[Unbearable] Fwd: I-D Action: draft-ietf-tokbind-ttrp-05.txt

Brian Campbell <bcampbell@pingidentity.com> Fri, 22 June 2018 21:11 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id B6337130EEB for <unbearable@ietfa.amsl.com>; Fri, 22 Jun 2018 14:11:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.74
X-Spam-Status: No, score=-1.74 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id h4k5rQFUUG5v for <unbearable@ietfa.amsl.com>; Fri, 22 Jun 2018 14:11:39 -0700 (PDT)
Received: from mail-it0-x22a.google.com (mail-it0-x22a.google.com [IPv6:2607:f8b0:4001:c0b::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E71D3130EF1 for <unbearable@ietf.org>; Fri, 22 Jun 2018 14:11:38 -0700 (PDT)
Received: by mail-it0-x22a.google.com with SMTP id p185-v6so4721462itp.4 for <unbearable@ietf.org>; Fri, 22 Jun 2018 14:11:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=Jes1QFIFDQkbYSbLH+mmZk9KilDc48b20WcDDyAJG1g=; b=jM8X9XK+617Oj2oR/hl/CX1uk4PgI3KvpqIaK+kT0/2PD660YpeHv9DHW9yASgmUdO edB2AAY2ZvMAXNwA/oRQ81rajUvFdpHhoc6b+bRl20fAa2Vsm/r1oQxDWbuAvGIeYLEf a5NCNcdEnWqJ9yJ/d0af+1aB/r87YO1cA+aMI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=Jes1QFIFDQkbYSbLH+mmZk9KilDc48b20WcDDyAJG1g=; b=q8pb+IaBXqUcg6GLOjnQA3TDZyzs7sc6bW9L6nk2TXwkGByUVWEZh08wBLpMlVaRbC kA9GCWWcB3XLWVh9Mx6C6Qln2zTz/ESUIVKZ82KQFPLzhMJX1G7kZKKutWacCKacvSQM cQLBtZaCwmKE/PaNYwr28PJoZtuh5z6XN4fgYBvk+dFokXPRTR+zkLz0UC8yO/A73R4d LHKKoUOX7sfsdKcl95v0SzouxniYjuFRuAqv/MLdjNzULbjXmIacQqjGpH4Waa5ylzRl 2Rpa40M/sexuSynXAgBCbyFCiNB2P26g7HIs3gXd7mq0dB2EasSXwrOlc5BEWhp2112K mwAA==
X-Gm-Message-State: APt69E3K9hn51qW6lyTtNqdF5REAmO2+MouWthMpQUmLbs3nrd61B2Pb 2NkRxS61aOyrCrlTks0D48fLLcVjqTB+6iMTRQw0O4vt7BfCvSKlJGXeqFc2iVS2q9bty4e706L rdi6pD8kFddsHF+aptcGirhw=
X-Google-Smtp-Source: AAOMgpfIa0Tsf+W34kpM3wchb2vNYtgHKH0cV9bE8oTJtMPDvDAcsvPjq+Sr+c3xxvXNGswLUNZaqM+mbPgFx8WZqC8=
X-Received: by 2002:a24:ed4a:: with SMTP id r71-v6mr2899521ith.53.1529701897825; Fri, 22 Jun 2018 14:11:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:9785:0:0:0:0:0 with HTTP; Fri, 22 Jun 2018 14:11:07 -0700 (PDT)
In-Reply-To: <152970155025.3491.1920594649326917311@ietfa.amsl.com>
References: <152970155025.3491.1920594649326917311@ietfa.amsl.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 22 Jun 2018 15:11:07 -0600
Message-ID: <CA+k3eCTxNZQLnYLz+sAPzLE2bCRRM==v8vFzRJ=Z3ADQ8VGysg@mail.gmail.com>
To: IETF Tokbind WG <unbearable@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000003b9e61056f417a68"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/7eTej1Zy6OenLAIPkG7eP0r4HO8>
Subject: [Unbearable] Fwd: I-D Action: draft-ietf-tokbind-ttrp-05.txt
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jun 2018 21:11:42 -0000

-05 is a pretty minor update to the TTRP draft. Changes copied from the doc
history are listed below for easy/lazy reference.


   o  Editorial updates.

   o  Change one character in the last example to help emphasize the
      case-insensitivity of hex.

   o  Add a TLS Versions and Best Practices section with BCP195 and also
      mention of ietf-tokbind-tls13 and ietf-tls-tls13.

---------- Forwarded message ----------
From: <internet-drafts@ietf.org>
Date: Fri, Jun 22, 2018 at 3:05 PM
Subject: [Unbearable] I-D Action: draft-ietf-tokbind-ttrp-05.txt
To: i-d-announce@ietf.org
Cc: unbearable@ietf.org

A New Internet-Draft is available from the on-line Internet-Drafts
This draft is a work item of the Token Binding WG of the IETF.

        Title           : HTTPS Token Binding with TLS Terminating Reverse
        Author          : Brian Campbell
        Filename        : draft-ietf-tokbind-ttrp-05.txt
        Pages           : 14
        Date            : 2018-06-22

   This document defines HTTP header fields that enable a TLS
   terminating reverse proxy to convey information to a backend server
   about the validated Token Binding Message received from a client,
   which enables that backend server to bind, or verify the binding of,
   cookies and other security tokens to the client's Token Binding key.
   This facilitates the reverse proxy and backend server functioning
   together as though they are a single logical server side deployment
   of HTTPS Token Binding.

The IETF datatracker status page for this draft is:

There are also htmlized versions available at:

A diff from the previous version is available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:

Unbearable mailing list

_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._