[Unbearable] Fwd: I-D Action: draft-ietf-tokbind-ttrp-02.txt

Brian Campbell <bcampbell@pingidentity.com> Mon, 29 January 2018 23:46 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id A467D12EB22 for <unbearable@ietfa.amsl.com>; Mon, 29 Jan 2018 15:46:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id MuUrEs9Le5op for <unbearable@ietfa.amsl.com>; Mon, 29 Jan 2018 15:45:59 -0800 (PST)
Received: from mail-it0-x236.google.com (mail-it0-x236.google.com [IPv6:2607:f8b0:4001:c0b::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21EC4126DC2 for <unbearable@ietf.org>; Mon, 29 Jan 2018 15:45:59 -0800 (PST)
Received: by mail-it0-x236.google.com with SMTP id h129so5079669ita.2 for <unbearable@ietf.org>; Mon, 29 Jan 2018 15:45:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=g8vgtZIJMO7OFrrLT1W9+VKX2Zpw5ZTs1+d0zVtK1L0=; b=GbEn2Dmp/CxgiPYxcqFU4hHzndBXFP6jmfWmVZRLEYtSBqu06He/dXYnaVqrnJ5nOX 8Cz6UXFsegChqF2zdmq646j6WID8K+bK3gzpWyrceSkm7WD0I7FohsXSJAYUxToGRV43 NLpcBJQUL7oFTdpgDjVzzBJQv9zRhg3ubXfuQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=g8vgtZIJMO7OFrrLT1W9+VKX2Zpw5ZTs1+d0zVtK1L0=; b=EblDb0jHLxbVDXpryR79X7ozHmlcFKsdI2Z03yWV8wXXTH34zb0kcESIqPh8sO+6Zn WGPjLyiI/UH1N42jhLFGxqUqGfJd7HUbSLs8xd+XwY4IhTcuryvrZXYNldlngY/BVw/k 8Y+Mz2DA6bJyiNEcSemrmqvK5oGyfuo+jvy4Q73KgpI3aylPeGH9QuVmHA4I1a1z+isC OSY+0fv9V8H6Jm9nKbQE7j+31OYwu4cYk5EhHqQhholbTnRcBLPqT3A2e6wYFIvnMLbZ 4YSB7sgBz6SwH39D4obX4tsfWFxzi0U/8SwMzod884SDXTgkPoGGrIX+cCikj5ywOp2Q YK0w==
X-Gm-Message-State: AKwxytdNHqZgDF0JJXCRk5yUKo49aaMfTFUH2OSVdXqnyNfTzOfUNF8w oV4TsyG13a22+WTnxiawB/1h8zOyb0oehbvH+50iGq8sMwvMkRQHev/FGLV0yWds6jWlU1HqNDE MG2FlDW4d3OmEWpbXg1cAybU=
X-Google-Smtp-Source: AH8x225fXR0EqhGGUg768o5A/LC6IbqmJIy3FT7m+vY7IzRo7+V/e/TGiDV2Fvw61x5WvWVDze3kHK1c3rrPEgqzYGg=
X-Received: by with SMTP id u67mr13843510ith.29.1517269558017; Mon, 29 Jan 2018 15:45:58 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Mon, 29 Jan 2018 15:45:27 -0800 (PST)
In-Reply-To: <151726824185.27316.10674826848872024680@ietfa.amsl.com>
References: <151726824185.27316.10674826848872024680@ietfa.amsl.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Mon, 29 Jan 2018 16:45:27 -0700
Message-ID: <CA+k3eCRhtxR_-B8vcpPciJ_j2y+p2TVXdSjmkandyeQCidxeOw@mail.gmail.com>
To: IETF Tokbind WG <unbearable@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c03411a08e1170563f2d9e5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/azMZL1Iu4hG3RZO1yA0jTgFOUl0>
Subject: [Unbearable] Fwd: I-D Action: draft-ietf-tokbind-ttrp-02.txt
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jan 2018 23:46:01 -0000

A new draft of "HTTPS Token Binding with TLS Terminating Reverse Proxies"
has been published (just a few days before impending expiration). There are
no functional changes, just editorial, formatting, etc.. The changes,
copied from the Document History appendix, are listed below for a quick


   - Add to the Acknowledgements.
   - Update references for Token Binding negotiation, protocol, and https.
   - Use the boilerplate from RFC 8174.
   - Reformat the "HTTP Header Fields and Processing Rules" section to make
   the header names more prominent and move the encoding definitions earlier.

---------- Forwarded message ----------
From: <internet-drafts@ietf.org>
Date: Mon, Jan 29, 2018 at 4:24 PM
Subject: [Unbearable] I-D Action: draft-ietf-tokbind-ttrp-02.txt
To: i-d-announce@ietf.org
Cc: unbearable@ietf.org

A New Internet-Draft is available from the on-line Internet-Drafts
This draft is a work item of the Token Binding WG of the IETF.

        Title           : HTTPS Token Binding with TLS Terminating Reverse
        Author          : Brian Campbell
        Filename        : draft-ietf-tokbind-ttrp-02.txt
        Pages           : 11
        Date            : 2018-01-29

   This document defines common HTTP header fields that enable a TLS
   terminating reverse proxy to convey information about the validated
   Token Binding Message sent by the client to a backend server, which
   enables that backend server to bind, or verify the binding of,
   cookies and other security tokens to the client's Token Binding key.

The IETF datatracker status page for this draft is:

There are also htmlized versions available at:

A diff from the previous version is available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:

Unbearable mailing list

*CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you.*