Application-Layer TLS
draft-friel-tls-over-http-00

Document Type Replaced Internet-Draft (individual)
Last updated 2017-10-30
Replaced by draft-friel-tls-atls
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-friel-tls-atls
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-friel-tls-over-http-00.txt

Abstract

Many clients need to establish secure connections to application services but face challenges establishing these connections due to the presence of middleboxes that terminate TLS connections from the client and restablish new TLS connections to the service. This document defines a mechanism for transporting TLS records in HTTP message bodies between clients and services. This enables clients and services to establish secure connections using TLS at the application layer, and treat any middleboxes that are intercepting traffic at the network layer as untrusted transport. In short, this mechanism moves the TLS handshake up the OSI stack to the application layer.

Authors

Owen Friel (ofriel@cisco.com)
Richard Barnes (rlb@ipv.sx)
Max Pritikin (pritikin@cisco.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)