RFC 9266: Channel Bindings for TLS 1.3 support

[Neustradamus]

Is there an existing issue for this?

• I have searched the existing issues

Is your feature request related to a problem? Please describe the problem.

Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?

• https://datatracker.ietf.org/doc/html/rfc9266

Little details, to know easily:

• tls-unique for TLS =< 1.2
• tls-server-end-point
• tls-exporter for TLS = 1.3

Thanks in advance.

Describe the solution you'd like

Additional context

No response

[adityamandaleeka]

Related: dotnet/runtime#73118

Assuming that gets implemented, is there anything for this that would need to be done in ASP.NET Core?

[Neustradamus]

@adityamandaleeka: Thanks for your comment!

I can look:

• https://github.com/dotnet/aspnetcore/search?q=TLSUnique
• https://github.com/dotnet/aspnetcore/search?q=ChannelBinding

[blowdart]

It's still a draft, and a very recent draft at that.

We've looked at various token bindings before, and then Chrome decides nope, and drops all support.

As with all new RFCs we tend to wait until it's more mature and browsers are adding support before implementing them, otherwise we end up with incomplete or incompatible implementations in versions that are still in support.

[ghost]

We've moved this issue to the Backlog milestone. This means that it is not going to be worked on for the coming release. We will reassess the backlog following the current release and consider this item at that time. To learn more about our issue management process and to have better expectation regarding different types of issues you can read our Triage Process.