Re: [Unbearable] Thurs 9am-10am in Lugano: additional TB TTRP meeting

[Brian Campbell <bcampbell@pingidentity.com>]

And here is that new draft that reflects that preference of having the TTRP
do the validation and pass the TB IDs to the backend.

---------- Forwarded message ----------
From: <internet-drafts@ietf.org>
Date: Thu, Jun 29, 2017 at 6:03 PM
Subject: New Version Notification for draft-campbell-tokbind-ttrp-00.txt

A new version of I-D, draft-campbell-tokbind-ttrp-00.txt
has been successfully submitted by Brian Campbell and posted to the
IETF repository.

Name:           draft-campbell-tokbind-ttrp
Revision:       00
Title:          HTTPS Token Binding with TLS Terminating Reverse Proxies
Document date:  2017-06-29
Group:          Individual Submission
Pages:          10
URL:            https://www.ietf.org/internet-drafts/draft-campbell-tokbind-
ttrp-00.txt
Status:         https://datatracker.ietf.org/doc/draft-campbell-tokbind-ttr
p/
Htmlized:       https://tools.ietf.org/html/draft-campbell-tokbind-ttrp-00
Htmlized:       https://datatracker.ietf.org/doc/html/draft-campbell-tokbin
d-ttrp-00


Abstract:
   This document defines common HTTP header fields that enable a TLS
   terminating reverse proxy to convey information about the validated
   Token Binding Message sent by the client to a backend server, which
   enables that backend server to bind, or verify the binding of,
   cookies and other security tokens to the client's Token Binding key.



Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat

On Mon, Apr 3, 2017 at 12:07 PM, Brian Campbell <bcampbell@pingidentity.com>
wrote:

> Thanks to the several people who came out on Thursday morning to discuss
> the approach around TTRP & TB.
>
> The (more than rough) consensus that morning was that it was more
> appropriate for the TTRP to do the validation of the Token Binding Message
> in the Sec-Token-Binding header. That is contrary to the approach described
> in -00 of draft-campbell-tokbind-tls-term
> <https://tools.ietf.org/html/draft-campbell-tokbind-tls-term-00>. In
> order to move forward and facilitate discussion,I plan to write a new draft
> that reflects that preference of having the TTRP do the validation. Don't
> have an ETA on that just yet but I'll post it to this list when I have
> something readable.
>
>
>
>
>
> On Tue, Mar 28, 2017 at 8:57 AM, Brian Campbell <
> bcampbell@pingidentity.com> wrote:
>
>> Unfortunately, the presentation and discussion on Token Binding and TLS
>> Terminating Reverse Proxies was cut short by the end of Monday's meeting.
>> I would like to invite (or maybe beg) anyone who's interested in, or has
>> input into, the topic to meet again this week to discuss it more. Ideally
>> I'd like to have some sense of consensus on a preferred approach so I can
>> proceed with document work.
>>
>> I've reserved Lugano, the attendee sign-up room, for an hour starting at
>> 9am on Thursday (trying to find a good time was hard, sorry, I hope this
>> works okay for folks) for this ad hoc meeting.
>>
>> Lugano is on the 2nd floor. See https://datatracker.ietf.org/m
>> eeting/98/floor-plan?room=lugano#chicago-swissotel-floor-2
>>
>> The slides that were partially presented at yesterday's meeting are
>> attached for background and context.
>>
>> Hope to see many of you there!
>>
>
>

-- 
*CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you.*