This could be the UTF-8 encoding [RFC3629] of the protocol name. o Identification Sequence: The precise set of octet values that identifies the protocol. If any of these apply to this new protocol identifier, the identifier SHOULD NOT be used in TLS configurations where it would be visible in the clear, and documents specifying such protocol identifiers SHOULD recommend against such unsafe use. Care must be taken when such identifiers may leak personally identifiable information, or when such leakage may lead to profiling or to leaking of sensitive information. The ALPN extension is intended to follow the typical design of TLS protocol extensions. The server SHALL NOT respond with a selected protocol and subsequently use a different protocol for application data exchange.
This document is a product of the Internet Engineering Task Force (IETF). It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG).
Status of This Memo This is an Internet Standards Track document.
For instances in which multiple application protocols are supported on the same TCP or UDP port, this extension allows the application layer to negotiate which protocol will be used within the TLS connection.
Finally, by managing protocol selection in the clear as part of the handshake, ALPN avoids introducing false confidence with respect to the ability to hide the negotiated protocol in advance of establishing the connection.
By placing ownership of protocol selection on the server, ALPN facilitates scenarios in which certificate selection or connection rerouting may be based on the negotiated protocol.
This registry operates under the "Expert Review" policy as defined in [RFC5226]. Reschke, "Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing", RFC 7230, June 2014. Thomson, "Hypertext Transfer Protocol version 2", Work in Progress, June 2014.