Home / Companies / Cloudflare / Blog / Post Details
Content Deep Dive

Exported Authenticators: The long road to RFC

Blog post from Cloudflare

Post Details
Company
Date Published
Author
Jonathan Hoyland
Word Count
2,292
Company Posts That Month
47
Language
English
Hacker News Points
34
Post removed?
No
Summary

The blog post discusses a new extension to TLS called Exported Authenticators (EAs), which is aimed at improving authentication possibilities and reducing the need for multiple TLS handshakes. EAs allow for application layer authentication that's as strong as TLS authentication, while also tying it to the TLS channel. The design of EAs follows closely to the design of TLS 1.3, which has undergone multiple rounds of formal analysis and consensus from the TLS Working Group at the IETF. Formal analysis is a technique that creates a mathematical description of the protocol, security properties, and model attacker, providing strong assurances that no major issues have been overlooked. Once EAs become an RFC, it will unlock new possibilities such as OPAQUE-EAs for password-based login on the web without revealing the password to the server.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.