--- 1/draft-ietf-tokbind-ttrp-07.txt 2019-04-15 10:13:11.002542606 -0700 +++ 2/draft-ietf-tokbind-ttrp-08.txt 2019-04-15 10:13:11.030543336 -0700 @@ -1,18 +1,18 @@ Internet Engineering Task Force B. Campbell Internet-Draft Ping Identity -Intended status: Standards Track October 19, 2018 -Expires: April 22, 2019 +Intended status: Standards Track April 15, 2019 +Expires: October 17, 2019 HTTPS Token Binding with TLS Terminating Reverse Proxies - draft-ietf-tokbind-ttrp-07 + draft-ietf-tokbind-ttrp-08 Abstract This document defines HTTP header fields that enable a TLS terminating reverse proxy to convey information to a backend server about the validated Token Binding Message received from a client, which enables that backend server to bind, or verify the binding of, cookies and other security tokens to the client's Token Binding key. This facilitates the reverse proxy and backend server functioning together as though they are a single logical server side deployment @@ -26,25 +26,25 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on April 22, 2019. + This Internet-Draft will expire on October 17, 2019. Copyright Notice - Copyright (c) 2018 IETF Trust and the persons identified as the + Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as @@ -525,20 +525,25 @@ The author would like to thank the following people for their various contributions to the specification: Vinod Anupam, Dirk Balfanz, John Bradley, William Denniss, Nick Harper, Jeff Hodges, Subodh Iyengar, Leif Johansson, Michael B. Jones, Yoav Nir, James Manger, Andrei Popov, Eric Rescorla, Piotr Sikora, Martin Thomson, and Hans Zandbelt Appendix B. Document History [[ to be removed by the RFC Editor before publication as an RFC ]] + draft-ietf-tokbind-ttrp-08 + + o Avoid impending expiration (while awaiting the shepherd writeup) + by publishing with no changes from -07. + draft-ietf-tokbind-ttrp-07 o Update TLS 1.3 reference to RFC 8446. o Update the references to the core token binding specs, which are now RFCs 8471, 8472, and 8473. draft-ietf-tokbind-ttrp-06 o Move TLS Versions and Best Practices out of Security @@ -558,20 +563,22 @@ o Add an example with Sec-Other-Token-Binding-ID. o Use the HEXDIG core ABNF rule for EncodedTokenBindingType and mention case-insensitive in the text. o Minor editorial fixes. o Add to the Acknowledgements and remove the 'and others' bit. + draft-ietf-tokbind-ttrp-03 + o Add a header to allow for additional token binding types other than provided and referred to be conveyed. o Reword the Abstract somewhat for (hopefully) improved readability. o Minor editorial and formatting updates. draft-ietf-tokbind-ttrp-02 o Add to the Acknowledgements.