…ave the expected properties for the "tls-unique" channel binding to be secure [ RFC7627 ]. Therefore, this document contains normative text that applies to both the original SCRAM-SHA-1-PLUS and the newly introduced SCRAM-SHA- 256-PLUS mechanism. 2 . Key Word Definitions The key …
…s, unless the server also negotiates the extended master secret TLS extension [ RFC7627 ] and the renegotiation indication TLS extension [ RFC5746 ]. If the use of the Token Binding protocol was not negotiated but the client sends a Token Binding message, the server MUST reject a…
… channel binding. However, in the absence of the TLS extended master secret fix RFC7627 and the renegotiation indication TLS extension RFC5746 the tls-unique and tls-server-endpoint channel binding data can be forged by an attacker that can MITM the connection. Before advertising…
… mechanisms and master secrets. As a mitigation, the TLS extension defined in [ RFC7627 ] SHOULD be used when "tls-unique" host verification is to be used. . Authentication Extensions It is RECOMMENDED that interactive clients (e.g., Web browsers) supporting this protocol support…
…DOI 10.17487/RFC7568, June 2015, < https://www.rfc-editor.org/info/rfc7568 >. [ RFC7627 ] Bhargavan, K., Ed., Delignat-Lavaud, A., Pironti, A., Langley, A., and M. Ray, "Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension", RFC 7627 , DOI 10.17487/RFC…
US
rfc8446
https://www.rfc-editor.org/rfc/inline-errata/rfc8446.html
…8, DOI 10.17487/RFC7568, June 2015, <https://www.rfc-editor.org/info/rfc7568>. [RFC7627] Bhargavan, K., Ed., Delignat-Lavaud, A., Pironti, A., Langley, A., and M. Ray, "Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension", RFC 7627, DOI 10.17487/RFC76…
…Secure Sockets Layer Version 3.0", RFC 7568 DOI 10.17487/RFC7568, June 2015, >. RFC7627 ] Bhargavan, K., Ed., Delignat-Lavaud, A., Pironti, A., Langley, A., and M. Ray, "Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension", RFC 7627 , DOI 10.17487/RFC…
…8, DOI 10.17487/RFC7568, June 2015, <https://www.rfc-editor.org/info/rfc7568>. [RFC7627] Bhargavan, K., Ed., Delignat-Lavaud, A., Pironti, A., Langley, A., and M. Ray, "Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension", RFC 7627, DOI 10.17487/RFC76…
…Secure Sockets Layer Version 3.0", RFC 7568 DOI 10.17487/RFC7568, June 2015, >. RFC7627 ] Bhargavan, K., Ed., Delignat-Lavaud, A., Pironti, A., Langley, A., and M. Ray, "Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension", RFC 7627 , DOI 10.17487/RFC…
…C7250 21 padding CH RFC7685 22 encrypt_then_mac RFC7366 23 extended_main_secret RFC7627 ][ RFC-ietf-tls-rfc8446bis-13 24 token_binding RFC8472 25 cached_info RFC7924 26 tls_lts draft-gutmann-tls-lts-11 27 compress_certificate CH, CR RFC8879 28 record_size_limit CH, EE RFC8449 29 …