- From: vanupam <notifications@github.com>
- Date: Tue, 21 Mar 2017 14:27:34 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 21 March 2017 21:28:06 UTC
vanupam commented on this pull request. > +Sec-Token-Binding = 1*( ALPHA / DIGIT / "-" / "_" ) *2( "=" ) +</pre> + +<p>The value of the <code>Sec-Token-Binding</code> <a for=/>header</a> is a +<dfn export id=token-binding-message>Token Binding Message</dfn> as specified in +<a href="https://tools.ietf.org/html/draft-ietf-tokbind-https#section-2">section 2</a> +of the Token Binding over HTTP spec [[!TOKBIND-HTTPS]]. +A <a for=/>token binding message</a> is a list of <a for=/>token binding</a>s, +where each <a for=/>token binding</a> consists of a +<a for=/>token binding ID</a>, a <a for=/>token binding type</a> and a cryptographic signature. + +<h4 id=federated-token-binding>Federated Token Binding</h4> + +<p>In the scenario described above, servers bind tokens to be used by user agents +with those servers. +To enable existing Web Authorization protocols to use bound credentials, Fixed. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/325#discussion_r107280075
Received on Tuesday, 21 March 2017 21:28:06 UTC