--- 1/draft-ietf-tokbind-https-12.txt 2018-04-13 10:13:23.296229018 -0700 +++ 2/draft-ietf-tokbind-https-13.txt 2018-04-13 10:13:23.356230447 -0700 @@ -1,24 +1,24 @@ Internet Engineering Task Force A. Popov Internet-Draft M. Nystroem Intended status: Standards Track Microsoft Corp. -Expires: July 11, 2018 D. Balfanz, Ed. +Expires: October 14, 2018 D. Balfanz, Ed. A. Langley N. Harper Google Inc. J. Hodges PayPal - January 7, 2018 + April 12, 2018 Token Binding over HTTP - draft-ietf-tokbind-https-12 + draft-ietf-tokbind-https-13 Abstract This document describes a collection of mechanisms that allow HTTP servers to cryptographically bind security tokens (such as cookies and OAuth tokens) to TLS connections. We describe both first-party and federated scenarios. In a first- party scenario, an HTTP server is able to cryptographically bind the security tokens it issues to a client, and which the client @@ -42,21 +42,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on July 11, 2018. + This Internet-Draft will expire on October 14, 2018. Copyright Notice Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -328,21 +328,21 @@ | TC signals permission to | | | reveal TBID1 to TP | | |<------------------------------| | | | | | | | Client interacts w/TP | | using TokenBindingID TBID1 and TBID2: | | TBMSG[[provided_token_binding, | | TBID2, signature], | | [referred_token_binding, | - | TBID1, sognature]] | + | TBID1, signature]] | |----------------------------------------------------->| | | | | | | | | 5.2. Overview In a Federated Sign-On protocol, an Identity Provider issues an identity token to a client, which sends the identity token to a Relying Party to authenticate itself. Examples of this include @@ -946,22 +946,25 @@ Header field name: Include-Referred-Token-Binding-ID Applicable protocol: HTTP Status: standard Author/Change controller: IETF Specification document(s): this one 10. Acknowledgements This document incorporates comments and suggestions offered by Eric Rescorla, Gabriel Montenegro, Martin Thomson, Vinod Anupam, Anthony - Nadalin, Michael B. Jones, Bill Cox, Nick Harper, Brian Campbell, - and others. + Nadalin, Michael B. Jones, Bill Cox, Brian Campbell, and others. + + This document was produced under the chairmanship of John Bradley and + Leif Johansson. The area directors included Eric Rescorla, Kathleen + Moriarty and Stephen Farrell. 11. References 11.1. Normative References [fetch-spec] WhatWG, "Fetch", Living Standard , . [I-D.ietf-tokbind-negotiation]