Issues and Requirements for Server Name Identification (SNI) Encryption in TLS
RFC 8744

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc:, The IESG <>,, Sean Turner <>, Joseph Salowey <>,,,,
Subject: Document Action: 'Issues and Requirements for SNI Encryption in TLS' to Informational RFC (draft-ietf-tls-sni-encryption-09.txt)

The IESG has approved the following document:
- 'Issues and Requirements for SNI Encryption in TLS'
  (draft-ietf-tls-sni-encryption-09.txt) as Informational RFC

This document is the product of the Transport Layer Security Working Group.

The IESG contact persons are Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:

Technical Summary

   This draft describes the general problem of encryption of the Server
   Name Identification (SNI) parameter.  The proposed solutions hide a
   Hidden Service behind a Fronting Service, only disclosing the SNI of
   the Fronting Service to external observers.  The draft lists known
   attacks against SNI encryption, discusses the current "co-tenancy
   fronting" solution, and presents requirements for future TLS layer

Working Group Summary

Some working group members are not in favor of encrypting the SNI.  However,
the working group has consensus for continued work on the general topic of SNI encryption.

Document Quality

This document describes the problem and does not define a protocol. 
The document has been reviewed by the TLS working group.


Document Shepherd: Joseph Salowey
Responsible AD: Ben Kaduk