Transport Layer Security (TLS) Extensions
RFC 4366
Document Type RFC - Proposed Standard (April 2006; No errata)
Obsoleted by RFC 5246, RFC 6066
Updated by RFC 5746
Obsoletes RFC 3546
Updates RFC 4346
Last updated 2020-07-29
Stream IETF
Formats plain text html pdf htmlized bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 4366 (Proposed Standard)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Russ Housley
Send notices to ekr@networkresonance.com
Email authors Email WG IPR 3 References Referenced by Nits 
Network Working Group                                    S. Blake-Wilson
Request for Comments: 4366                                           BCI
Obsoletes: 3546                                               M. Nystrom
Updates: 4346                                               RSA Security
Category: Standards Track                                     D. Hopwood
                                                  Independent Consultant
                                                            J. Mikkelsen
                                                         Transactionware
                                                               T. Wright
                                                                Vodafone
                                                              April 2006

               Transport Layer Security (TLS) Extensions

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document describes extensions that may be used to add
   functionality to Transport Layer Security (TLS).  It provides both
   generic extension mechanisms for the TLS handshake client and server
   hellos, and specific extensions using these generic mechanisms.

   The extensions may be used by TLS clients and servers.  The
   extensions are backwards compatible: communication is possible
   between TLS clients that support the extensions and TLS servers that
   do not support the extensions, and vice versa.

Blake-Wilson, et al.        Standards Track                     [Page 1]
RFC 4366                     TLS Extensions                   April 2006

Table of Contents

   1. Introduction ....................................................3
      1.1. Conventions Used in This Document ..........................5
   2. General Extension Mechanisms ....................................5
      2.1. Extended Client Hello ......................................5
      2.2. Extended Server Hello ......................................6
      2.3. Hello Extensions ...........................................6
      2.4. Extensions to the Handshake Protocol .......................8
   3. Specific Extensions .............................................8
      3.1.  Server Name Indication ....................................9
      3.2.  Maximum Fragment Length Negotiation ......................11
      3.3.  Client Certificate URLs ..................................12
      3.4.  Trusted CA Indication ....................................15
      3.5. Truncated HMAC ............................................16
      3.6. Certificate Status Request ................................17
   4. Error Alerts ...................................................19
   5. Procedure for Defining New Extensions ..........................20
   6. Security Considerations ........................................21
      6.1. Security of server_name ...................................22
      6.2. Security of max_fragment_length ...........................22
      6.3. Security of client_certificate_url ........................22
      6.4. Security of trusted_ca_keys ...............................24
      6.5. Security of truncated_hmac ................................24
      6.6. Security of status_request ................................25
   7. Internationalization Considerations ............................25
   8. IANA Considerations ............................................25
   9. Acknowledgements ...............................................27
   10. Normative References ..........................................27
   11. Informative References ........................................28

Blake-Wilson, et al.        Standards Track                     [Page 2]
RFC 4366                     TLS Extensions                   April 2006

1.  Introduction

   This document describes extensions that may be used to add
   functionality to Transport Layer Security (TLS).  It provides both
   generic extension mechanisms for the TLS handshake client and server
   hellos, and specific extensions using these generic mechanisms.

   TLS is now used in an increasing variety of operational environments,
   many of which were not envisioned when the original design criteria
   for TLS were determined.  The extensions introduced in this document
   are designed to enable TLS to operate as effectively as possible in
   new environments such as wireless networks.

   Wireless environments often suffer from a number of constraints not
   commonly present in wired environments.  These constraints may
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools