Token Bindings IETF 99 === 0RTT and 1RTT --- - Nick presents 0RTT and 1RTT discussion * Lucy & Martin expresses support for multiple drafts - Nick presents changes from -01 * Martin asks question about DHE KEX - may need to open issue to ensure uniqueness * Nick clarifies the threat-model in play for DHE KEX - Nick presents overview of 0-RTT TB initial handshake - Nick presents exporters requirements for 0-RTT * Martin: protocols should specify a profile both for 0RTT and 0RTT-TB * Martin: include section that contains the profile for 0RTT-TB for HTTP * Martin: include advice for other protocols - Nick presents options for switching exporters * Consensus around using normal exporter * Discussion at mic on the value of the client certificate analogy Proxies and Terminators --- - Brian intro to TTRP draft based on feedback from IETF98 * MikeJones: have usecases that require > 2 token bindings, pls specify syntax that allows multiple TBs * StefanSantesson: have you considered AJP? * Brian: no * EKR: sanitization seems sketchy * Brian: aware of feedback * Brian and EKR discussion the header security / sanitization issue * Dirk: based on google experience support the current proposal * ERK: why not establish a shared key and MAC the header * Brian: security considerations support that notion * EKR: risk of misconfiguration is signifficant - if the orig headers are passed thourough => major issue * Brian: worried about key mgmt for one specific application - need broader applicability * JohnBradley: what wg would be appropriate for a general solution? * MikeJones: ... * JoeSaloway: sanitization is a problem - needs a solution * WilliamDennis: not fully understand the problem.. more complexity adds risk that TB doesn't get deployed * (?)Google: passing EKM is better than new shared key mech * RichSaltz: assumption of trust in TTRP is not valid * MartinT: its simple to implement MAC using TLS exporter on the inside leg * EKR clarifies as AD that this is a WG decision * Discussion around the assumptions - is TLS used * LJ: how can we produce a document based on MartinThomsons ideas? * Brian: TTRP is important for getting deployment of TB * various folks involved in a discussion on where and when to create a MAC spec * WilliamDennis: complexity should be at the operator/data center level * LucyLynch: appreciate draft for exposing important issues: sanitization etc * Brian contiues preso * MartinT: don't provide information to backend that the backend can't use * MartinT: MikeJones request for > 2 TB IDs is fine * MartinT: make these Sec-* headers * StefanSantesson asks clarification on the sanitization issue * Vinnod: why not provide both TB ID and EKM for more complex applications? * Nick & Brian & MikeJ discuss requirements for > 2 TBs * Brian shows example of running code - Open Mic: * StefanSantesson: TB for SAML? * MikeJones: should use confirmation method (borrowed from SAML) based on the work in OpenIDC * MikeJones: no opinion as to where it gets done * JeffH: agree with Mike - * There seems to be support... * Lucy: Nick - please include a problem statement