- From: Anne van Kesteren <notifications@github.com>
- Date: Fri, 05 May 2017 00:13:40 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/325/review/36444943@github.com>
annevk commented on this pull request. > + <li><p>Let <var>providedTokenBindingKeyPair</var> be the result of getting the + <a for=/>token-binding key</a> for the <a for=/>origin</a> of <var>httpRequest</var>'s + <a for=request>current url</a> and <var>tlsConnection</var>'s + <a for=/>token-binding key parameters</a> metadata, obtained by following the steps in the + <a href=#getting-token-binding-key>Getting a Token Binding Key</a> section of this document. + + <li><p>Let <var>providedTokenBindingId</var> be the result of computing a + <a for=/>token binding ID</a> from <var>providedTokenBindingKeyPair</var>, + as described in + <a href="https://tools.ietf.org/html/draft-ietf-tokbind-protocol#section-3.2">section 3.2</a> + of [[!TOKBIND-PROTOCOL]]. + + <li><p>Let <var>providedTokenBinding</var> be the result of computing a <a for=/>token binding</a> + using <var>providedTokenBindingId</var> and type <code>provided_token_binding</code>, + containing a signature (using <var>providedTokenBindingKeyPair</var>) over the + <var>providedTokenBindingId</var> as well as <var>tlsConnection</var>'s Exported Keying Material, We should if it's necessary to explain the feature properly. If things are actually intertwined, let's just own up to that and not leave things undefined and for folks to guess or reverse engineer at. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/325#discussion_r114941536
Received on Friday, 5 May 2017 07:14:14 UTC