Re: Formal Proposal: A Deterministic (No-Token) Alternative to DBSC from Daniel Rubery on 2026-03-02 (public-webappsec@w3.org from March 2026)

From: Daniel Rubery <drubery@chromium.org>
Date: Mon, 2 Mar 2026 10:20:27 -0800
To: Thi Nguyen-Huu <thi.nh@winmagic.com>
Cc: "nadalin@microsoft.com" <nadalin@microsoft.com>, "dveditz@mozilla.com" <dveditz@mozilla.com>, "mwest@google.com" <mwest@google.com>, "public-webauthn@w3.org" <public-webauthn@w3.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Sergei Nikitin <sergei.nikitin@winmagic.com>
Message-ID: <CADsXLL8bZ3DB3rXYm9nt36jyhN_9HZexGZ61oW+=kCYGHLmUaA@mail.gmail.com>

Hello,

Chiming in from the DBSC perspective. By giving up the regular challenges,
I don't think you're getting the security properties you want. With
pre-shared keys, local malware can steal the symmetric key and use it from
a different device. That forces you to regularly rotate the symmetric key.
Protecting that rotation is challenging and leads to exactly the complexity
you claim to avoid.

At a high-level, it is definitely attractive to try to make an
authenticated transport layer, and has been attempted before (you even
mention Token Binding in your whitepaper). DBSC operates at the application
layer because TLS termination frequently happens at a distance from
authentication checks. Various enterprise middleware and reverse proxies do
this, and need to be updated to propagate the identity information across
the transport. Cookies are the current standard for authentication, and are
transmitted at the application layer. That makes it significantly more
feasible to attach the device binding at the application layer.

Thanks,
Dan Rubery

On Mon, Mar 2, 2026 at 8:40 AM Thi Nguyen-Huu <thi.nh@winmagic.com> wrote:

> *Dear Anthony, Dan, and Mike,*
>
>
>
> With the release of *Chrome 145* and the graduation of *DBSC* to stable ,
> we are submitting an alternative architectural approach that eliminates the
> "Procedural Ceremony" of session management.
>
> Our proposal, *PADIT (Post-Authentication Device Identity in Transaction)*,
> moves identity assurance from the application layer to a hardware-bound
> *mTLS* connection. By utilizing the FIDO2 PRF extension or TPM keys as
> entropy for a *TLS 1.3 External PSK* handshake, we establish a
> deterministic state where the existence of the communication is the
> mathematical proof of identity.
>
>
>
> *Attached for your review:*
>
>    - *Formal Letter:* Outlining why the transport layer is the natural
>    home for identity.
>    - *The PADIT Whitepaper:* A deep dive into the "No-Token"
>    transport-layer approach.
>    - *Whitepaper:* "Architecting for a Secure Internet," detailing the
>    roadmap for *DIT (Device Identity)* and *LIT (Live Identity)*.
>
>
>
> We have simultaneously reached out to the *IETF TLS Working Group*
> regarding the transport-layer implications and request the opportunity to
> present this model at an upcoming WebAuthn or WebAppSec meeting.
>
>
>
> *Sincerely,*
>
> *Thi Nguyen-Huu*
>
> Founder and CEO, WinMagic Corp.
>
>
>
> Tel: +1 905.502.7000 x 3288  |  Toll Free: 888.879.5879
> thi.nh@winmagic.com |  www.winmagic.com
>
>
>
> *WinMagic Corp.* | 11-80 Galaxy Blvd.
>
> Toronto, ON  |  M9W 4Y8 |  Canada | www.winmagic.com
>
> <http://www.facebook.com/WinMagicInc>   <https://twitter.com/winmagic>
> <http://www.linkedin.com/company/winmagic>
> <https://www.winmagic.com/blog/>
>
> [image: A person typing on a computer AI-generated content may be
> incorrect.]
> <https://winmagic.com/en/zero-trust-mandates-next-gen-iam-here-is-why/>
>
>
>

Attachments

image/png attachment: image001.png
image/png attachment: image002.png
image/png attachment: image003.png
image/png attachment: image004.png
image/png attachment: image005.png

Received on Monday, 2 March 2026 18:26:27 UTC