Channel Bindings for TLS based on the PRF
draft-josefsson-sasl-tls-cb-03

Document Type Expired Internet-Draft (individual)
Last updated 2015-09-03 (latest revision 2015-03-02)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-josefsson-sasl-tls-cb-03.txt

Abstract

This document specify how to compute the 'tls-unique-prf' data that is cryptographically bound to a specific Transport Layer Security (TLS) session. The intention is to use this data as a name of the secure channel for the purpose of a channel binding. The channel bindings can be used by authentication protocols to avoid tunneling attacks and security layer re-use. The data is derived using the TLS Pseudo-Random Function (PRF). Applications of this include SASL- based protocols like IMAP, SMTP and XMPP. The channel binding 'tls- unique-prf' defined in this document is an alternative to 'tls- unique' as described by RFC 5929 and used by SCRAM and GS2.

Authors

Simon Josefsson (simon@josefsson.org)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)