The ALPN HTTP Header Field
RFC 7639
|
| Document |
Type |
|
RFC - Proposed Standard
(August 2015; No errata)
|
|
Last updated |
|
2015-10-14
|
|
Replaces |
|
draft-hutton-httpbis-connect-protocol
|
|
Stream |
|
IETF
|
|
Formats |
|
plain text
pdf
html
bibtex
|
|
Reviews |
|
|
| Stream |
WG state
|
|
Submitted to IESG for Publication
|
|
Document shepherd |
|
Mark Nottingham
|
|
Shepherd write-up |
|
Show
(last changed 2015-04-29)
|
| IESG |
IESG state |
|
RFC 7639 (Proposed Standard)
|
|
Consensus Boilerplate |
|
Yes
|
|
Telechat date |
|
|
|
Responsible AD |
|
Barry Leiba
|
|
Send notices to |
|
(None)
|
| IANA |
IANA review state |
|
Version Changed - Review Needed
|
|
IANA action state |
|
RFC-Ed-Ack
|
Internet Engineering Task Force (IETF) A. Hutton
Request for Comments: 7639 Unify
Category: Standards Track J. Uberti
ISSN: 2070-1721 Google
M. Thomson
Mozilla
August 2015
The ALPN HTTP Header Field
Abstract
This specification allows HTTP CONNECT requests to indicate what
protocol is intended to be used within the tunnel once established,
using the ALPN header field.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7639.
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Hutton, et al. Standards Track [Page 1]
RFC 7639 The ALPN Header August 2015
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
2. The ALPN HTTP Header Field . . . . . . . . . . . . . . . . . 3
2.1. Header Field Values . . . . . . . . . . . . . . . . . . . 3
2.2. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.3. Usage . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4
4. Security Considerations . . . . . . . . . . . . . . . . . . . 5
5. References . . . . . . . . . . . . . . . . . . . . . . . . . 6
5.1. Normative References . . . . . . . . . . . . . . . . . . 6
5.2. Informative References . . . . . . . . . . . . . . . . . 6
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7
1. Introduction
The HTTP CONNECT method (Section 4.3.6 of [RFC7231]) requests that
the recipient establish a tunnel to the identified origin server and
thereafter forward packets, in both directions, until the tunnel is
closed. Such tunnels are commonly used to create end-to-end virtual
connections through one or more proxies.
The ALPN HTTP header field identifies the protocol or protocols that
the client intends to use within a tunnel that is established using
CONNECT. This uses the Application-Layer Protocol Negotiation (ALPN)
identifier [RFC7301].
For a tunnel that is then secured using Transport Layer Security
(TLS) [RFC5246], the header field carries the same application
protocol label as will be carried within the TLS handshake [RFC7301].
If there are multiple possible application protocols, all of those
application protocols are indicated.
The ALPN header field carries an indication of client intent only.
An ALPN identifier is used here only to identify the application
protocol or suite of protocols that the client intends to use in the
tunnel. No negotiation takes place using this header field. In TLS,
the final choice of application protocol is made by the server from
the set of choices presented by the client. Other substrates could
negotiate the application protocol differently.
Proxies do not implement the tunneled protocol, though they might
choose to make policy decisions based on the value of the header
field. For example, a proxy could use the application protocol to
select appropriate traffic prioritization.
Hutton, et al. Standards Track [Page 2]
RFC 7639 The ALPN Header August 2015
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
Show full document text