- From: vanupam <notifications@github.com>
- Date: Tue, 21 Mar 2017 14:27:43 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 21 March 2017 21:28:22 UTC
vanupam commented on this pull request. > +(e.g., an identity provider) are presented by the user agent to a different server +(e.g., a relying party). +[[TOKBIND-PROTOCOL]] and [[TOKBIND-HTTPS]] describe support for Federated Token Binding. + +<p>A <dfn export id=referred-token-binding-id>referred token binding ID</dfn> is the +<a for=/>token binding ID</a> for a server other than the server to which the <a for=/>request</a> +is being sent. + +Script code from an <a for=/>origin</a> can set a <a for=/>request</a>'s +<a for=request>use-referred-token-binding flag</a> to ask the user agent to send +the <a for=/>token binding ID</a> for that <a for=/>origin</a> as a +<a for=/>referred token binding ID</a> +in the <a for=/>Token Binding Message</a> sent to a target server. + +Alternately, servers that redirect a user agent to a different server can use the +<code>Include-Referred-Token-Binding-ID</code> <a for=response>header</a>. Updated. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/325#discussion_r107280097
Received on Tuesday, 21 March 2017 21:28:22 UTC