11 Jan
2024
11 Jan
'24
8:37 a.m.
On Thu, 11 Jan 2024 at 12:39, Holger Weiß <holger(a)zedat.fu-berlin.de> wrote:
* Simon Josefsson <simon(a)josefsson.org>
[2024-01-11 13:10]:
I'm pretty sure this was a key reason we picked the approach. If TLS is
terminated before the server ever sees it, the server can still be
configured to handle tls-server-end-point.
It's not, of course, really channel binding - it's not binding to the
channel itself at all - but it does give some of the protection real
channel binding would.
Dave.
I believe tls-server-end-point is generally best
left unimplemented to
guide efforts towards supporting the stronger tls-exporter.
One use case I see for tls-server-end-point is that it allows for
supporting channel binding by setups where TLS is terminated by some
reverse proxy, thereby protecting against _some_ but not all attack
vectors that tls-exporter protects against.