Jump to content

Transport Layer Security Channel ID

Add links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Monkbot (talk | contribs) at 19:50, 13 January 2021 (Task 18 (cosmetic): eval 3 templates: hyphenate params (1×);). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Transport Layer Security Channel ID (TLS Channel ID, previously known as Transport Layer Security – Origin Bound Certificates TLS-OBC)[1] is a draft RFC proposal[2][3] Transport Layer Security (TLS) extension that aims to increase TLS security by using certificates on both ends of the TLS connection. Notably, the client is permitted to dynamically create a local, self-signed certificate that provides additional security.

It can also protect users from the related domain cookie attack.[4][5]

Token Binding

Token Binding is an evolution of the TLS Channel ID feature,[6] and the IETF draft has Microsoft and Google as authors.[7]

References

  1. ^ TLS-OBC RFC
  2. ^ TLS Channel ID RFC
  3. ^ Dietz, Michael; Czeskis, Alexei; Balfanz, Dirk; Wallach, Dan (August 8–10, 2012). "Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web" (PDF). Proceedings of the 21st USENIX Security Symposium.
  4. ^ "Related Domain Cookie Attack"[unreliable source?]
  5. ^ additional info is available here[unreliable source?]
  6. ^ "Google Chrome Privacy Whitepaper". Google Inc.
  7. ^ A. Popov, Ed., M. Nystroem, Microsoft, D. Balfanz, A. Langley, Google (2016-01-08). "The Token Binding Protocol Version 1.0". {{cite web}}: |author= has generic name (help)CS1 maint: multiple names: authors list (link)

External links

Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Transport_Layer_Security_Channel_ID&oldid=1000140055"