Protocol Action: 'The ALPN HTTP Header Field' to Proposed Standard (draft-ietf-httpbis-tunnel-protocol-05.txt)

The IESG has approved the following document:
- 'The ALPN HTTP Header Field'
  (draft-ietf-httpbis-tunnel-protocol-05.txt) as Proposed Standard

This document is the product of the Hypertext Transfer Protocol Working
Group.

The IESG contact persons are Ben Campbell, Barry Leiba and Alissa Cooper.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-httpbis-tunnel-protocol/




Technical Summary
This specification allows HTTP CONNECT requests to indicate what protocol will be used
within the tunnel once established, using the ALPN header field.

Review and Consensus
This document was discussed in WG meetings as well as on-list, with a
broad selection of participants.

Some participants were concerned that the mechanism is not verifiable;
i.e., an intermediary does not have any assurance that the protocol in
use inside an encrypted tunnel is actually advertised. We found this to
be acceptable, because of the nature of the mechanism: it is not
designed to provide such assurances, but to allow coordination between
cooperating (or semi-cooperating) actors.

This mechanism is explicitly linked to ALPN, to resolve the question
about whether this mechanism can be used when TLS is not in use, and
the ambiguity that the use of ALPN entails when it is not.

Personnel
Mark Nottingham is the document shepherd; Barry Leiba is the responsible Area Director.

Received on Wednesday, 8 July 2015 22:31:27 UTC