Data At Rest Encryption Part 2: DARE Container

Document Type Expired Internet-Draft (individual)
Author Phillip Hallam-Baker 
Last updated 2019-02-28 (latest revision 2018-08-27)
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes DARE Container, a message and file syntax that allows an append-only sequence of data frames to be represented with cryptographic integrity, signature and encryption enhancements. The format supports data integrity checks using digest chains and Merkle trees. The simplest supports efficient write operations and efficient read operations in either the forward or reverse direction. Support for efficient random-access reads may be provided through the use of binary trees or index records appended to the end of the file. This document is also available online at [1] .


Phillip Hallam-Baker (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)