Ignasi Barrera
@nacx.bsky.social
Open source lover and amateur magician. Founding engineer Tetrate.io. Apache Software Foundation proud Member.
https://nacx.dev
https://nacx.dev
Reposted by Ignasi Barrera
Some years ago there were proposals for TLS channel bindings (datatracker.ietf.org/doc/html/rfc...), to allow public key authentication over TLS that's safe against person-in-the-middle. Does anyone know what happened to it? Do web browsers support it? Do protocols like FIDO U2F and Passkeys use it?
RFC 5929: Channel Bindings for TLS
This document defines three channel binding types for Transport Layer Security (TLS), tls-unique, tls-server-end-point, and tls-unique-for-telnet, in accordance with RFC 5056 (On Channel Binding). Not...
datatracker.ietf.org
December 4, 2024 at 12:39 PM
Some years ago there were proposals for TLS channel bindings (datatracker.ietf.org/doc/html/rfc...), to allow public key authentication over TLS that's safe against person-in-the-middle. Does anyone know what happened to it? Do web browsers support it? Do protocols like FIDO U2F and Passkeys use it?