RFC 2818
E40278
RFC 2818 is the Internet standard that specifies how HTTP is used over TLS/SSL, defining the HTTPS protocol and its security requirements.
Statements (48)
| Predicate | Object |
|---|---|
| instanceOf |
Internet standard
→
Request for Comments → |
| appliesTo |
HTTP clients
→
HTTP servers → web browsers → |
| area |
Applications
→
Security → |
| category |
Standards Track
→
|
| defines |
interaction between HTTP status codes and TLS errors
→
requirements for caching in HTTPS → requirements for certificate chains in HTTPS → requirements for hostname verification → requirements for proxies and gateways using HTTPS → rules for certificate name matching → security requirements for HTTPS → server identity verification for HTTPS → use of TLS record layer for HTTP traffic → use of TLS with HTTP URIs → use of TLS with HTTPS URIs → use of default HTTPS port 443 → |
| definesProtocol |
HTTPS
→
|
| focusesOn |
transport layer security for HTTP
→
|
| goal |
prevent man-in-the-middle attacks on HTTPS connections
→
provide secure HTTP communication over the Internet → |
| intendedAudience |
implementers of HTTP clients
→
implementers of HTTP servers → protocol designers → security engineers → |
| language |
English
→
|
| obsoletes |
RFC 2817
→
|
| publishedBy |
IETF
→
Internet Engineering Task Force → |
| relatedTo |
HTTP
→
HTTPS → SSL → TLS → |
| RFCNumber |
2818
→
|
| specifies |
HTTP over TLS
→
error handling for certificate validation failures → how HTTP URIs are interpreted over TLS → how clients establish secure connections to HTTP servers → how servers present certificates to clients → use of HTTP over SSL → |
| standardsBody |
IETF TLS Working Group
→
|
| status |
Proposed Standard
→
|
| title |
HTTP Over TLS
→
|
| usesProtocol |
SSL
→
TLS → |