Re: Poll: use of TLS channel bindings in SCRAM

[Sam Hartman <hartmans-ietf@xxxxxxx>]

>>>>> "Kurt" == Kurt Zeilenga <Kurt.Zeilenga@xxxxxxxxx> writes:

    Kurt> After some additional thought and consideration, I change my
    Kurt> preference to:

    Kurt> 4a (just change the text to require tls-unique) 

As I indicate, I believe support for channel binding types other than
tls-unique is an absolute requirement.  While I prefer for us to have
downgrade protection, I don't see that as an absolute requirement.
So, I think we at least need a mechanism to say what channel binding
type we've used if it is not tls-unique.  That's not downgrade
protection; it is consistency with 5056.

    Kurt> 5 (adds some
    Kurt> words that additional text that channel bind type agility is
    Kurt> provided via mechanism name).

I'm fairly strongly against this option.


    Kurt> I have decided not to support providing any channeling
    Kurt> binding "downgrade" protection in the mechanism.  

As I indicated, I believe this would be a good idea, and would
certainly rather the WG consensus be that we had such a mechanism, but
understand if we don't go there.