Transport Layer Security Channel ID

Transport Layer Security Channel ID (TLS Channel ID, previously known as Transport Layer Security – Origin Bound Certificates TLS-OBC)^[1] is a draft RFC proposal^[2]^[3] Transport Layer Security (TLS) extension that aims to increase TLS security by using certificates on both ends of the TLS connection. Notably, the client is permitted to dynamically create a local, self-signed certificate that provides additional security.

It can also protect users from the related domain cookie attack.^[4]^[5]

Token Binding

Token Binding is an evolution of the TLS Channel ID feature,^[6] and the IETF draft has Microsoft and Google as authors.^[7]

References

↑ TLS-OBC RFC
↑ TLS Channel ID RFC
↑ Dietz, Michael; Czeskis, Alexei; Balfanz, Dirk; Wallach, Dan (August 8–10, 2012). "Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web" (PDF). Proceedings of the 21st USENIX Security Symposium.
↑ "Related Domain Cookie Attack"
↑ additional info is available here
↑ "Google Chrome Privacy Whitepaper". Google Inc.
↑ A. Popov, Ed., M. Nystroem, Microsoft, D. Balfanz, A. Langley, Google (2016-01-08). "The Token Binding Protocol Version 1.0".

External links

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[1] TLS-OBC RFC

[2] TLS Channel ID RFC

[3] Dietz, Michael; Czeskis, Alexei; Balfanz, Dirk; Wallach, Dan (August 8–10, 2012). "Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web" (PDF). Proceedings of the 21st USENIX Security Symposium.

[4] "Related Domain Cookie Attack"

[5] tional info is available here

[6] "Google Chrome Privacy Whitepaper". Google Inc.

[7] A. Popov, Ed., M. Nystroem, Microsoft, D. Balfanz, A. Langley, Google (2016-01-08). "The Token Binding Protocol Version 1.0".