[Unbearable] Token Binding for (1-RTT) TLS 1.3 draft
Nick Harper <nharper@google.com> Fri, 28 July 2017 17:39 UTC
Return-Path: <nharper@google.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA81B131CF0 for <unbearable@ietfa.amsl.com>; Fri, 28 Jul 2017 10:39:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.702
X-Spam-Level:
X-Spam-Status: No, score=-2.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QOWcwR-3VDsL for <unbearable@ietfa.amsl.com>; Fri, 28 Jul 2017 10:39:54 -0700 (PDT)
Received: from mail-lf0-x22b.google.com (mail-lf0-x22b.google.com [IPv6:2a00:1450:4010:c07::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B4F91322EC for <unbearable@ietf.org>; Fri, 28 Jul 2017 10:39:53 -0700 (PDT)
Received: by mail-lf0-x22b.google.com with SMTP id y15so94006467lfd.5 for <unbearable@ietf.org>; Fri, 28 Jul 2017 10:39:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=IsWO8mhR711PlAMk3iGY1YvLAqqBNjPIyMKwNybGFaM=; b=btpSiftfMHT5J3hwpb+Vr/SeQbFM4ueK9PVwF7Uf2kqD3QVkeKdtDi81i890MnsCvD gfhDQnBqBSGZaomh984nlxr6RPoMjkxF0IVubp0hXKCC7dFT8LgDmSbO2PcV8O2xPq5a 6u+CIFzz2M1NJux5m4ZmDcJDmMqQxzMiWiy0aICsAu1il4ztL7FnMqdfuU6bwLFdIeja SAfkBT5viErUrLiPQ+RtPT1QnIAB4FUcMdF4mWkd/XglZzxTPtwkT6aSdeCpIk47gAOW MW+DNWmQ2pzbw2DvqixSuNp4ejsvxHCBVW8DLHy8flurxSabpBgySGzKH+PcX64Sh+UT 4hrA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=IsWO8mhR711PlAMk3iGY1YvLAqqBNjPIyMKwNybGFaM=; b=URSAkjZCAoL7p0V0ov/oiyzf47Ac3GBFqQYloX8m9nn7fldT8wZAQXHrEBpDYVDR6T B7Y+zXMUpHE9MTeNFXPpG647bp1zx2meWnRA/bLVk2k02P++eBKx1CP2EnS3s3CngYsQ WxNiE3U94D6/jWZqK/zTXQSAjfVX1KjQtPLqEH1fwexMOmyFcX3bsB+xK+QFaCKpJsMl xnfbzq6N6Ko7Cb3odSaJJ/MEx+E1UeDqw9Iv2BqtrN43DITRQtkHQNbRQWmFTI+iuy3s 3T4X5IXcwQTI6CBSglG+3DjtJXU7xMHxv8iti21EHI7W1J1G30IJ+WqUwOqh8n7UIeC1 Ao5A==
X-Gm-Message-State: AIVw110jhCmO7wsZ9tG422qB5qad1jh7oJp6hBQGn2xERwpucKQydykt 3RbW1KD3jE8hN0I6nXd3g9gsUKq3/FzEljFDHQ==
X-Received: by 10.46.14.9 with SMTP id 9mr3456675ljo.26.1501263591404; Fri, 28 Jul 2017 10:39:51 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.76.69 with HTTP; Fri, 28 Jul 2017 10:39:30 -0700 (PDT)
From: Nick Harper <nharper@google.com>
Date: Fri, 28 Jul 2017 10:39:30 -0700
Message-ID: <CACdeXiK0oMiTf+89VwAkw54VhbaVAyWNhw253JDy3QKMqHbLZA@mail.gmail.com>
To: IETF Tokbind WG <unbearable@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/ZdwEaeb7zu-b3-agB2EKhiq3DoE>
Subject: [Unbearable] Token Binding for (1-RTT) TLS 1.3 draft
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Jul 2017 17:39:56 -0000
>From the discussion in Prague of wanting to define TB for TLS 1.3 (for 1-RTT connections) separately from draft-ietf-tokbind-tls13-0rtt, I wrote and uploaded https://datatracker.ietf.org/doc/draft-nharper-tokbind-tls13/ to provide a short and simple description of how to use TB with 1-RTT TLS 1.3. Is the working group interested in adopting this draft?
- [Unbearable] Token Binding for (1-RTT) TLS 1.3 dr… Nick Harper
- Re: [Unbearable] Token Binding for (1-RTT) TLS 1.… Brian Campbell