[Unbearable] Fwd: I-D Action: draft-ietf-tokbind-ttrp-01.txt
Brian Campbell <bcampbell@pingidentity.com> Wed, 02 August 2017 17:59 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9591C129417 for <unbearable@ietfa.amsl.com>; Wed, 2 Aug 2017 10:59:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xHNw2ann6Y7t for <unbearable@ietfa.amsl.com>; Wed, 2 Aug 2017 10:59:49 -0700 (PDT)
Received: from mail-pf0-x230.google.com (mail-pf0-x230.google.com [IPv6:2607:f8b0:400e:c00::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65A4E1201F2 for <unbearable@ietf.org>; Wed, 2 Aug 2017 10:59:49 -0700 (PDT)
Received: by mail-pf0-x230.google.com with SMTP id z129so23925566pfb.3 for <unbearable@ietf.org>; Wed, 02 Aug 2017 10:59:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=ebAosDZzRsArg5IuDsKAbMifPWwwVSsVnnIX4Huqy0w=; b=oYHTX1QsZFK1YcPwUERSqpjuucvMw6WKc2UYHXDNXEPYkPpcVBvkxh+w0t7gHFLP2/ bCUDPpxq0R5K2TIioR5b2HojojF35h5evSTdMy3FsLBby7HtYp7mY7wZww8On1QrRHzN LjD5c2U1PCo58bilrdzEgde+Ppz/oo1J5v250=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=ebAosDZzRsArg5IuDsKAbMifPWwwVSsVnnIX4Huqy0w=; b=pPfIJV2TuUt1sOErqTAAoXSQpP35epGRvsqYM6qOV9D2oF+fZRDLeCLz+XG4ACnFyU XoPyO4T00nCwMeyN37FnmdtsdtZ3deaIMIrbSVHlpBQyOUqi83fY890Rf7LYw5uaTLCl lug94oYW+LEwlkQy3PGzZoPiVJW9borRWLl/vTsj7DNuR2qPlCGSFoQ6wjvzIBDF2km2 /mRSzel8jcZ2/M1idLy85HWBPFKfLOtCCCPnfTjDy8e5t0FVIccPWFTgZN5w1ynZ/KHz bkcIaSJ/UHDg9mtvcff20Pfq01QGqyCAFdv5utCwN0RbMdTtw+lP8PQyfM5TuRNjGs/L 8pZQ==
X-Gm-Message-State: AIVw111rauAbBMDA0RkewOUbvNf8lhDzhrOHLeJtiZYqTX62ues3zxE8 JX5jIV79e3OEwDqp+M9aFBcJDPRUSWK/TMQKRe5Ho09tzj5qcnKc92hqAmi4aHbLn9Jf95mxapl hiGiwTHcixEQ6Zw==
X-Received: by 10.99.103.129 with SMTP id b123mr19291022pgc.14.1501696788799; Wed, 02 Aug 2017 10:59:48 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.182.230 with HTTP; Wed, 2 Aug 2017 10:59:18 -0700 (PDT)
In-Reply-To: <150169636325.5791.16128248741008174399@ietfa.amsl.com>
References: <150169636325.5791.16128248741008174399@ietfa.amsl.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Wed, 02 Aug 2017 11:59:18 -0600
Message-ID: <CA+k3eCRkVoHD_QawfH4fPZJB-WtG=X_zORP0LHV7nD_54qE5Hg@mail.gmail.com>
To: IETF Tokbind WG <unbearable@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c0568cea840240555c9078a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/8cMslkparOOpViQpiLuf_KeTmBs>
Subject: [Unbearable] Fwd: I-D Action: draft-ietf-tokbind-ttrp-01.txt
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Aug 2017 17:59:52 -0000
Just published the -01 draft of "HTTPS Token Binding with TLS Terminating Reverse Proxies" with the changes listed below. Use of the "Sec-" prefix for the header names is the only big change and I didn't want to wait long on getting a draft out that has the new header names. draft-ietf-tokbind-ttrp-01 <https://tools.ietf.org/html/draft-ietf-tokbind-ttrp-01> o Prefix the header names with "Sec-" so that they are denoted as forbidden header names by Fetch https://fetch.spec.whatwg.org/ o Removed potentially confusing sentence from Security Considerations per https://mailarchive.ietf.org/arch/msg/unbearable/ <https://mailarchive.ietf.org/arch/msg/unbearable/O0IpppyyEqMrQjEkyEi8p8CeBGA> O0IpppyyEqMrQjEkyEi8p8CeBGA <https://mailarchive.ietf.org/arch/msg/unbearable/O0IpppyyEqMrQjEkyEi8p8CeBGA> o Editorial fixes. ---------- Forwarded message ---------- From: <internet-drafts@ietf.org> Date: Wed, Aug 2, 2017 at 11:52 AM Subject: [Unbearable] I-D Action: draft-ietf-tokbind-ttrp-01.txt To: i-d-announce@ietf.org Cc: unbearable@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Token Binding WG of the IETF. Title : HTTPS Token Binding with TLS Terminating Reverse Proxies Author : Brian Campbell Filename : draft-ietf-tokbind-ttrp-01.txt Pages : 10 Date : 2017-08-02 Abstract: This document defines common HTTP header fields that enable a TLS terminating reverse proxy to convey information about the validated Token Binding Message sent by the client to a backend server, which enables that backend server to bind, or verify the binding of, cookies and other security tokens to the client's Token Binding key. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-tokbind-ttrp/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-tokbind-ttrp-01 https://datatracker.ietf.org/doc/html/draft-ietf-tokbind-ttrp-01 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-tokbind-ttrp-01 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ Unbearable mailing list Unbearable@ietf.org https://www.ietf.org/mailman/listinfo/unbearable -- *CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.*
- [Unbearable] I-D Action: draft-ietf-tokbind-ttrp-… internet-drafts
- [Unbearable] Fwd: I-D Action: draft-ietf-tokbind-… Brian Campbell
- Re: [Unbearable] Fwd: I-D Action: draft-ietf-tokb… Vladimir Dzhuvinov
- Re: [Unbearable] Fwd: I-D Action: draft-ietf-tokb… Bill Cox
- Re: [Unbearable] Fwd: I-D Action: draft-ietf-tokb… John Bradley
- Re: [Unbearable] Fwd: I-D Action: draft-ietf-tokb… Brian Campbell
- Re: [Unbearable] Fwd: I-D Action: draft-ietf-tokb… Brian Campbell
- Re: [Unbearable] Fwd: I-D Action: draft-ietf-tokb… Vladimir Dzhuvinov
- Re: [Unbearable] Fwd: I-D Action: draft-ietf-tokb… Amos Jeffries