osdir.com

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 62599] support for registering a token binding handler


Hi,

I'd like to see a patch included in mod_ssl that enables handling of the token binding protocol as defined in the soon-to-be-RFC-ed:
https://www.ietf.org/id/draft-ietf-tokbind-https

The token binding functionality itself can be implemented in a 3rd party modules like
https://github.com/zmartzone/mod_token_binding/
which depends on:
https://github.com/google/token_bind

except that somehow mod_ssl somehow needs to call into the token binding implementation code to allow it to register itself for the Token Binding TLS extension. Patch 62599 does that, see:
https://bz.apache.org/bugzilla/show_bug.cgi?id=62599

However, that mod_ssl patch is not token binding specific and there may be a more generic way of enabling handling of TLS extensions in 3rd-party code, hence my request for a discussion/review.

Regards,

Hans.

--