Misplaced Pages

Transport Layer Security Channel ID

Article snapshot taken from[REDACTED] with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
(Redirected from Transport Layer Security – Origin Bound Certificates)
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
This article relies excessively on references to primary sources. Please improve this article by adding secondary or tertiary sources.
Find sources: "Transport Layer Security Channel ID" – news · newspapers · books · scholar · JSTOR (September 2013) (Learn how and when to remove this message)
This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed.
Find sources: "Transport Layer Security Channel ID" – news · newspapers · books · scholar · JSTOR (September 2013) (Learn how and when to remove this message)
(Learn how and when to remove this message)

Transport Layer Security Channel ID (TLS Channel ID, previously known as Transport Layer Security – Origin Bound Certificates TLS-OBC) is a draft RFC proposal Transport Layer Security (TLS) extension that aims to increase TLS security by using certificates on both ends of the TLS connection. Notably, the client is permitted to dynamically create a local, self-signed certificate that provides additional security.

It can also protect users from the related domain cookie attack.

Token Binding

Token Binding is an evolution of the TLS Channel ID feature, and the IETF draft has Microsoft and Google as authors.

References

  1. TLS-OBC RFC
  2. TLS Channel ID RFC
  3. Dietz, Michael; Czeskis, Alexei; Balfanz, Dirk; Wallach, Dan (August 8–10, 2012). "Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web" (PDF). Proceedings of the 21st USENIX Security Symposium.
  4. "Related Domain Cookie Attack"
  5. additional info is available here
  6. "Google Chrome Privacy Whitepaper". Google Inc.
  7. A. Popov, Ed., M. Nystroem, Microsoft, D. Balfanz, A. Langley, Google (2016-01-08). "The Token Binding Protocol Version 1.0". {{cite web}}: |author= has generic name (help)CS1 maint: multiple names: authors list (link)

External links


Stub icon

This computer security article is a stub. You can help Misplaced Pages by expanding it.

Categories:
Transport Layer Security Channel ID Add topic