Tunneling TCP based protocols through Web proxy servers

Document Type Expired Internet-Draft (individual)
Author Ari Luotonen 
Last updated 1998-08-27
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document specifies a generic tunneling mechanism for TCP based protocols through Web proxy servers. This tunneling mechanism was initially introduced for the SSL protocol [SSL] to allow secure Web traffic to pass through firewalls, but its utility is not limited to SSL. Earlier drafts of this specification were titled 'Tunneling SSL through Web Proxy Servers' <draft-luotonen-ssl-tunneling-XX.txt>. Implementations of this tunneling feature are commonly referred to as 'SSL tunneling', although, again, it can be used for tunneling any TCP based protocol. A wide variety of existing client and proxy server implementations conform to this specification. The purpose of this specification is to describe the current practice, to propose some good practices for implementing this specification, and to document the security considerations that are involved with this protocol.


Ari Luotonen (luotonen@netscape.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)