- From: vanupam <notifications@github.com>
- Date: Tue, 03 Apr 2018 09:46:07 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/325/review/109028557@github.com>
vanupam commented on this pull request.
> @@ -1538,6 +1601,27 @@ for each associated <a for="fetch group">fetch record</a> whose
<var>origin</var>. [[!HTTP]] [[!HTTP-SEMANTICS]] [[!HTTP-COND]] [[!HTTP-CACHING]] [[!HTTP-AUTH]]
[[!TLS]]
+ <p>If <var>credentials</var> is true and the user agent supports <a for=/>Token Binding</a>,
+ send <a for=/>token-binding protocol version</a> and
+ <a for=/>token-binding key parameters</a> in a
+ <code>token_binding</code> Client Hello Extension, as described in
+ <a href="https://tools.ietf.org/html/draft-ietf-tokbind-negotiation#section-2">section 2</a>
+ of the Token Binding Negotiation spec [[!TOKBIND-NEGOTIATION]].
+ If Token Binding negotiation succeeds, set
+ <a for=/>token-binding protocol version</a> and
+ <a for=/>token-binding key parameters</a>
+ in <var>connection</var>'s <a for=connection>TLS connection metadata</a>
+ to the negotiated values,
+ and <a for=/>token-binding Exported Keying Material</a> to the computed value.
I added a small section - since the spec does not have an explicit description for this.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/325#discussion_r178889588
Received on Tuesday, 3 April 2018 16:46:30 UTC