{"draft":"draft-ietf-tokbind-protocol-19","doc_id":"RFC8471","title":"The Token Binding Protocol Version 1.0","authors":["A. Popov, Ed.","M. Nystroem","D. Balfanz","J. Hodges"],"format":["ASCII","HTML"],"page_count":"18","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Token Binding","abstract":"This document specifies version 1.0 of the Token Binding protocol.\r\nThe Token Binding protocol allows client\/server applications to\r\ncreate long-lived, uniquely identifiable TLS bindings spanning\r\nmultiple TLS sessions and connections.  Applications are then enabled\r\nto cryptographically bind security tokens to the TLS layer,\r\npreventing token export and replay attacks.  To protect privacy, the\r\nToken Binding identifiers are only conveyed over TLS and can be reset\r\nby the user at any time.","pub_date":"October 2018","keywords":["Token","cookie","TLS","export","replay"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC8471","errata_url":null}