Re: [Uta] Understanding Token Binding

2014-11-06 Thread Watson Ladd
On Thu, Nov 6, 2014 at 11:28 AM, Andrei Popov wrote: >> Also, on use of ALPN: Stuff like this (combined with some other proposals) >> is exactly what I had in mind when I said that using ALPN for feature >> negotiation does not scale. > True, this is less than ideal today, and will be more of an

Re: [Uta] Understanding Token Binding

2014-11-06 Thread Andrei Popov
> Also, on use of ALPN: Stuff like this (combined with some other proposals) is > exactly what I had in mind when I said that using ALPN for feature > negotiation does not scale. True, this is less than ideal today, and will be more of an issue in the future if there is interest in supporting To

Re: [Uta] UTA discussion of fallback dance? [was: Re: reminder: call for agenda items]

2014-11-06 Thread Leif Johansson
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2014-11-06 19:47, Daniel Kahn Gillmor wrote: > On 11/06/2014 01:35 PM, Leif Johansson wrote: >> You volunteering to talk about [the TLS fallback dance] at UTA? > > I don't have any draft written, but i am certainly willing to > float the topic and

Re: [Uta] Understanding Token Binding

2014-11-06 Thread Andrei Popov
Hi Watson, > I want to make sure I understand the big picture of Token Binding and why it > works the way it does: in particular, it replaces the TLS client > authentication mechanism with a new one. Client authentication occurs outside the Token Binding protocol. Client authentication often re

Re: [Uta] Understanding Token Binding

2014-11-06 Thread Adam Langley
On Wed, Nov 5, 2014 at 9:48 PM, Watson Ladd wrote: > This is different from what appears on Browser-Auth.net in two ways: > the existing TLS client authentication mechanism isn't used, and the > application layer/TLS interaction is new: the TLS implementation must > fish out a signed value represe

Re: [Uta] UTA discussion of fallback dance? [was: Re: reminder: call for agenda items]

2014-11-06 Thread Daniel Kahn Gillmor
On 11/06/2014 01:35 PM, Leif Johansson wrote: > You volunteering to talk about [the TLS fallback dance] at UTA? I don't have any draft written, but i am certainly willing to float the topic and see if there is interest in the room in documenting something like this. Maybe 10 minutes at the meetin

Re: [Uta] UTA discussion of fallback dance? [was: Re: reminder: call for agenda items]

2014-11-06 Thread Leif Johansson
You volunteering to talk about this at UTA? > 5 nov 2014 kl. 17:35 skrev Daniel Kahn Gillmor : > >> On 11/03/2014 04:16 PM, Leif Johansson wrote: >> We are currently looking at a pretty thin agenda for Honolulu. >> >> Agenda requests are not like wine: they don't improve with age. > > The TLS

Re: [Uta] Understanding Token Binding

2014-11-06 Thread Trevor Freeman
-Original Message- From: Uta [mailto:uta-boun...@ietf.org] On Behalf Of Ilari Liusvaara Sent: Thursday, November 06, 2014 4:54 AM To: Watson Ladd Cc: uta@ietf.org Subject: Re: [Uta] Understanding Token Binding On Wed, Nov 05, 2014 at 09:48:53PM -0800, Watson Ladd wrote: > > I want to ma

Re: [Uta] Understanding Token Binding

2014-11-06 Thread Ilari Liusvaara
On Wed, Nov 05, 2014 at 09:48:53PM -0800, Watson Ladd wrote: > > I want to make sure I understand the big picture of Token Binding and > why it works the way it does: in particular, it replaces the TLS > client authentication mechanism with a new one. It does not replace TLS client authentication