Last Call: <draft-ietf-tokbind-https-12.txt> (Token Binding over HTTP) to Proposed Standard
The IESG <iesg-secretary@ietf.org> Mon, 26 February 2018 16:38 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FA85124239; Mon, 26 Feb 2018 08:38:34 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Last Call: <draft-ietf-tokbind-https-12.txt> (Token Binding over HTTP) to Proposed Standard
X-Test-IDTracker: no
X-IETF-IDTracker: 6.72.4
Auto-Submitted: auto-generated
Precedence: bulk
CC: ekr@rtfm.com, John Bradley <ve7jtb@ve7jtb.com>, draft-ietf-tokbind-https@ietf.org, unbearable@ietf.org, tokbind-chairs@ietf.org, ve7jtb@ve7jtb.com
Reply-To: ietf@ietf.org
Sender: iesg-secretary@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <151966311458.31492.5879365590755267294.idtracker@ietfa.amsl.com>
Date: Mon, 26 Feb 2018 08:38:34 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/vbG52lB8awRhw3zsrba4B6-aBwY>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Feb 2018 16:38:34 -0000
The IESG has received a request from the Token Binding WG (tokbind) to consider the following document: - 'Token Binding over HTTP' <draft-ietf-tokbind-https-12.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2018-03-12. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document describes a collection of mechanisms that allow HTTP servers to cryptographically bind security tokens (such as cookies and OAuth tokens) to TLS connections. We describe both first-party and federated scenarios. In a first- party scenario, an HTTP server is able to cryptographically bind the security tokens it issues to a client, and which the client subsequently returns to the server, to the TLS connection between the client and server. Such bound security tokens are protected from misuse since the server can generally detect if they are replayed inappropriately, e.g., over other TLS connections. Federated token bindings, on the other hand, allow servers to cryptographically bind security tokens to a TLS connection that the client has with a different server than the one issuing the token. This Internet-Draft is a companion document to The Token Binding Protocol. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-tokbind-https/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-tokbind-https/ballot/ No IPR declarations have been submitted directly on this I-D.