- From: vanupam <notifications@github.com>
- Date: Thu, 11 May 2017 13:44:02 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 11 May 2017 20:44:36 UTC
vanupam commented on this pull request. > +of the Token Binding over HTTP spec [[TOKBIND-HTTPS]]. + +<p>By setting the `<code>Include-Referred-Token-Binding-ID</code>` <a for=response>header</a> to +`<code>true</code>` in the redirect response, the <a for=request>origin</a> that +sends the redirect <a for=/>response</a> (the "referring <a for=request>origin</a>" in the +<a for=/>Token Binding</a> sense) tells the user agent to disclose the +<a for=/>token binding ID</a> used by the user agent for that <a for=request>origin</a> +to the target <a for=request>origin</a>. The user agent does this while processing the +`<code>Include-Referred-Token-Binding-ID</code>` <a for=response>header</a> in the redirect +<a for=/>response</a>, by adding a <a for=/>referred-token-binding ID</a> in the +<a for=/>Token Binding Message</a> that is created when the <a for=/>request</a> +is sent to the target server. + +<h4 id=getting-token-binding-key>Getting a Token Binding Key</h4> + +<p>Get the <a for=/>token-binding key</a> for an <a for=/>origin</a> <var>tokenBindingOrigin</var> Added. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/325#discussion_r116097288
Received on Thursday, 11 May 2017 20:44:36 UTC