Skip to main content

Trusted Traffic

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors John Jason Brzozowski , Kris Beevers , James Cariello, John Colton, Lutz Jacob , John Leddy , Josh Shaul , Lou Steinberg
Last updated 2018-11-23 (Latest revision 2018-05-22)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Current methods for managing traffic through content inspection tend to process all sessions similarly. Internet traffic examples like DDoS mitigation require all data to pass through one of a limited number of scrubbing centers, which create both natural choke points and the potential for widespread collateral damage should a center become overloaded. Similar issues exist with email SPAM and malware filtering, traffic shaping, etc. We propose a method to utilize existing HTTP and HTTPS protocols that enables destinations to temporarily confer trust on sources, and for trusted traffic to be routed and processed differently from untrusted traffic.


John Jason Brzozowski
Kris Beevers
James Cariello
John Colton
Lutz Jacob
John Leddy
Josh Shaul
Lou Steinberg

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)