RFC 2817 (rfc2817) - Page 1 of 13
Upgrading to TLS Within HTTP/1
Alternative Format: Original Text Document
Network Working Group R. Khare
Request for Comments: 2817 4K Associates / UC Irvine
Updates: 2616 S. Lawrence
Category: Standards Track Agranat Systems, Inc.
May 2000
Upgrading to TLS Within HTTP/1.1
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2000). All Rights Reserved.
Abstract
This memo explains how to use the Upgrade mechanism in HTTP/1.1 to
initiate Transport Layer Security (TLS) over an existing TCP
connection. This allows unsecured and secured HTTP traffic to share
the same well known port (in this case, http: at 80 rather than
https: at 443). It also enables "virtual hosting", so a single HTTP +
TLS server can disambiguate traffic intended for several hostnames at
a single IP address.
Since HTTP/1.1 [1] defines Upgrade as a hop-by-hop mechanism, this
memo also documents the HTTP CONNECT method for establishing end-to-
end tunnels across HTTP proxies. Finally, this memo establishes new
IANA registries for public HTTP status codes, as well as public or
private Upgrade product tokens.
This memo does NOT affect the current definition of the 'https' URI
scheme, which already defines a separate namespace
(http://example.org/ and https://example.org/ are not equivalent).
Khare & Lawrence Standards Track