The IESG has received a request from the Token Binding WG (tokbind) to consider the following document: - 'The Token Binding Protocol Version 1.0' <draft-ietf-tokbind-protocol-16.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2017-11-27. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document specifies Version 1.0 of the Token Binding protocol. The Token Binding protocol allows client/server applications to create long-lived, uniquely identifiable TLS bindings spanning multiple TLS sessions and connections. Applications are then enabled to cryptographically bind security tokens to the TLS layer, preventing token export and replay attacks. To protect privacy, the Token Binding identifiers are only conveyed over TLS and can be reset by the user at any time. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-tokbind-protocol/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-tokbind-protocol/ballot/ No IPR declarations have been submitted directly on this I-D.
