This memo describes how to use TLS to secure HTTP connections over the Internet. Current practice is to layer HTTP over SSL (the predecessor to TLS), distinguishing secured traffic from insecure traffic by the use of a different server port. This document documents that practice using TLS. A companion document describes a method for using HTTP/TLS over the same port as normal HTTP [RFC2817].
RFC Downloads
Cited By
- Zieglmeier V, Loyola Daiqui G and Pretschner A (2023). Decentralized Inverse Transparency with Blockchain, Distributed Ledger Technologies: Research and Practice, 2:3, (1-28), Online publication date: 30-Sep-2023.
- Tasopoulos G, Dimopoulos C, Fournaris A, Zhao R, Sakzad A and Steinfeld R Energy Consumption Evaluation of Post-Quantum TLS 1.3 for Resource-Constrained Embedded Devices Proceedings of the 20th ACM International Conference on Computing Frontiers, (366-374)
- Akiwate G, Sommese R, Jonker M, Durumeric Z, Claffy K, Voelker G and Savage S Retroactive identification of targeted DNS infrastructure hijacking Proceedings of the 22nd ACM Internet Measurement Conference, (14-32)
- Gao D, Lin H, Li Z, Qian F, Chen Q, Qian Z, Liu W, Gong L and Liu Y A nationwide census on wifi security threats Proceedings of the 27th Annual International Conference on Mobile Computing and Networking, (242-255)
- Quan L, Guo Q, Chen H, Xie X, Li X, Liu Y and Hu J SADT Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering, (524-535)
- Shusterman A, Kang L, Haskal Y, Meltser Y, Mittal P, Oren Y and Yarom Y Robust website fingerprinting through the cache occupancy channel Proceedings of the 28th USENIX Conference on Security Symposium, (639-656)
- Drury V and Meyer U Certified phishing Proceedings of the Fifteenth USENIX Conference on Usable Privacy and Security, (211-223)
- Netravali R, Sivaraman A, Mickens J and Balakrishnan H WatchTower Proceedings of the 17th Annual International Conference on Mobile Systems, Applications, and Services, (430-443)
- Rajiullah M, Lutu A, Khatouni A, Fida M, Mellia M, Brunstrom A, Alay O, Alfredsson S and Mancuso V Web Experience in Mobile Networks: Lessons from Two Million Page Visits The World Wide Web Conference, (1532-1543)
- Lordan F, Jensen J and Badia R (2018). Towards Mobile Cloud Computing with Single Sign-on Access, Journal of Grid Computing, 16:4, (627-646), Online publication date: 1-Dec-2018.
- Chen C, Tian C, Duan Z and Zhao L RFC-directed differential testing of certificate validation in SSL/TLS implementations Proceedings of the 40th International Conference on Software Engineering, (859-870)
- Calzavara S, Focardi R, Squarcina M and Tempesta M (2017). Surviving the Web, ACM Computing Surveys, 50:1, (1-34), Online publication date: 31-Jan-2018.
- Mukherjee S, Ray I, Ray I, Shirazi H, Ong T and Kahn M Attribute Based Access Control for Healthcare Resources Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control, (29-40)
- Ferreira H and Sousa Junior R (2017). Security analysis of a proposed internet of things middleware, Cluster Computing, 20:1, (651-660), Online publication date: 1-Mar-2017.
- Husák M, Čermák M, Jirsík T and Čeleda P (2016). HTTPS traffic analysis and client identification using passive SSL/TLS fingerprinting, EURASIP Journal on Information Security, 2016:1, (1-14), Online publication date: 1-Dec-2016.
- Afanasyev A, Halderman J, Ruoti S, Seamons K, Yu Y, Zappala D and Zhang L Content-based security for the web Proceedings of the 2016 New Security Paradigms Workshop, (49-60)
- Naylor D, Schomp K, Varvello M, Leontiadis I, Blackburn J, López D, Papagiannaki K, Rodriguez Rodriguez P and Steenkiste P (2015). Multi-Context TLS (mcTLS), ACM SIGCOMM Computer Communication Review, 45:4, (199-212), Online publication date: 22-Sep-2015.
