Hi, I'd like to see a patch included in mod_ssl that enables handling of the token binding protocol as defined in the soon-to-be-RFC-ed: https://www.ietf.org/id/draft-ietf-tokbind-https
The token binding functionality itself can be implemented in a 3rd party modules like https://github.com/zmartzone/mod_token_binding/ which depends on: https://github.com/google/token_bind except that somehow mod_ssl somehow needs to call into the token binding implementation code to allow it to register itself for the Token Binding TLS extension. Patch 62599 does that, see: https://bz.apache.org/bugzilla/show_bug.cgi?id=62599 However, that mod_ssl patch is not token binding specific and there may be a more generic way of enabling handling of TLS extensions in 3rd-party code, hence my request for a discussion/review. Regards, Hans. -- hans.zandb...@zmartzone.eu ZmartZone IAM - www.zmartzone.eu