If you haven’t heard we’re lighting up Token Binding on all our important services. Azure AD is one of the first to take advantage of this. Check out what Alex and Pamela have to say on the topic.

One of the most important of these improvements is the Token Binding family of specifications which is now well on its way towards final ratification at the Internet Engineering Task Force (IETF). (If you want to learn more about token binding, watch this great presentation by Brian Campbell.)

At Microsoft, we believe that the Token Binding can greatly improve the security of both enterprise and consumer scenarios by making high identity and authentication assurance broadly and simply accessible to developers around the world.

Given how positive we believe this impact can be, we have been and continue to be deeply committed to working with the community for creation and adoption of the token binding family of specifications.

Now that the specifications are close to ratification, I’d like to issue two calls to action:

  1. Begin experimenting with token binding and planning your deployments.
  2. Contact your browser and software vendors, asking them to ship token binding implementations soon if they aren’t already.

I happen to own Token Binding in Windows and I have some thoughts on the matter as well…

Join the conversation