On the Use of Channel Bindings to Secure Channels

Document Type Replaced Internet-Draft (nfsv4 WG)
Last updated 2006-08-15 (latest revision 2006-06-29)
Replaced by draft-williams-on-channel-binding
Stream IETF
Intended RFC status (None)
Expired & archived
plain text pdf html
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Replaced by draft-williams-on-channel-binding
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document defines and formalizes the concept of channel bindings to secure layers and defines the channel bindings for several types of secure channels. The concept of channel bindings allows applications to prove that the end-points of two secure channels at different network layers are the same by binding authentication at one channel to the session protection at the other channel. The use of channel bindings allows applications to delegate session protection to lower layers, which may significantly improve performance for some applications.


Nicolas Williams (nicolas.williams@sun.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)