RFC 8547
TCP-ENO: Encryption Negotiation Option, May 2019
- File formats:
- Status:
- EXPERIMENTAL
- Authors:
- A. Bittau
D. Giffin
M. Handley
D. Mazieres
E. Smith - Stream:
- IETF
- Source:
- tcpinc (tsv)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC8547
Discuss this RFC: Send questions or comments to the mailing list tcpinc@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8547
Abstract
Despite growing adoption of TLS, a significant fraction of TCP traffic on the Internet remains unencrypted. The persistence of unencrypted traffic can be attributed to at least two factors. First, some legacy protocols lack a signaling mechanism (such as a STARTTLS command) by which to convey support for encryption, thus making incremental deployment impossible. Second, legacy applications themselves cannot always be upgraded and therefore require a way to implement encryption transparently entirely within the transport layer. The TCP Encryption Negotiation Option (TCP-ENO) addresses both of these problems through a new TCP option kind providing out-of-band, fully backward-compatible negotiation of encryption.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.