You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Hans Zandbelt <ha...@zmartzone.eu> on 2018/08/06 07:17:16 UTC

[PATCH 62599] support for registering a token binding handler

Hi,

I'd like to see a patch included in mod_ssl that enables handling of the
token binding protocol as defined in the soon-to-be-RFC-ed:
https://www.ietf.org/id/draft-ietf-tokbind-https

The token binding functionality itself can be implemented in a 3rd party
modules like
https://github.com/zmartzone/mod_token_binding/
which depends on:
https://github.com/google/token_bind

except that somehow mod_ssl somehow needs to call into the token binding
implementation code to allow it to register itself for the Token Binding
TLS extension. Patch 62599 does that, see:
https://bz.apache.org/bugzilla/show_bug.cgi?id=62599

However, that mod_ssl patch is not token binding specific and there may be
a more generic way of enabling handling of TLS extensions in 3rd-party
code, hence my request for a discussion/review.

Regards,

Hans.

-- 
hans.zandbelt@zmartzone.eu
ZmartZone IAM - www.zmartzone.eu