A Token Binding key pair is a private/public key pair that the browser uses to authenticate itself during an HTTP session. Unlike TLS client certificates, the use of Token Binding keys does not require any interaction with the user. This is because:
Token Binding is a collection of draft specifications that describe a TLS Extension, a protocol message carrying one or more signatures generated by Token Binding keys, and an encoding of that protocol message for HTTP. Together, these specify how a browser can prove possession of a Token Binding key to a web server.
The Token Binding TLS extension allows client and server to negotiate the use of Token Binding. The basic idea is that once Token Binding is negotiated during the TLS handshake, clients will use Token Binding keys as part of the HTTP protocol. In particular, clients will add an additional Sec-Token-Binding HTTP header to requests they send to the server, which will include a proof (verifiable by the server) that the client is in possession of the private Token Binding key. Clients will use different Token Binding keys for different servers:
If the client doesn't have a suitable Token Binding key for the server it is connecting to, it will create a new Token Binding key. Unlike client certificates, Token Binding keys - and the proof that the client possesses them - do not include any information about the user (such as name, email address, etc.); instead, they simply assert - in a cryptographically strong way - that new HTTP sessions to a given server originate from the same client.
As noted above, there is no user interface for creating or using Token Binding keys. This is similar to the UI for HTTP cookies: there is typically no UI when a cookie is set, or when it is sent back to the server.
Token Binding keys are similar to cookies in other ways as well:
Once clients use Token Binding, we can build strong authentication mechanisms on top of this. As a first step, we can bind traditional HTTP cookies to the client's Token Binding keys. We can also Token Binding in "holder-of-key" (proof-key) assertions for single-sign-on or federation protocols.