Andrei Presented protocol & negotiation draft
  discussion about the need to validate presented/referred token IDs in the federated case
  discussion about token key binding parameters
  consensus to use 1-byte IDs reusing existing TLS registry & track what TLS1.3 is going to do 
  discussion on token binding extensions - eg for use to convey attestations - 
  martin thomson: extensions need to be signed
  martin thomson (and others): why are extensions needed? need more examples?
  weak support for extensibility right now , consensus to punt on extensions for later, possibly with a revised protocol version
  consensus to adopt the negotiation draft as WG document, Andrei will revise and republish under wg name in a couple of weeks
  discussion on how to verify provided tokens id's in the federated case and the implications for key parameter negotiations

Dirk presented HTTPS binding
  recap of tokenbinding-https
  review of changes to http header & dropped DOM APIs 
  open issues - threat analysis and the need for the Sec- prefix
  martin thomson, john bradley, phil hunt - discussion at mic about the threat analysis, maybe Sec- is not needed but estethically good
  extent of federation support in spec: only include redirect case in spec
  martin: we need to spell out referred token id verification
  discussion continues on list - consensus to add security threat analysis to security considerations section