Exported Authenticators: The long road to RFC

The blog post discusses a new extension to TLS called Exported Authenticators (EAs), which is aimed at improving authentication possibilities and reducing the need for multiple TLS handshakes. EAs allow for application layer authentication that's as strong as TLS authentication, while also tying it to the TLS channel. The design of EAs follows closely to the design of TLS 1.3, which has undergone multiple rounds of formal analysis and consensus from the TLS Working Group at the IETF. Formal analysis is a technique that creates a mathematical description of the protocol, security properties, and model attacker, providing strong assurances that no major issues have been overlooked. Once EAs become an RFC, it will unlock new possibilities such as OPAQUE-EAs for password-based login on the web without revealing the password to the server.