More editorial updates per EKR's comments.

draft-ietf-tokbind-https-18.xml

@@ -146,31 +146,6 @@
       </address>
     </author>
 
-    <author fullname="Adam Langley" initials="A."
-            surname="Langley">
-      <organization>Google Inc.</organization>
-
-      <address>
-        <postal>
-          <street></street>
-
-          <!-- Reorder these if your country does things differently -->
-
-          <city></city>
-
-          <region></region>
-
-          <code></code>
-
-          <country>USA</country>
-        </postal>
-
-        <email>agl@google.com</email>
-
-        <!-- uri and facsimile elements may also be added -->
-      </address>
-    </author>
-
     <author fullname="Nick Harper" initials="N."
             surname="Harper">
       <organization>Google Inc.</organization>
@@ -1370,6 +1345,7 @@ contexts. Other approaches are possible, but are outside the scope of this speci
       v16 2018-05-31  Dirk Balfanz   Incorporating GEN-ART review feedback.
       v17 2018-06-05  Dirk Balfanz   Incorporating GEN-ART review feedback.
       v18 2018-06-25  Andrei Popov   Incorporating GEN-ART review feedback: clarifying Section 6.
+      v18 2018-07-23  Andrei Popov   Removing Adam Langley from the co-authors list, on his request.
     -->
   </back>
 </rfc>

draft-ietf-tokbind-negotiation-14.xml

@@ -131,31 +131,6 @@
       </address>
     </author>
 
-    <author fullname="Adam Langley" initials="A."
-            surname="Langley">
-      <organization>Google Inc.</organization>
-
-      <address>
-        <postal>
-          <street></street>
-
-          <!-- Reorder these if your country does things differently -->
-
-          <city></city>
-
-          <region></region>
-
-          <code></code>
-
-          <country>USA</country>
-        </postal>
-
-        <email>agl@google.com</email>
-
-        <!-- uri and facsimile elements may also be added -->
-      </address>
-    </author>
-
     <date year="2018" />
 
     <!-- If the month and year are both specified and are the current ones, xml2rfc will fill 
@@ -185,7 +160,8 @@
 
     <abstract>
       <t>This document specifies a Transport Layer Security (TLS) extension for the negotiation of 
-      Token Binding protocol version and key parameters.</t>
+      the Token Binding protocol version and key parameters. Negotiation of Token Binding in TLS 
+      1.3 and later versions is beyond the scope of this document.</t>
     </abstract>
   </front>
 
@@ -195,9 +171,9 @@
       the client and server need to agree on the Token Binding protocol version and the parameters 
       (signature algorithm, length) of the Token Binding key. This document specifies a new TLS 
       <xref target="RFC5246" /> extension to accomplish this negotiation without introducing 
-      additional network round-trips in TLS 1.2 and earlier versions. The negotiation of the Token 
-      Binding protocol and key parameters in combination with TLS 1.3 and later versions is beyond 
-      the scope of this document.</t>
+      additional network round-trips in TLS 1.2 and earlier versions. 
+      <xref target="I-D.ietf-tokbind-tls13"/> describes the negotiation of the Token Binding 
+      protocol and key parameters in combination with TLS 1.3 and later versions.</t>
 
       <section title="Requirements Language">
         <t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD 
@@ -440,6 +416,7 @@ struct {
           <date year="2014" />
         </front>
       </reference>
+      <?rfc include="reference.I-D.ietf-tokbind-tls13.xml"?>
     </references>
 
     <!-- Change Log
@@ -462,6 +439,9 @@ struct {
       v12 2018-04-30  Andrei Popov   Clarifying the version negotiation language as suggested by Paul Kyzivat.
       v13 2018-05-09  Andrei Popov   Incorporating GEN-ART review feedback.
       v14 2018-05-23  Andrei Popov   Incorporating IESG review feedback.
+      v14 2018-07-24  Andrei Popov   Adding informative reference to the TBTLS13 document.
+                                     Adding language in the Abstract saying TLS 1.3 and later versions are out of scope.
+                                     Removing Adam Langley from the co-authors list, according to his request.
     -->
   </back>
 </rfc>

draft-ietf-tokbind-protocol-19.xml

@@ -136,31 +136,6 @@
       </address>
     </author>
 
-    <author fullname="Adam Langley" initials="A."
-            surname="Langley">
-      <organization>Google Inc.</organization>
-
-      <address>
-        <postal>
-          <street></street>
-
-          <!-- Reorder these if your country does things differently -->
-
-          <city></city>
-
-          <region></region>
-
-          <code></code>
-
-          <country>USA</country>
-        </postal>
-
-        <email>agl@google.com</email>
-
-        <!-- uri and facsimile elements may also be added -->
-      </address>
-    </author>
-
     <author fullname="Jeff Hodges" initials="J."
             surname="Hodges">
       <organization>PayPal</organization>
@@ -427,7 +402,7 @@
       <section title="TokenBinding.signature">
         <t>When rsa2048_pkcs1.5 is used, TokenBinding.signature contains the signature generated 
         using the RSASSA-PKCS1-v1_5 signature scheme defined in <xref target="RFC8017"/> with 
-        SHA256 as the hash function.</t>
+        SHA256 <xref target="FIPS.180-2.2002"/> as the hash function.</t>
 
         <t>When rsa2048_pss is used, TokenBinding.signature contains the signature generated using 
         the RSASSA-PSS signature scheme defined in <xref target="RFC8017"/> with SHA256 as the hash 
@@ -493,10 +468,10 @@
 
     <section title="Establishing a Token Binding">
       <section title="Client Processing Rules">
-        <t>The client MUST include at least one TokenBinding structure in the Token Binding message. 
-        The key parameters used in a provided_token_binding MUST match those negotiated with the 
-        server (e.g., via <xref target="I-D.ietf-tokbind-negotiation"/> or a different mechanism).
-        </t>
+        <t>The client MUST include at least one TokenBinding structure in the Token Binding 
+        message. When a provided_token_bindng is included, the key parameters used in a 
+        provided_token_binding MUST match those negotiated with the server (e.g., via 
+        <xref target="I-D.ietf-tokbind-negotiation"/> or a different mechanism).</t>
 
         <t>The client MUST generate and store Token Binding keys in a secure manner that prevents 
         key export. In order to prevent cooperating servers from linking user identities, the scope 
@@ -815,6 +790,16 @@
         </front>
         <seriesInfo name="FIPS" value="186-4" />
       </reference>
+      <reference anchor="FIPS.180-2.2002">
+        <front>
+          <title>Secure Hash Standard</title>
+          <author>
+            <organization>National Institute of Standards and Technology</organization>
+          </author>
+          <date year="2002" />
+        </front>
+        <seriesInfo name="FIPS" value="180-2" />
+      </reference>
     </references>
 
     <references title="Informative References">
@@ -885,6 +870,9 @@
                                      Acknowledging tokbind chairs and ADs.
       v18 2018-05-09  Andrei Popov   Incorporating GEN-ART review feedback.
       v18 2018-05-23  Andrei Popov   Incorporating IESG review feedback.
+      v18 2018-07-24  Andrei Popov   Adding normative reference to the SHA256 specification.
+                                     Clarifying the language in section 4.1 per EKR's comment.
+                                     Removing Adam Langley from the co-authors list, according to his request.
     -->
   </back>
 </rfc>