Re: [Unbearable] I-D Action: draft-ietf-tokbind-ttrp-09.txt

Brian Campbell <bcampbell@pingidentity.com> Fri, 05 July 2019 18:48 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1B1C120105 for <unbearable@ietfa.amsl.com>; Fri, 5 Jul 2019 11:48:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jl7SQetXRsV7 for <unbearable@ietfa.amsl.com>; Fri, 5 Jul 2019 11:48:39 -0700 (PDT)
Received: from mail-io1-xd34.google.com (mail-io1-xd34.google.com [IPv6:2607:f8b0:4864:20::d34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 776241200E6 for <unbearable@ietf.org>; Fri, 5 Jul 2019 11:48:39 -0700 (PDT)
Received: by mail-io1-xd34.google.com with SMTP id u19so21036282ior.9 for <unbearable@ietf.org>; Fri, 05 Jul 2019 11:48:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=FkO5U+D/cv6EvmYzb48lWAAZkzXL8j3ykmVCf0oOF/E=; b=WFJTk02RPKO8hv1hm+Zhx+AF7+48be6Ib+Ql3jun5/N/XdFqw7CWhF+qMcefdjBc88 qbKOxbVi3PvK36dEpBf0NNDDV/riyYoMccwagzpDVAwy5dwoV6TmbM7xs3u+8ggFl0Sx boQ1cu/eLvxW75N2Flr7a1UJPdEKVLeBIJ/sw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=FkO5U+D/cv6EvmYzb48lWAAZkzXL8j3ykmVCf0oOF/E=; b=V6v9bExVePIfhlmmbly6mmFZf2AE63ds2jMvquLp9AmxcxSuc0NUomnyfgyQ1gOtD4 l6AqpiFGgwwXACOHsj2jDhLL14gPuUCxqgFLOm2cNwlV+Bb7OiRuIvE8ZiUhC5SsdXzU QkSiLB6mVpOMMba91YkAVKFbMfUD1rbQ1c8b3vRx84q6uMyNIoJEERA1PQCKeZhPaeFe DcxKxuAKfKiuLdheMtmix07e3Qlc6z3vT3n0GCsM58qXvS37myJ4VAtCFfL51bWTnDSf mee1ZJwSTkECfWqbMspgRImPOg4vE3/2lMp7iw7qvvSx/U1JC3iACvaUQesIoAeTtgVd mBYQ==
X-Gm-Message-State: APjAAAX1S38HdJ14ZO3P9evHrEAXUxAndx+9Gnk5MTpXbEKqZDKiReev mPieszQFj80fM8zdBhSd6lvR1ZJVLDg1iCDmVz028wAXs0N14OzRD+EnM9PHtlb/rXaHzJvYZ7J HUlYVMw4AhUA6VxrmeSjy/yNFwQ==
X-Google-Smtp-Source: APXvYqw6J2GmqEGV+RQAzzYBKGhkW5skAByhT5kP9susLIsikAeu169kZD/l7pXgCgGsKEZ2VAErgVkQrS1b68/EWBU=
X-Received: by 2002:a6b:fd10:: with SMTP id c16mr5356843ioi.217.1562352518459; Fri, 05 Jul 2019 11:48:38 -0700 (PDT)
MIME-Version: 1.0
References: <156235235868.22012.10354315259596940283@ietfa.amsl.com>
In-Reply-To: <156235235868.22012.10354315259596940283@ietfa.amsl.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 5 Jul 2019 14:48:12 -0400
Message-ID: <CA+k3eCReWzoQVgyqZWLzRWKDpAGvj+c=OJSph1R-SpGnjT1n1A@mail.gmail.com>
To: IETF Tokbind WG <unbearable@ietf.org>
Cc: i-d-announce@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e09165058cf38a95"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/rk5LoUBUcpy_WAhXIEzi-IAPpzI>
Subject: Re: [Unbearable] I-D Action: draft-ietf-tokbind-ttrp-09.txt
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jul 2019 18:48:42 -0000

Just published -09 with no changes from -08 or -07 so as to have a non
expired draft up while awaiting the shepherd writeup.

On Fri, Jul 5, 2019 at 2:46 PM <internet-drafts@ietf.org> wrote:

>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the Token Binding WG of the IETF.
>
>         Title           : HTTPS Token Binding with TLS Terminating Reverse
> Proxies
>         Author          : Brian Campbell
>         Filename        : draft-ietf-tokbind-ttrp-09.txt
>         Pages           : 14
>         Date            : 2019-07-05
>
> Abstract:
>    This document defines HTTP header fields that enable a TLS
>    terminating reverse proxy to convey information to a backend server
>    about the validated Token Binding Message received from a client,
>    which enables that backend server to bind, or verify the binding of,
>    cookies and other security tokens to the client's Token Binding key.
>    This facilitates the reverse proxy and backend server functioning
>    together as though they are a single logical server side deployment
>    of HTTPS Token Binding.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-tokbind-ttrp/
>
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-tokbind-ttrp-09
> https://datatracker.ietf.org/doc/html/draft-ietf-tokbind-ttrp-09
>
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-tokbind-ttrp-09
>
>
> Please note that it may take a couple of minutes from the time of
> submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> _______________________________________________
> Unbearable mailing list
> Unbearable@ietf.org
> https://www.ietf.org/mailman/listinfo/unbearable
>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._