TLS extensions
E893548
TLS extensions are optional protocol additions that enhance and customize Transport Layer Security (TLS) handshakes with extra capabilities such as server name indication, session tickets, and application-specific parameters.
Statements (55)
| Predicate | Object |
|---|---|
| instanceOf |
TLS protocol mechanism
ⓘ
network security mechanism ⓘ |
| definedIn |
RFC 6066
NERFINISHED
ⓘ
RFC 8446 NERFINISHED ⓘ TLS 1.2 specification NERFINISHED ⓘ TLS 1.3 specification ⓘ |
| enablesFeature |
forward compatibility with new TLS versions
ⓘ
online certificate status via OCSP stapling ⓘ protocol negotiation via ALPN ⓘ resumption via session tickets ⓘ virtual hosting via SNI ⓘ |
| hasProperty |
backward compatible
ⓘ
optional ⓘ |
| hasPurpose |
extend TLS functionality
ⓘ
negotiate additional capabilities ⓘ support application-specific parameters ⓘ |
| introducedInVersion | TLS 1.0 NERFINISHED ⓘ |
| operatesAtLayer | transport layer ⓘ |
| partOf | Transport Layer Security NERFINISHED ⓘ |
| relatedTo |
TLS key exchange
ⓘ
X.509 certificates NERFINISHED ⓘ cipher suite negotiation ⓘ |
| securityConsideration |
improper handling can cause downgrade attacks
ⓘ
some extensions have been deprecated for security reasons ⓘ |
| standardizedBy |
Internet Engineering Task Force
ⓘ
surface form:
IETF
|
| standardizedIn | IETF TLS Working Group NERFINISHED ⓘ |
| supportsExtension |
Application-Layer Protocol Negotiation
NERFINISHED
ⓘ
Early Data ⓘ Encrypt-then-MAC ⓘ Extended Master Secret ⓘ Heartbeat ⓘ Key Share ⓘ Max Fragment Length ⓘ Next Protocol Negotiation ⓘ OCSP stapling ⓘ Pre-Shared Key ⓘ Record Size Limit ⓘ Renegotiation Indication ⓘ Server Name Indication ⓘ Session Ticket TLS ⓘ Session Tickets ⓘ Signature Algorithms ⓘ Status Request ⓘ Supported Elliptic Curves NERFINISHED ⓘ Supported Point Formats ⓘ Supported Versions ⓘ |
| usedBy |
HTTP/2 implementations
ⓘ
QUIC implementations ⓘ VPN implementations ⓘ XMPP servers ⓘ email servers ⓘ web browsers ⓘ web servers ⓘ |
| usedIn |
DTLS
NERFINISHED
ⓘ
TLS handshake ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.