2015-05-29, rev -01: This document specifies Version 1.0 of the Token Binding protocol. The Token Binding protocol allows client/server applications to create long-lived, uniquely identifiable TLS [RFC5246] bindings spanning multiple TLS sessions and connections. Applications are then enabled to cryptographically bind security tokens to the TLS layer, preventing token export and replay attacks. To protect privacy, the TLS Token Binding identifiers are only transmitted encrypted and can be reset by the user at any time.
↧
"The Token Binding Protocol Version 1.0" - Andrey Popov, Magnus Nystrom, Dirk Balfanz, Adam Langley
↧