The IESG has received a request from the TCP Increased Security WG (tcpinc) to consider the following document: - 'TCP-ENO: Encryption Negotiation Option' <draft-ietf-tcpinc-tcpeno-10.txt> as Experimental RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2017-10-19. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract Despite growing adoption of TLS, a significant fraction of TCP traffic on the Internet remains unencrypted. The persistence of unencrypted traffic can be attributed to at least two factors. First, some legacy protocols lack a signaling mechanism (such as a "STARTTLS" command) by which to convey support for encryption, making incremental deployment impossible. Second, legacy applications themselves cannot always be upgraded, requiring a way to implement encryption transparently entirely within the transport layer. The TCP Encryption Negotiation Option (TCP-ENO) addresses both of these problems through a new TCP option kind providing out-of-band, fully backward-compatible negotiation of encryption. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-tcpinc-tcpeno/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-tcpinc-tcpeno/ballot/ No IPR declarations have been submitted directly on this I-D.
