Skip to main content

SNI Encryption in TLS Through Tunneling

Document Type Replaced Internet-Draft (tls WG)
Authors Christian Huitema , Eric Rescorla
Last updated 2017-07-20 (Latest revision 2017-07-03)
Replaced by RFC 8744
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
Stream WG state Candidate for WG Adoption
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-tls-sni-encryption
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This draft describes the general problem of encryption of the Server Name Identification (SNI) parameter. The proposed solutions hide a Hidden Service behind a Fronting Service, only disclosing the SNI of the Fronting Service to external observers. The draft starts by listing known attacks against SNI encryption, discusses the current "co-tenancy fronting" solution, and then presents two potential TLS layer solutions that might mitigate these attacks. The first solution is based on TLS in TLS "quasi tunneling", and the second solution is based on "combined tickets". These solutions only require minimal extensions to the TLS protocol.


Christian Huitema
Eric Rescorla

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)