Internet Standards Almanac

Transport Layer Security | TLS

TLS aims to improve the applicability and suitability of the TLS family of protocols for use in other emerging protocols and use cases. TLS and its relatives are widely relied on to implement cryptography on the web and provide secure communication over a network, including in the QUIC protocol. This group is currently working to encrypt the ClientHello Server Name Indication (SNI) , which the client uses at the beginning of the TLS handshake to declare what service (such as a website) the user is requesting. This declaration is necessary for the server to decide which certificate to present. SNI, however, makes it possible for censors or filters to block users from accessing sensitive websites.

  • Standard under development: TLS Encrypted Client Hello sets out a mechanism in TLS to encrypt a ClientHello message to potentially prevent malicious actors from reading the SNI and leaking information about which websites a user is trying to access.

Other groups in the same organisation

Adaptive DNS Discovery representation

Deterministic networking representation

DNS Privacy Exchange representation

Domain Name System Operations representation

Limited Additional Mechanisms for PKIX and SMIME representation

Messaging Layer Security representation

Multiplexed Application Substrate over QUIC Encryption representation

Network Virtualization Overlays representation

Oblivious HTTP Application Intermediation representation

Path Computation Element representation

Privacy Pass representation

Privacy Preserving Measurement representation

QUIC representation

Real-Time Communication in WEB-browsers representation