RFC 8547

TCP-ENO: Encryption Negotiation Option, May 2019

Canonical URL:
https://www.rfc-editor.org/rfc/rfc8547.txt
File formats:
icon for text file icon for PDF icon for HTML
Status:
EXPERIMENTAL
Authors:
A. Bittau
D. Giffin
M. Handley
D. Mazieres
E. Smith
Stream:
IETF
Source:
tcpinc (tsv)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC8547

Discuss this RFC: Send questions or comments to tcpinc@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

Despite growing adoption of TLS, a significant fraction of TCP traffic on the Internet remains unencrypted. The persistence of unencrypted traffic can be attributed to at least two factors. First, some legacy protocols lack a signaling mechanism (such as a STARTTLS command) by which to convey support for encryption, thus making incremental deployment impossible. Second, legacy applications themselves cannot always be upgraded and therefore require a way to implement encryption transparently entirely within the transport layer. The TCP Encryption Negotiation Option (TCP-ENO) addresses both of these problems through a new TCP option kind providing out-of-band, fully backward-compatible negotiation of encryption.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader