Re: [whatwg/fetch] Update Fetch to support Token Binding. (#325) from Vinod Anupam on 2018-04-14 (public-webapps-github@w3.org from April 2018)

From: Vinod Anupam <notifications@github.com>
Date: Sat, 14 Apr 2018 03:45:41 +0000 (UTC)
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/pull/325/review/112195715@github.com>

vanupam commented on this pull request.



> +<code>https://rp.org/</code> to the target <a for=request>origin</a>
+<code>https://idp.org/</code>.
+The user agent discloses the <a for=/>token binding ID</a> by including a
+<a for=/>referred-token-binding ID</a> for <a for=request>origin</a>
+<code>https://rp.org/</code> (in addition to the <a for=/>token binding ID</a>
+for <a for=request>origin</a> <code>https://idp.org/</code>)
+in the <a for=/>Token Binding Message</a> that is created for the
+<a for=/>request</a> to <code>https://idp.org/</code>.
+
+<p>Alternately, servers that redirect a user agent to a different server can use the
+`<dfn http-header><code>Include-Referred-Token-Binding-ID</code></dfn>`
+response <a for=/>header</a>.
+
+<pre>
+Include-Referred-Token-Binding-ID = %x74.72.75.65 ; "true", case-sensitive
+</pre>

Added reference to format.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/325#discussion_r181540452

Received on Saturday, 14 April 2018 03:46:12 UTC