Token binding allows servers to cryptographically bind bearer tokens (such as cookies) to the TLS layer, to prevent attacks where an attacker exports a bearer token from the user's machine to present to a web service and impersonate the user.

Documentation

Specification

Specification link


Final published standard: Recommendation, Living Standard, Candidate Recommendation, or similar final form

Status in Chromium

Blink


Removed (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Owners

Last updated on 2020-11-09