The IESG has approved the following document: - 'Transport Layer Security (TLS) Application Layer Protocol Negotiation Extension' (draft-ietf-tls-applayerprotoneg-05.txt) as Proposed Standard This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-tls-applayerprotoneg/ Technical Summary This document describes a Transport Layer Security (TLS) extension for application layer protocol negotiation within the TLS handshake. For instances in which the TLS connection is established over a well known TCP/IP port not associated with the desired application layer protocol, this extension allows the application layer to negotiate which protocol will be used within the TLS session. Working Group Summary The main point of controversy with this document was on encryption of the extension. The working group decided a cleartext extension with the future general facility to encrypt extensions in TLS 1.3 was preferable to an extension specific encryption mechanism for ALPN. Document Quality A number of vendors have implemented the protocol specified in this document. This document was also reviewed by members of the HTTPbis working group as it is useful for indicating what protocol is carried by TLS. Personnel Joe Salowey is the document shepherd. Sean Turner was the responsible AD. Stephen Farrell took over. RFC Editor Note Please modify the abstract as follows: OLD: This document describes a Transport Layer Security (TLS) extension for application layer protocol negotiation within the TLS handshake. For instances in which the TLS connection is established over a well known TCP or UDP port not associated with the desired application layer protocol, this extension allows the application layer to negotiate which protocol will be used within the TLS connection. NEW: This document describes a Transport Layer Security (TLS) extension for application layer protocol negotiation within the TLS handshake. For instances in which multiple application protocols are supported on the same TCP or UDP port, this extension allows the application layer to negotiate which protocol will be used within the TLS connection.
