The Token Binding Protocol Version 1.0
RFC 8471
Document Type RFC - Proposed Standard (October 2018; No errata)
Authors Andrei Popov  , Magnus Nystrom  , Dirk Balfanz  , Adam Langley  , Jeff Hodges 
Last updated 2018-10-08
Replaces draft-popov-token-binding
Stream IETF
Formats plain text html pdf htmlized bibtex
Reviews
ARTART Telechat Review (of -17): Ready
OPSDIR Last Call Review (of -16): Ready
SECDIR Last Call Review (of -16): Ready
GENART Last Call Review (of -16): Ready
Stream WG state Submitted to IESG for Publication
Document shepherd John Bradley
Shepherd write-up Show (last changed 2018-07-20)
IESG IESG state RFC 8471 (Proposed Standard)
Action Holders
(None)
Consensus Boilerplate Yes
Telechat date
Responsible AD Eric Rescorla
Send notices to John Bradley <ve7jtb@ve7jtb.com>
IANA IANA review state IANA OK - Actions Needed
IANA action state RFC-Ed-Ack
Email authors Email WG IPR References Referenced by Nits 
Internet Engineering Task Force (IETF)                     A. Popov, Ed.
Request for Comments: 8471                                   M. Nystroem
Category: Standards Track                                Microsoft Corp.
ISSN: 2070-1721                                               D. Balfanz
                                                             Google Inc.
                                                               J. Hodges
                                                  Kings Mountain Systems
                                                            October 2018

                 The Token Binding Protocol Version 1.0

Abstract

   This document specifies version 1.0 of the Token Binding protocol.
   The Token Binding protocol allows client/server applications to
   create long-lived, uniquely identifiable TLS bindings spanning
   multiple TLS sessions and connections.  Applications are then enabled
   to cryptographically bind security tokens to the TLS layer,
   preventing token export and replay attacks.  To protect privacy, the
   Token Binding identifiers are only conveyed over TLS and can be reset
   by the user at any time.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8471.

Popov, et al.                Standards Track                    [Page 1]
RFC 8471         The Token Binding Protocol Version 1.0     October 2018

Copyright Notice

   Copyright (c) 2018 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   4
   2.  Token Binding Protocol Overview . . . . . . . . . . . . . . .   4
   3.  Token Binding Protocol Message  . . . . . . . . . . . . . . .   5
     3.1.  TokenBinding.tokenbinding_type  . . . . . . . . . . . . .   6
     3.2.  TokenBinding.tokenbindingid . . . . . . . . . . . . . . .   7
     3.3.  TokenBinding.signature  . . . . . . . . . . . . . . . . .   7
     3.4.  TokenBinding.extensions . . . . . . . . . . . . . . . . .   9
   4.  Establishing a Token Binding  . . . . . . . . . . . . . . . .   9
     4.1.  Client Processing Rules . . . . . . . . . . . . . . . . .   9
     4.2.  Server Processing Rules . . . . . . . . . . . . . . . . .  10
   5.  Bound Security Token Creation and Validation  . . . . . . . .  11
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  11
     6.1.  Token Binding Key Parameters Registry . . . . . . . . . .  11
     6.2.  Token Binding Types Registry  . . . . . . . . . . . . . .  12
     6.3.  Token Binding Extensions Registry . . . . . . . . . . . .  13
     6.4.  Registration of Token Binding TLS Exporter Label  . . . .  13
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .  14
     7.1.  Security Token Replay . . . . . . . . . . . . . . . . . .  14
     7.2.  Downgrade Attacks . . . . . . . . . . . . . . . . . . . .  14
     7.3.  Token Binding Key-Sharing between Applications  . . . . .  14
     7.4.  Triple Handshake Vulnerability in TLS 1.2 and Older TLS
           Versions  . . . . . . . . . . . . . . . . . . . . . . . .  15
   8.  Privacy Considerations  . . . . . . . . . . . . . . . . . . .  15
   9.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  16
     9.1.  Normative References  . . . . . . . . . . . . . . . . . .  16
     9.2.  Informative References  . . . . . . . . . . . . . . . . .  17
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  18
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  18

Popov, et al.                Standards Track                    [Page 2]
RFC 8471         The Token Binding Protocol Version 1.0     October 2018

1.  Introduction

   Servers often generate various security tokens (e.g., HTTP cookies,
   OAuth tokens [RFC6749]) for applications to present when accessing
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools