- From: vanupam <notifications@github.com>
- Date: Tue, 03 Apr 2018 09:46:36 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 3 April 2018 16:46:59 UTC
vanupam commented on this pull request. > + <a href="https://tools.ietf.org/html/draft-ietf-tokbind-negotiation#section-2">section 2</a> + of the Token Binding Negotiation spec [[!TOKBIND-NEGOTIATION]]. + If Token Binding negotiation succeeds, set + <a for=/>token-binding protocol version</a> and + <a for=/>token-binding key parameters</a> + in <var>connection</var>'s <a for=connection>TLS connection metadata</a> + to the negotiated values, + and <a for=/>token-binding Exported Keying Material</a> to the computed value. + + <p class="note no-backref"> + The user agent will use <a for=/>Token Binding</a> for any + <a for=/>request</a> sent over a TLS connection for which Token Binding + negotiation was successful. + <a for=/>Token Binding</a> is only proposed when <var>credentials</var> + is true, so connections which successfully negotiate a binding will never be + pooled with connections that do not include credentials. I added clarifying language. @mikewest , please let me know if it needs more tweaking. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/325#discussion_r178889740
Received on Tuesday, 3 April 2018 16:46:59 UTC