[Unbearable] Fwd: I-D Action: draft-ietf-tokbind-ttrp-02.txt
Brian Campbell <bcampbell@pingidentity.com> Mon, 29 January 2018 23:46 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id A467D12EB22
for <unbearable@ietfa.amsl.com>; Mon, 29 Jan 2018 15:46:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id MuUrEs9Le5op for <unbearable@ietfa.amsl.com>;
Mon, 29 Jan 2018 15:45:59 -0800 (PST)
Received: from mail-it0-x236.google.com (mail-it0-x236.google.com
[IPv6:2607:f8b0:4001:c0b::236])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 21EC4126DC2
for <unbearable@ietf.org>; Mon, 29 Jan 2018 15:45:59 -0800 (PST)
Received: by mail-it0-x236.google.com with SMTP id h129so5079669ita.2
for <unbearable@ietf.org>; Mon, 29 Jan 2018 15:45:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=pingidentity.com; s=gmail;
h=mime-version:in-reply-to:references:from:date:message-id:subject:to;
bh=g8vgtZIJMO7OFrrLT1W9+VKX2Zpw5ZTs1+d0zVtK1L0=;
b=GbEn2Dmp/CxgiPYxcqFU4hHzndBXFP6jmfWmVZRLEYtSBqu06He/dXYnaVqrnJ5nOX
8Cz6UXFsegChqF2zdmq646j6WID8K+bK3gzpWyrceSkm7WD0I7FohsXSJAYUxToGRV43
NLpcBJQUL7oFTdpgDjVzzBJQv9zRhg3ubXfuQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:in-reply-to:references:from:date
:message-id:subject:to;
bh=g8vgtZIJMO7OFrrLT1W9+VKX2Zpw5ZTs1+d0zVtK1L0=;
b=EblDb0jHLxbVDXpryR79X7ozHmlcFKsdI2Z03yWV8wXXTH34zb0kcESIqPh8sO+6Zn
WGPjLyiI/UH1N42jhLFGxqUqGfJd7HUbSLs8xd+XwY4IhTcuryvrZXYNldlngY/BVw/k
8Y+Mz2DA6bJyiNEcSemrmqvK5oGyfuo+jvy4Q73KgpI3aylPeGH9QuVmHA4I1a1z+isC
OSY+0fv9V8H6Jm9nKbQE7j+31OYwu4cYk5EhHqQhholbTnRcBLPqT3A2e6wYFIvnMLbZ
4YSB7sgBz6SwH39D4obX4tsfWFxzi0U/8SwMzod884SDXTgkPoGGrIX+cCikj5ywOp2Q
YK0w==
X-Gm-Message-State: AKwxytdNHqZgDF0JJXCRk5yUKo49aaMfTFUH2OSVdXqnyNfTzOfUNF8w
oV4TsyG13a22+WTnxiawB/1h8zOyb0oehbvH+50iGq8sMwvMkRQHev/FGLV0yWds6jWlU1HqNDE
MG2FlDW4d3OmEWpbXg1cAybU=
X-Google-Smtp-Source: AH8x225fXR0EqhGGUg768o5A/LC6IbqmJIy3FT7m+vY7IzRo7+V/e/TGiDV2Fvw61x5WvWVDze3kHK1c3rrPEgqzYGg=
X-Received: by 10.36.246.70 with SMTP id u67mr13843510ith.29.1517269558017;
Mon, 29 Jan 2018 15:45:58 -0800 (PST)
MIME-Version: 1.0
Received: by 10.2.108.210 with HTTP; Mon, 29 Jan 2018 15:45:27 -0800 (PST)
In-Reply-To: <151726824185.27316.10674826848872024680@ietfa.amsl.com>
References: <151726824185.27316.10674826848872024680@ietfa.amsl.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Mon, 29 Jan 2018 16:45:27 -0700
Message-ID: <CA+k3eCRhtxR_-B8vcpPciJ_j2y+p2TVXdSjmkandyeQCidxeOw@mail.gmail.com>
To: IETF Tokbind WG <unbearable@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c03411a08e1170563f2d9e5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/azMZL1Iu4hG3RZO1yA0jTgFOUl0>
Subject: [Unbearable] Fwd: I-D Action: draft-ietf-tokbind-ttrp-02.txt
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than
bearer tokens \(e.g. HTTP cookies,
OAuth tokens etc.\) for web applications. The specific goal is chartering a WG
focused on preventing security token export and replay attacks.\""
<unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>,
<mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>,
<mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jan 2018 23:46:01 -0000
A new draft of "HTTPS Token Binding with TLS Terminating Reverse Proxies" has been published (just a few days before impending expiration). There are no functional changes, just editorial, formatting, etc.. The changes, copied from the Document History appendix, are listed below for a quick overview. draft-ietf-tokbind-ttrp-02 - Add to the Acknowledgements. - Update references for Token Binding negotiation, protocol, and https. - Use the boilerplate from RFC 8174. - Reformat the "HTTP Header Fields and Processing Rules" section to make the header names more prominent and move the encoding definitions earlier. ---------- Forwarded message ---------- From: <internet-drafts@ietf.org> Date: Mon, Jan 29, 2018 at 4:24 PM Subject: [Unbearable] I-D Action: draft-ietf-tokbind-ttrp-02.txt To: i-d-announce@ietf.org Cc: unbearable@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Token Binding WG of the IETF. Title : HTTPS Token Binding with TLS Terminating Reverse Proxies Author : Brian Campbell Filename : draft-ietf-tokbind-ttrp-02.txt Pages : 11 Date : 2018-01-29 Abstract: This document defines common HTTP header fields that enable a TLS terminating reverse proxy to convey information about the validated Token Binding Message sent by the client to a backend server, which enables that backend server to bind, or verify the binding of, cookies and other security tokens to the client's Token Binding key. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-tokbind-ttrp/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-tokbind-ttrp-02 https://datatracker.ietf.org/doc/html/draft-ietf-tokbind-ttrp-02 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-tokbind-ttrp-02 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ Unbearable mailing list Unbearable@ietf.org https://www.ietf.org/mailman/listinfo/unbearable -- *CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.*
- [Unbearable] I-D Action: draft-ietf-tokbind-ttrp-… internet-drafts
- [Unbearable] Fwd: I-D Action: draft-ietf-tokbind-… Brian Campbell