Protocol Action: Upgrading to TLS Within HTTP/1.1 to Proposed Standard

The IESG <iesg-secretary@ietf.org> Mon, 31 January 2000 21:12 UTC

Message-Id: <200001312052.PAA15397@ietf.org>
To: IETF-Announce:;
Cc: RFC Editor <rfc-editor@isi.edu>
Cc: Internet Architecture Board <iab@isi.edu>
Cc: ietf-tls@consensus.com
From: The IESG <iesg-secretary@ietf.org>
Subject: Protocol Action: Upgrading to TLS Within HTTP/1.1 to Proposed Standard
Date: Mon, 31 Jan 2000 15:52:52 -0500
Sender: scoya@cnri.reston.va.us


The IESG has approved the Internet-Draft 'Upgrading to TLS Within
HTTP/1.1' <draft-ietf-tls-http-upgrade-05.txt> as a Proposed Standard.
This document is the product of the Transport Layer Security Working
Group.  The IESG contact persons are Jeffrey Schiller and Marcus
Leech.



Technical Summary

'HTTP Over TLS' documents how TLS is used today to secure 'https' URL
connections.  'Upgrading to TLS Within HTTP/1.1' defines a mechanism for
"upgrading" a non-secure http connection to a secure connection making
use of TLS without requiring the use of an additional port (as is used
in https). This is important because protocols beyond simple web
browsing are being layered on top of HTTP. For each such protocol today
we require two new port assignments. One of the protocol without TLS and
one for the protocol with TLS. The adoption of the techniques described
in 'Upgrading to TLS Within HTTP/1.1' will alleviate the need for the
second port, thus preserving our scarce TCP port space.

Working Group Summary

The working group supports these documents and the versions of the
documents here address the issues raised during IETF Wide last call.

Protocol Quality

Jeff Schiller has reviewed these documents for the IESG.

Protocol Action: Upgrading to TLS Within HTTP/1.1… The IESG