Skip to main content

On the Use of Channel Bindings to Secure Channels

Document Type Replaced Internet-Draft (nfsv4 WG)
Expired & archived
Author Nicolás Williams
Last updated 2006-08-15 (Latest revision 2006-06-29)
Replaced by RFC 5056
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state WG Document
Document shepherd (None)
IESG IESG state Replaced by draft-williams-on-channel-binding
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document defines and formalizes the concept of channel bindings to secure layers and defines the channel bindings for several types of secure channels. The concept of channel bindings allows applications to prove that the end-points of two secure channels at different network layers are the same by binding authentication at one channel to the session protection at the other channel. The use of channel bindings allows applications to delegate session protection to lower layers, which may significantly improve performance for some applications.


Nicolás Williams

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)