Tokenbinding IETF 102 --- - John Bradley noted (with a dancenumber on stage) that all core documents are now in the RFC Editors Q - Brian Cambell presented status and recent changes for the TTRP draft + Ask for WGLC ? + Dick Hart supports the TTRP at mic + Stefan Santesson (at mic) - is there a need to authenticate the token binding by the origin? Can this be done with an extension in the future? + BC - there should be trust between the Origin and the TTRP. There was no apetite at present to deal with a general trust mechanism betwen proxies and origins. + LJ - consensus to take this to the HTTP wg: write a draft! + Martin Thompsson: too many options and there is no text in the draft. This is needed. + MT: do a WGLC! + Chairs hum and the WG decided to start a WGLC at this time - Giri Mandyam on Attested TLS Token Binding + New revision during the week. Good feedback. Talk through motivation and approach in draft. + Erik Nordmark (EN): why define a TPM 1.2 keystore and not a TPM 2.0 one? + GM: a TPM 1.2 version was determined to be enough - open to suggestions + Eric Rescorla commented on a discussion on signature algoritm - the algoritm used in the cert doesn't fully overlap with signature algoritm parameters. A missmatch of the async key type is an error. + Discussion on the question of using a separate TLS extension codepoint. + Andrei Popov (at mic) points out the proposal doesn't solve the problem - the problem of how you negotiate attestaion with extensions is much more complex and the extension codepoint is not helpful. + GM: agree this is not very expressive - asking the WGs feedback on weather it is useful to even try to negotiate extensions. + AP: overkill to negotiate extensions - no use for this + Discussion at the mic about how to "suppress" attestation. ERK notes that lots of TLS extensions leak information. The way to avoid that is not to announce the extension. Others (AP, MT, LJ) supported that view. + MT on open questions: no on first 2 questions (cf previous discussion). No on advertising trust anchors - not done anywhere else. + AP: another open issue is the use of the EKM to authenticate attestations. Attestations probably have lifetimes longer than TLS connections. + GM: EKM seems like low hanging fruit + AP: attestation statement don't need to be generated every time - those signatures need their own attesting key, maybe a signature over the tokenbinding key + MT: agree - contextualize the signatures + GM: agree + AP: need to avoid signing oracles in the design! + EKR and LJ: this will require re-charter - Open MIC + Fetch status update from Jeff Hodges - the original PR to Fetch was closed and a new PR was opened. Jeff is comitting to doing a review. Getting closer.