Transport Layer Security Channel ID: Difference between revisions

Browse history interactively

Content deleted Content added

VisualWikitext

Revision as of 02:42, 15 March 2012 edit Makerofthings7 (talk \| contribs) 12 edits ←Created page with 'TLS-OBC is an RFC proposal that increases SSL/TLS security by using certificates on both ends of the TLS connection. What's special here is that the client is pe...'		Latest revision as of 16:22, 4 January 2022 edit undo BrownHairedGirl (talk \| contribs) Autopatrolled, Extended confirmed users, File movers, Pending changes reviewers, Rollbackers 2,942,733 edits m some ref cleanup tags should be AFTER </ref>, replaced: {{unreliable source?\|date=September 2013}}</ref> → </ref>{{unreliable source?\|date=September 2013}} (2) Tag: AWB
(36 intermediate revisions by 25 users not shown)
Line 1: {{multiple issues\| TLS-OBC is an RFC proposal that increases SSL/TLS security by using certificates on both ends of the TLS connection. What's special here is that the client is permitted to dynamically create a local, self signed certificate that provides additional security. {{primary sources\|date=September 2013}} {{more citations needed\|date=September 2013}} }} '''Transport Layer Security Channel ID''' ('''TLS Channel ID''', previously known as '''Transport Layer Security – Origin Bound Certificates''' '''TLS-OBC''')<ref>[http://tools.ietf.org/html/draft-balfanz-tls-obc-01 TLS-OBC RFC]</ref> is a draft [[Request for Comments\|RFC]] proposal<ref>[http://tools.ietf.org/html/draft-balfanz-tls-channelid-01 TLS Channel ID RFC]</ref><ref>{{cite conference \|url=https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final162.pdf \|title=Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web \|last1=Dietz \|first1=Michael \|last2=Czeskis \|first2=Alexei \|last3=Balfanz \|first3=Dirk \|last4=Wallach \|first4=Dan \|date=August 8–10, 2012 \|book-title=Proceedings of the 21st USENIX Security Symposium}}</ref> [[Transport Layer Security]] (TLS) extension that aims to increase TLS [[computer security\|security]] by using [[public key certificate\|certificate]]s on both ends of the TLS connection. Notably, the client is permitted to dynamically create a local, [[self-signed certificate]] that provides additional security. It can also protect users from the related ___domain cookie attack.<ref>[http://security.stackexchange.com/a/12419/396 "Related Domain Cookie Attack"],</ref>{{unreliable source?\|date=September 2013}}<ref>[~~http~~https://stackoverflow.com/q/9636857/328397 additional info is available here]</ref>{{unreliable source?\|date=September 2013}}▼ ~~A useful introduction is available here:~~ ==Token Binding== [http://www.browserauth.net/ TLS-OBC for System Administrators] ▼ '''Token Binding''' is an evolution of the TLS Channel ID feature,<ref>{{cite web\|url=https://www.google.com/chrome/browser/privacy/whitepaper.html#tls\|title=Google Chrome Privacy Whitepaper\|publisher=Google Inc.}}</ref> and the IETF draft has Microsoft and Google as authors.<ref>{{cite web\|url=https://tools.ietf.org/html/draft-ietf-tokbind-protocol-04\|title=The Token Binding Protocol Version 1.0\|author=A. Popov, Ed., M. Nystroem, Microsoft, D. Balfanz, A. Langley, Google\|date=2016-01-08}}</ref> ==References== [http://tools.ietf.org/html/draft-balfanz-tls-obc-01 TLS-OBC RFC]▼ {{Reflist\|30em}} == External links == ▲It can also protect users from the [http://security.stackexchange.com/a/12419/396 "Related Domain Cookie Attack"], [http://stackoverflow.com/q/9636857/328397 additional info is available here] ▲* [http://tools.ietf.org/html/draft-balfanz-tls-~~obc~~channelid-01 TLS~~-OBC~~ ~~RFC~~Channel ID IETF Draft] ▲* [http://www.browserauth.net/ TLS-OBC for System Administrators] {{DEFAULTSORT:Transport Layer Security Channel ID}} [[Category:Transport Layer Security]] {{security-stub}}