Hi Sam, I believe TLS Exporters are what you are looking for. https://www.rfc-editor.org/rfc/rfc8446.html#section-7.5
Exporters allow you to produce a key that is a bound to a particular channel i.e. TLS session. Regards, Jonathan On Fri, 1 May 2020 at 15:13, Sam Whited <[email protected]> wrote: > Hi all, > > I'm in need of a channel binding mechanism that works for TLS 1.3, but > as far as I can tell there isn't one. I've thrown together a document > defining a mechanism using RFC 5705 which I believe meets all of the > requirements for good channel binding. > > Is anyone aware of work already being done in this area (I saw the token > binding stuff, but that's a lot more complicated and browser-focused > than a simple channel binding mechanism and work appears to have > stalled), and if not would the TLS WG be interested in such a document? > > Thanks, > Sam > > P.S. Note that I also sent this question to the KITTEN WG because I > wasn't sure where this would belong. > > -- > Sam Whited > > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