- Chen Y and Su Z Guided differential testing of certificate validation in SSL/TLS implementations Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, (793-804)
- Naylor D, Schomp K, Varvello M, Leontiadis I, Blackburn J, López D, Papagiannaki K, Rodriguez Rodriguez P and Steenkiste P Multi-Context TLS (mcTLS) Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication, (199-212)
- Castro I, Panda A, Raghavan B, Shenker S and Gorinsky S Route bazaar Proceedings of the 15th USENIX conference on Hot Topics in Operating Systems, (9-9)
- Delignat-Lavaud A and Bhargavan K Network-based Origin Confusion Attacks against HTTPS Virtual Hosting Proceedings of the 24th International Conference on World Wide Web, (227-237)
- Gogoulos F, Antonakopoulou A, Lioudakis G, Mousas A, Kaklamani D and Venieris I (2015). An authorization model for cross-enterprise collaborations, Security and Communication Networks, 8:4, (523-539), Online publication date: 10-Mar-2015.
- Zúquete A, Gomes H and Teixeira C Personal Identification in the Web Using Electronic Identity Cards and a Personal Identity Provider Proceedings of the 8th IFIP WG 11.2 International Workshop on Information Security Theory and Practice. Securing the Internet of Things - Volume 8501, (160-169)
- Meizner J, NaboźNy M, Radecki M, Szepieniec T and Zdybał M Recent Advances of the Cloud Platform Delivered in the Infrastructure as a Service Model for the PL-Grid Scientific Communities eScience on Distributed Computing Infrastructure - Volume 8500, (54-60)
- Bicakci K, Crispo B and Oligeri G (2013). LAKE, ACM Transactions on Internet Technology, 13:2, (1-27), Online publication date: 1-Dec-2013.
- Giesen F, Kohlar F and Stebila D On the security of TLS renegotiation Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, (387-398)
- Meyer C and Schwenk J SoK Revised Selected Papers of the 14th International Workshop on Information Security Applications - Volume 8267, (189-209)
- Akhawe D, Amann J, Vallentin M and Sommer R Here's my cert, so trust me, maybe? Proceedings of the 22nd international conference on World Wide Web, (59-70)
- Gionta J, Ning P and Zhang X iHTTP Proceedings of the 10th international conference on Applied Cryptography and Network Security, (381-399)
- Nowlan M, Tiwari N, Iyengar J, Aminy S and Fordy B Fitting square pegs through round pipes Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation, (28-28)
- Singh K, Wang H, Moshchuk A, Jackson C and Lee W Practical end-to-end web content integrity Proceedings of the 21st international conference on World Wide Web, (659-668)
- Maggiorini D, Ripamonti L and Scambia A Videogame technology to support seniors Proceedings of the 5th International ICST Conference on Simulation Tools and Techniques, (270-277)
- Holz R, Braun L, Kammenhuber N and Carle G The SSL landscape Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, (427-444)
- Houmansadr A, Nguyen G, Caesar M and Borisov N Cirripede Proceedings of the 18th ACM conference on Computer and communications security, (187-200)
- Heiberg S, Laud P, Másson S and Larsen C Secure mobile access to homecare patients' data Proceedings of the 5th International Conference on Theory and Practice of Electronic Governance, (363-364)
- Gibson-Robinson T and Lowe G Analysing applications layered on unilaterally authenticating protocols Proceedings of the 8th international conference on Formal Aspects of Security and Trust, (164-181)
- Ono K and Schulzrinne H Using cross-media relations to identify important communication requests Proceedings of the 5th International Conference on Principles, Systems and Applications of IP Telecommunications, (1-7)
- Basney J and Gaynor J An OAuth service for issuing certificates to science gateways for TeraGrid users Proceedings of the 2011 TeraGrid Conference: Extreme Digital Discovery, (1-6)
- Ono K and Schulzrinne H Have I met you before? Proceedings of the 3rd International Conference on Principles, Systems and Applications of IP Telecommunications, (1-7)
- Peltotalo J, Harju J, Saukko M, Väätämöinen L, Bouazizi I and Curcio I Personal mobile broadcasting based on the 3GPP MBMS system Proceedings of the 6th International Conference on Advances in Mobile Computing and Multimedia, (156-162)
- Guitart J, Carrera D, Beltran V, Torres J and Ayguadé E (2008). Dynamic CPU provisioning for self-managed secure web applications in SMP hosting platforms, Computer Networks: The International Journal of Computer and Telecommunications Networking, 52:7, (1390-1409), Online publication date: 1-May-2008.
