0 with unlimited reliability
and with the ordered delivery feature.
- During a rehandshake, the caching of messages with unknown epoch is
not handled by GnuTLS; this must be implemented in a special pull function.