Skip to main content

Service Identity in TLS

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: The IESG <>,,,,,,
Subject: Protocol Action: 'Service Identity in TLS' to Proposed Standard (draft-ietf-uta-rfc6125bis-15.txt)

The IESG has approved the following document:
- 'Service Identity in TLS'
  (draft-ietf-uta-rfc6125bis-15.txt) as Proposed Standard

This document is the product of the Using TLS in Applications Working Group.

The IESG contact persons are Murray Kucherawy, Paul Wouters and Francesca

A URL of this Internet-Draft is:

Ballot Text

Technical Summary

   Many application technologies enable secure communication between two
   entities by means of Transport Layer Security (TLS) with Internet
   Public Key Infrastructure Using X.509 (PKIX) certificates.  This
   document specifies procedures for representing and verifying the
   identity of application services in such interactions.

   This document obsoletes RFC 6125.

Working Group Summary

   There was broad consensus and positive feedback. The only thing
   worth mentioning was an issue on IDNA2008 vs UTS-46 that was raised.
   Chairs ran a call for consensus and concluded that the working group had no
   consensus to profile or elaborate in great detail on the differences
   between IDNA2008 and UTS-46.

Document Quality

   As it is a bis document with advise, implementations out there (hopefully)
   used the help from this document. The document provides further clarifications
   and help for applications with proper verification of TLS server certificates.


   The Document Shepherd for this document is Orie Steele. The Responsible
   Area Director is Paul Wouters.

RFC Editor Note