The ALPN HTTP Header Field
RFC 7639
Document Type RFC - Proposed Standard (August 2015; No errata)
Authors Andrew Hutton  , Justin Uberti  , Martin Thomson 
Last updated 2015-10-14
Replaces draft-hutton-httpbis-connect-protocol
Stream IETF
Formats plain text html pdf htmlized bibtex
Reviews
GENART Telechat Review (of -04): Ready
SECDIR Last Call Review (of -04): Has Issues
GENART Last Call Review (of -04): Ready with Nits
Stream WG state Submitted to IESG for Publication
Document shepherd Mark Nottingham
Shepherd write-up Show (last changed 2015-04-29)
IESG IESG state RFC 7639 (Proposed Standard)
Consensus Boilerplate Yes
Telechat date
Responsible AD Barry Leiba
Send notices to (None)
IANA IANA review state Version Changed - Review Needed
IANA action state RFC-Ed-Ack
Email authors Email WG IPR References Referenced by Nits 
Internet Engineering Task Force (IETF)                         A. Hutton
Request for Comments: 7639                                         Unify
Category: Standards Track                                      J. Uberti
ISSN: 2070-1721                                                   Google
                                                              M. Thomson
                                                                 Mozilla
                                                             August 2015

                       The ALPN HTTP Header Field

Abstract

   This specification allows HTTP CONNECT requests to indicate what
   protocol is intended to be used within the tunnel once established,
   using the ALPN header field.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc7639.

Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Hutton, et al.               Standards Track                    [Page 1]
RFC 7639                     The ALPN Header                 August 2015

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   3
   2.  The ALPN HTTP Header Field  . . . . . . . . . . . . . . . . .   3
     2.1.  Header Field Values . . . . . . . . . . . . . . . . . . .   3
     2.2.  Syntax  . . . . . . . . . . . . . . . . . . . . . . . . .   3
     2.3.  Usage . . . . . . . . . . . . . . . . . . . . . . . . . .   4
   3.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   4
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .   5
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   6
     5.1.  Normative References  . . . . . . . . . . . . . . . . . .   6
     5.2.  Informative References  . . . . . . . . . . . . . . . . .   6
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   7

1.  Introduction

   The HTTP CONNECT method (Section 4.3.6 of [RFC7231]) requests that
   the recipient establish a tunnel to the identified origin server and
   thereafter forward packets, in both directions, until the tunnel is
   closed.  Such tunnels are commonly used to create end-to-end virtual
   connections through one or more proxies.

   The ALPN HTTP header field identifies the protocol or protocols that
   the client intends to use within a tunnel that is established using
   CONNECT.  This uses the Application-Layer Protocol Negotiation (ALPN)
   identifier [RFC7301].

   For a tunnel that is then secured using Transport Layer Security
   (TLS) [RFC5246], the header field carries the same application
   protocol label as will be carried within the TLS handshake [RFC7301].
   If there are multiple possible application protocols, all of those
   application protocols are indicated.

   The ALPN header field carries an indication of client intent only.
   An ALPN identifier is used here only to identify the application
   protocol or suite of protocols that the client intends to use in the
   tunnel.  No negotiation takes place using this header field.  In TLS,
   the final choice of application protocol is made by the server from
   the set of choices presented by the client.  Other substrates could
   negotiate the application protocol differently.

   Proxies do not implement the tunneled protocol, though they might
   choose to make policy decisions based on the value of the header
   field.  For example, a proxy could use the application protocol to
   select appropriate traffic prioritization.

Hutton, et al.               Standards Track                    [Page 2]
RFC 7639                     The ALPN Header                 August 2015

1.1.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools