Search RFCs
RFC 8744
Issues and Requirements for Server Name Identification (SNI) Encryption in TLS,July 2020
- File formats:
- Also available:XML file for editing
- Status:
- INFORMATIONAL
- Author:
- C. Huitema
- Stream:
- IETF
- Source:
- tls (sec)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC8744
Discuss this RFC: Send questions or comments to the mailing listtls@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8744
Abstract
This document describes the general problem of encrypting the ServerName Identification (SNI) TLS parameter. The proposed solutions hidea hidden service behind a fronting service, only disclosing the SNIof the fronting service to external observers. This document listsknown attacks against SNI encryption, discusses the current "HTTPco-tenancy" solution, and presents requirements for future TLS-layersolutions.
In practice, it may well be that no solution can meet everyrequirement and that practical solutions will have to make somecompromises.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.