The Token Binding Protocol Version 1.0
RFC 8471, “The Token Binding Protocol Version 1.0”, is a Proposed Standard document published in October 2018 by A. Popov, M. Nystroem, D. Balfanz, J. Hodges. The canonical text is published by the RFC Editor.
Abstract
This document specifies version 1.0 of the Token Binding protocol. The Token Binding protocol allows client/server applications to create long-lived, uniquely identifiable TLS bindings spanning multiple TLS sessions and connections. Applications are then enabled to cryptographically bind security tokens to the TLS layer, preventing token export and replay attacks. To protect privacy, the Token Binding identifiers are only conveyed over TLS and can be reset by the user at any time.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8471 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8470 Using Early Data in HTTP
- RFC 8472 Transport Layer Security Extension for Token Binding Protocol Negotiation
- RFC 8469 Recommendation to Use the Ethernet Control Word
- RFC 8473 Token Binding over HTTP
- RFC 8468 IPv4, IPv6, and IPv4-IPv6 Coexistence: Updates for the IP Performance Metrics Framework
- RFC 8474 IMAP Extension for Object Identifiers
- RFC 8467 Padding Policies for Extension Mechanisms for DNS (EDNS )
- RFC 8475 Using Conditional Router Advertisements for Enterprise Multihoming