On Wed, Nov 05, 2014 at 09:48:53PM -0800, Watson Ladd wrote: > > I want to make sure I understand the big picture of Token Binding and > why it works the way it does: in particular, it replaces the TLS > client authentication mechanism with a new one.
It does not replace TLS client authentication. > I don't see any obvious security problems, and I can see some real > deployment advantages: certificate privacy is preserved without > renegotiation, and this works just like cookies for the web app > developer, assuming there is enough work done by the web server. The > UI advantage is not trivial. I do see obvious security problems, but those problems already exist and this does not make those problems any worse. > However, what was wrong with OBC which reused existing TLS > authentication mechanisms? Is this something we can fix in TLS 1.3, or > not? IIRC, wanting to leave the existing TLS auth "field" to other purposes (I don't recall exact reasons, I think those were covered in some IETF meeting). Also, on use of ALPN: Stuff like this (combined with some other proposals) is exactly what I had in mind when I said that using ALPN for feature negotiation does not scale. -Ilari _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
