Search RFCs

RFC Editor

File formats:

Also available:XML file for editing

 

Status:

EXPERIMENTAL

Authors:

Y. Sheffer
D. Migault

Stream:

INDEPENDENT

Cite this RFC:TXT  | XML  |  BibTeX

DOI:  https://doi.org/10.17487/RFC8672

Discuss this RFC: Send questions or comments to the mailing listrfc-ise@rfc-editor.org

Other actions:Submit Errata  | Find IPR Disclosures from the IETF  | View History of RFC 8672

Abstract

Misissued public-key certificates can prevent TLS clients fromappropriately authenticating the TLS server. Several alternativeshave been proposed to detect this situation and prevent a client fromestablishing a TLS session with a TLS end point authenticated with anillegitimate public-key certificate. These mechanisms are either notwidely deployed or limited to public web browsing.

This document proposes experimental extensions to TLS with opaquepinning tickets as a way to pin the server's identity. During aninitial TLS session, the server provides an original encryptedpinning ticket. In subsequent TLS session establishment, upon receiptof the pinning ticket, the server proves its ability to decrypt thepinning ticket and thus the ownership of the pinning protection key.The client can now safely conclude that the TLS session isestablished with the same TLS server as the original TLS session. Oneof the important properties of this proposal is that no manualmanagement actions are required.

For the definition ofStatus,seeRFC 2026.

For the definition ofStream, seeRFC 8729.