JEP 244: TLS Application-Layer Protocol Negotiation Extension

AuthorVincent Ryan
OwnerBradford Wetmore
Created2014/01/08 14:49
Updated2017/05/17 00:47
TypeFeature
StatusCompleted
Componentsecurity-libs / javax.net.ssl
ScopeSE
Discussionsecurity dash dev at openjdk dot java dot net
EffortS
Priority1
Reviewed byBrian Goetz, Sean Mullan
Endorsed byBrian Goetz
Release9
Issue8051498
Depends8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension
Relates toJEP 110: HTTP/2 Client (Incubator)

Summary

Extend the javax.net.ssl package to support the TLS Application Layer Protocol Negotiation (ALPN) Extension, which provides the means to negotiate an application protocol for a TLS connection.

Motivation

In order to support TLS clients and servers wishing to use multiple application-layer protocols over the same transport-layer port, the ALPN extension allows a client to provide a list of the application-layer protocols it supports, in order of preference. A server can then select one of the advertised client protocols and tell the client which protocol will be used in the TLS connection.

One important consumer of this TLS extension will be the HTTP/2 client (JEP 110), which will implement HTTP/2.

Description

This feature defines a public API to negotiate the application-layer protocols that can be transmitted over a given TLS connection. Protocol names are conveyed between client and server during the initial TLS handshake.

A TLS application can use an extended SSLParameters class to get and set the list of application-layer protocols that it can support on a given connection. The TLS implementation also uses this class to retrieve the protocol names declared by the application.

The default behavior is to select the server's most-preferred intersection value of the enabled application protocol values.

Server applications can also externally scan the initial plaintext ClientHellos to select an appropriate ALPN protocol value for this connection. This decision might be made based on offered TLS protocols, ciphersuites, Server Name Indication values, etc. The server application can then:

A server may alter connection parameters, such as the server certificate it advertises, based on which application protocols are available during the connection.

After the SSL/TLS handshake has started, there are new methods on SSLSocket/SSLEngine that allow the application to query if an ALPN value has been selected yet (getHandshakeApplicationProtocol()).
Once the TLS handshake has completed, an application can then examine which protocol has been negotiated using the getApplicationProtocol() method.

The proposed design follows a similar API methodology used for the Server Name Indication Extension (JEP 114), introduced in JDK 8, but differs in that ALPN values are tied to the connection, not the SSLSession.

Testing