Re: [TLS] New Version Notification for draft-friel-tls-over-http-00.txt

Mon, 30 Oct 2017 15:18:22 -0700 

Hey TLS folks,

Owen, Max, and I have been kicking around some ideas for how to make secure
connections in environments where HTTPS is subject to MitM / proxying.

The below draft lays out a way to tunnel TLS over HTTPS, in hopes of
creating a channel you could use when you really need things to be private,
even from the local MitM.

Feedback obviously very welcome.  Interested in whether folks think this is
a useful area in which to develop an RFC, and any thoughts on how to do
this better.

Thanks,
--Richard


On Mon, Oct 30, 2017 at 3:47 PM, <internet-dra...@ietf.org> wrote:

>
> A new version of I-D, draft-friel-tls-over-http-00.txt
> has been successfully submitted by Owen Friel and posted to the
> IETF repository.
>
> Name:           draft-friel-tls-over-http
> Revision:       00
> Title:          Application-Layer TLS
> Document date:  2017-10-30
> Group:          Individual Submission
> Pages:          20
> URL:            https://www.ietf.org/internet-drafts/draft-friel-tls-over-
> http-00.txt
> Status:         https://datatracker.ietf.org/
> doc/draft-friel-tls-over-http/
> Htmlized:       https://tools.ietf.org/html/draft-friel-tls-over-http-00
> Htmlized:       https://datatracker.ietf.org/
> doc/html/draft-friel-tls-over-http-00
>
>
> Abstract:
>    Many clients need to establish secure connections to application
>    services but face challenges establishing these connections due to
>    the presence of middleboxes that terminate TLS connections from the
>    client and restablish new TLS connections to the service.  This
>    document defines a mechanism for transporting TLS records in HTTP
>    message bodies between clients and services.  This enables clients
>    and services to establish secure connections using TLS at the
>    application layer, and treat any middleboxes that are intercepting
>    traffic at the network layer as untrusted transport.  In short, this
>    mechanism moves the TLS handshake up the OSI stack to the application
>    layer.
>
>
>
>
> Please note that it may take a couple of minutes from the time of
> submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> The IETF Secretariat
>
>

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to