Application-Layer Protocol Negotiation
Application-Layer Protocol Negotiation is a Transport Layer Security extension that allows the application layer to negotiate which protocol should be performed over a secure connection in a manner that avoids additional round trips and which is independent of the application-layer protocols. It is used to establish HTTP/2 connections without additional round trips.
Support
ALPN is supported by these libraries:- BSAFE Micro Edition Suite since version 5.0
- GnuTLS since version 3.2.0 released in May 2013
- MatrixSSL since version 3.7.1 released in December 2014
- Network Security Services since version 3.15.5 released in April 2014
- OpenSSL since version 1.0.2 released in January 2015
- LibreSSL since version 2.1.3 released in January 2015
- mbed TLS since version 1.3.6 released in April 2014
- s2n since its original public release in June 2015.
- wolfSSL since version 3.7.0 released in October 2015
- Go since version 1.4 released in December 2014
- JSSE in Java since JDK 9 released in September 2017, backported to JDK 8 released in April 2020
- Win32 SSPI since Windows 8.1 and Windows Server 2012 R2 were released October 18, 2013
- Rustls
History
Next Protocol Negotiation
In January 2010, Google introduced IETF standard draft describing Next Protocol Negotiation TLS extension. This extension was used to negotiate experimental SPDY connections between Google Chrome and some of Google's servers. As SPDY evolved, NPN was replaced with ALPN.Application-Layer Protocol Negotiation
On July 11, 2014, ALPN was published as. ALPN replaces Next Protocol Negotiation extension.TLS False Start was disabled in Google Chrome from version 20 onward except for websites with the earlier NPN extension.
Example
ALPN is a TLS extension which is sent on the initial TLS handshake 'Client Hello', and it lists the protocols that the client supports:Handshake Type: Client Hello
Length: 141
Version: TLS 1.2
Random: dd67b5943e5efd0740519f38071008b59efbd68ab3114587...
Session ID Length: 0
Cipher Suites Length: 10
Cipher Suites
Compression Methods Length: 1
Compression Methods
Extensions Length: 90
Extension: application_layer_protocol_negotiation
Type: application_layer_protocol_negotiation
Length: 14
ALPN Extension Length: 12
ALPN Protocol
ALPN string length: 2
ALPN Next Protocol: h2
ALPN string length: 8
ALPN Next Protocol: http/1.1
The resulting 'Server Hello' from the web server will also contain the ALPN extension, and it confirms which protocol will be used for the HTTP request:
Handshake Type: Server Hello
Length: 94
Version: TLS 1.2
Random: 44e447964d7e8a7d3b404c4748423f02345241dcc9c7e332...
Session ID Length: 32
Session ID: 7667476d1d698d0a90caa1d9a449be814b89a0b52f470e2d...
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Compression Method: null
Extensions Length: 22
Extension: application_layer_protocol_negotiation
Type: application_layer_protocol_negotiation
Length: 5
ALPN Extension Length: 3
ALPN Protocol
ALPN string length: 2
ALPN Next Protocol: h2