[Unbearable] I-D Action: draft-ietf-tokbind-protocol-14.txt
internet-drafts@ietf.org Fri, 21 April 2017 22:44 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: unbearable@ietf.org
Delivered-To: unbearable@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8EA6C129407; Fri, 21 Apr 2017 15:44:21 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: unbearable@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.50.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <149281466154.25877.4209139186107905761@ietfa.amsl.com>
Date: Fri, 21 Apr 2017 15:44:21 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/ldXs_DeME9Wl9_z2UA7e122MDGY>
Subject: [Unbearable] I-D Action: draft-ietf-tokbind-protocol-14.txt
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Apr 2017 22:44:22 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Token Binding of the IETF.
Title : The Token Binding Protocol Version 1.0
Authors : Andrei Popov
Magnus Nyström
Dirk Balfanz
Adam Langley
Jeff Hodges
Filename : draft-ietf-tokbind-protocol-14.txt
Pages : 17
Date : 2017-04-21
Abstract:
This document specifies Version 1.0 of the Token Binding protocol.
The Token Binding protocol allows client/server applications to
create long-lived, uniquely identifiable TLS [RFC5246] bindings
spanning multiple TLS sessions and connections. Applications are
then enabled to cryptographically bind security tokens to the TLS
layer, preventing token export and replay attacks. To protect
privacy, the Token Binding identifiers are only conveyed over TLS and
can be reset by the user at any time.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-tokbind-protocol/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-tokbind-protocol-14
https://datatracker.ietf.org/doc/html/draft-ietf-tokbind-protocol-14
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-tokbind-protocol-14
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [Unbearable] I-D Action: draft-ietf-tokbind-proto… internet-drafts