- Jin S, Gyeong G and Eom Y Design and implementation of VoIP device management scheme in SOHO environments Proceedings of the 2nd international conference on Ubiquitous information management and communication, (580-584)
- García D, García R, Entrialgo J, García J and García M (2007). Evaluation of the effect of SSL overhead in the performance of e-business servers operating in B2B scenarios, Computer Communications, 30:16, (3063-3074), Online publication date: 1-Nov-2007.
- Lesniewski-Laas C, Ford B, Strauss J, Morris R and Kaashoek M Alpaca Proceedings of the 14th ACM conference on Computer and communications security, (432-444)
- Bonfiglio D, Mellia M, Meo M, Rossi D and Tofanelli P (2007). Revealing skype traffic, ACM SIGCOMM Computer Communication Review, 37:4, (37-48), Online publication date: 1-Oct-2007.
- Pulkkinen M, Naumenko A and Luostarinen K (2007). Managing information security in a business network of machinery maintenance services business - Enterprise architecture as a coordination tool, Journal of Systems and Software, 80:10, (1607-1620), Online publication date: 1-Oct-2007.
- Bonfiglio D, Mellia M, Meo M, Rossi D and Tofanelli P Revealing skype traffic Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications, (37-48)
- Lee B (2007). Mobile broadcast DRM based on user identity card, EURASIP Journal on Wireless Communications and Networking, 2007:3, (1-15), Online publication date: 1-Jul-2007.
- Liang Zhang , Seta N, Miyajima H and Hayashi H Fast Authentication Based on Heuristic Movement Prediction for Seamless Handover in Wireless Access Environment Proceedings of the 2007 IEEE Wireless Communications and Networking Conference, (2889-2893)
- Lamb P, Power R, Walker G and Compton M Role-based access control for data service integration Proceedings of the 3rd ACM workshop on Secure web services, (3-12)
- Nou R, Guitart J and Torres J Simulating and modeling secure web applications Proceedings of the 6th international conference on Computational Science - Volume Part I, (84-91)
- Groß T, Pfitzmann B and Sadeghi A Browser model for security analysis of browser-based protocols Proceedings of the 10th European conference on Research in Computer Security, (489-508)
- Xia H and Brustoloni J Hardening Web browsers against man-in-the-middle and eavesdropping attacks Proceedings of the 14th international conference on World Wide Web, (489-498)
- Groß T and Pfitzmann B Proving a WS-Federation passive requestor profile Proceedings of the 2004 workshop on Secure web service, (77-86)
- Crawford C, Dias D, Iyengar A, Novaes M and Zhang L Commercial applications of grid computing Performance analysis and grid computing, (211-229)
- Goodale T, Allen G, Lanfermann G, Massó J, Radke T, Seidel E and Shalf J The cactus framework and toolkit Proceedings of the 5th international conference on High performance computing for computational science, (197-227)
- Bayardo Jr. R, Agrawal R, Gruhl D and Somani A YouServ Proceedings of the 11th international conference on World Wide Web, (345-354)
Recommendations
Multi-Context TLS (mcTLS): Enabling Secure In-Network Functionality in TLS
SIGCOMM '15: Proceedings of the 2015 ACM Conference on Special Interest Group on Data CommunicationA significant fraction of Internet traffic is now encrypted and HTTPS will likely be the default in HTTP/2. However, Transport Layer Security (TLS), the standard protocol for encryption in the Internet, assumes that all functionality resides at the ...
Multi-Context TLS (mcTLS): Enabling Secure In-Network Functionality in TLS
SIGCOMM'15A significant fraction of Internet traffic is now encrypted and HTTPS will likely be the default in HTTP/2. However, Transport Layer Security (TLS), the standard protocol for encryption in the Internet, assumes that all functionality resides at the ...