[Security] channel bindings

Kurt Zeilenga Kurt.Zeilenga at Isode.com
Tue Feb 10 16:52:05 CST 2009


Here is a really brief explanation of what channel bindings are about.

A client, on behalf a user, wants to establish a secure channel with  
their server.

The client establishes a TCP channel with that server.
The client then establishes a TLS channel over the TCP channel.
The client then establishes an XEP channel over the TLS channel and
   within that channel performs DIGEST-MD5 authentication.

While the DIGEST-MD5 provides for a (limited) form of mutual  
authentication, DIGEST-MD5 offers no assurance to either the client or  
the party that the end points of the DIGEST-MD5 exchange are the same  
as the end-points of the TLS exchange.  This lack of this assurance  
leaves open various avenues of attack.

Channeling bindings are about providing assurances that the end-points  
in two more channels (or layers) are the same.

The IETF is developing mechanisms such as SASL/SCRAM that providing  
channeling bind support.  When used, the client can confirm that the  
SCRAM end-point and the TLS end-point its talking to are in-fact the  
same end-point.  Likewise, the server can confirm the SCRAM and TLS  
end-points its talking to are in-fact the same.

-- Kurt


More information about the Security mailing list