[Unbearable] Fwd: I-D Action: draft-ietf-tokbind-ttrp-01.txt

Brian Campbell <bcampbell@pingidentity.com> Wed, 02 August 2017 17:59 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9591C129417 for <unbearable@ietfa.amsl.com>; Wed, 2 Aug 2017 10:59:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xHNw2ann6Y7t for <unbearable@ietfa.amsl.com>; Wed, 2 Aug 2017 10:59:49 -0700 (PDT)
Received: from mail-pf0-x230.google.com (mail-pf0-x230.google.com [IPv6:2607:f8b0:400e:c00::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65A4E1201F2 for <unbearable@ietf.org>; Wed, 2 Aug 2017 10:59:49 -0700 (PDT)
Received: by mail-pf0-x230.google.com with SMTP id z129so23925566pfb.3 for <unbearable@ietf.org>; Wed, 02 Aug 2017 10:59:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=ebAosDZzRsArg5IuDsKAbMifPWwwVSsVnnIX4Huqy0w=; b=oYHTX1QsZFK1YcPwUERSqpjuucvMw6WKc2UYHXDNXEPYkPpcVBvkxh+w0t7gHFLP2/ bCUDPpxq0R5K2TIioR5b2HojojF35h5evSTdMy3FsLBby7HtYp7mY7wZww8On1QrRHzN LjD5c2U1PCo58bilrdzEgde+Ppz/oo1J5v250=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=ebAosDZzRsArg5IuDsKAbMifPWwwVSsVnnIX4Huqy0w=; b=pPfIJV2TuUt1sOErqTAAoXSQpP35epGRvsqYM6qOV9D2oF+fZRDLeCLz+XG4ACnFyU XoPyO4T00nCwMeyN37FnmdtsdtZ3deaIMIrbSVHlpBQyOUqi83fY890Rf7LYw5uaTLCl lug94oYW+LEwlkQy3PGzZoPiVJW9borRWLl/vTsj7DNuR2qPlCGSFoQ6wjvzIBDF2km2 /mRSzel8jcZ2/M1idLy85HWBPFKfLOtCCCPnfTjDy8e5t0FVIccPWFTgZN5w1ynZ/KHz bkcIaSJ/UHDg9mtvcff20Pfq01QGqyCAFdv5utCwN0RbMdTtw+lP8PQyfM5TuRNjGs/L 8pZQ==
X-Gm-Message-State: AIVw111rauAbBMDA0RkewOUbvNf8lhDzhrOHLeJtiZYqTX62ues3zxE8 JX5jIV79e3OEwDqp+M9aFBcJDPRUSWK/TMQKRe5Ho09tzj5qcnKc92hqAmi4aHbLn9Jf95mxapl hiGiwTHcixEQ6Zw==
X-Received: by 10.99.103.129 with SMTP id b123mr19291022pgc.14.1501696788799; Wed, 02 Aug 2017 10:59:48 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.182.230 with HTTP; Wed, 2 Aug 2017 10:59:18 -0700 (PDT)
In-Reply-To: <150169636325.5791.16128248741008174399@ietfa.amsl.com>
References: <150169636325.5791.16128248741008174399@ietfa.amsl.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Wed, 2 Aug 2017 11:59:18 -0600
Message-ID: <CA+k3eCRkVoHD_QawfH4fPZJB-WtG=X_zORP0LHV7nD_54qE5Hg@mail.gmail.com>
To: IETF Tokbind WG <unbearable@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c0568cea840240555c9078a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/8cMslkparOOpViQpiLuf_KeTmBs>
Subject: [Unbearable] Fwd: I-D Action: draft-ietf-tokbind-ttrp-01.txt
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Aug 2017 17:59:52 -0000

Just published the -01 draft of "HTTPS Token Binding with TLS Terminating
Reverse Proxies" with the changes listed below.  Use of the "Sec-" prefix
for the header names is the only big change and I didn't want to wait long
on getting a draft out that has the new header names.

   draft-ietf-tokbind-ttrp-01
<https://tools.ietf.org/html/draft-ietf-tokbind-ttrp-01>

   o  Prefix the header names with "Sec-" so that they are denoted as
      forbidden header names by Fetch https://fetch.spec.whatwg.org/

   o  Removed potentially confusing sentence from Security
      Considerations per
      https://mailarchive.ietf.org/arch/msg/unbearable/
<https://mailarchive.ietf.org/arch/msg/unbearable/O0IpppyyEqMrQjEkyEi8p8CeBGA>
      O0IpppyyEqMrQjEkyEi8p8CeBGA
<https://mailarchive.ietf.org/arch/msg/unbearable/O0IpppyyEqMrQjEkyEi8p8CeBGA>

   o  Editorial fixes.



---------- Forwarded message ----------
From: <internet-drafts@ietf.org>
Date: Wed, Aug 2, 2017 at 11:52 AM
Subject: [Unbearable] I-D Action: draft-ietf-tokbind-ttrp-01.txt
To: i-d-announce@ietf.org
Cc: unbearable@ietf.org



A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Token Binding WG of the IETF.

        Title           : HTTPS Token Binding with TLS Terminating Reverse
Proxies
        Author          : Brian Campbell
        Filename        : draft-ietf-tokbind-ttrp-01.txt
        Pages           : 10
        Date            : 2017-08-02

Abstract:
   This document defines common HTTP header fields that enable a TLS
   terminating reverse proxy to convey information about the validated
   Token Binding Message sent by the client to a backend server, which
   enables that backend server to bind, or verify the binding of,
   cookies and other security tokens to the client's Token Binding key.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-tokbind-ttrp/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-tokbind-ttrp-01
https://datatracker.ietf.org/doc/html/draft-ietf-tokbind-ttrp-01

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-tokbind-ttrp-01


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
Unbearable mailing list
Unbearable@ietf.org
https://www.ietf.org/mailman/listinfo/unbearable

-- 
*CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you.*