- From: Vinod Anupam <notifications@github.com>
- Date: Wed, 02 May 2018 11:25:15 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/715/review/117014551@github.com>
vanupam commented on this pull request. > +Separate Token Binding messages (generated using different token-binding +keys) will be sent as headers in the requests to the different origins. +This implies that all origins that can be coalesced into the same +HTTP/2 connection need to support the same Token Binding protocol +version and key parameters. + +<h4 id=negotiating-token-binding>Negotiating Token Binding</h4> + +The user agent proposes and agrees to the use of Token Binding as described in +<a href="https://tools.ietf.org/html/draft-ietf-tokbind-negotiation#section-2">section 2</a> +of the Token Binding Negotiation spec [[!TOKBIND-NEGOTIATION]]. +While setting up a TLS <a>connection</a>, it sends its highest supported +<dfn export id=concept-token-binding-protocol-version for=connection>token-binding protocol version</dfn> +and all supported cryptographic algorithms and parameters (the +<dfn export id=concept-token-binding-key-parameters for=connection>token-binding key parameters</dfn>), +in order of preference, Current language is intended to make sure that the key-type actually negotiated by the UA with a server is used to build the header. I think migrating UAs from one key type to another is out of scope for this PR - if we want it to happen seamlessly, we likely need a revised underlying spec. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/715#discussion_r185593861
Received on Wednesday, 2 May 2018 18:25:37 UTC