- From: Vinod Anupam <notifications@github.com>
- Date: Wed, 02 May 2018 11:25:23 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 2 May 2018 18:25:45 UTC
vanupam commented on this pull request. > +<h4 id=using-federated-token-binding>Using Federated Token Binding</h4> + +<p>In the scenario described above, servers bind tokens to be used by user agents +with those servers. +To enable existing web authorization protocols to use bound credentials, +there is a need to support scenarios where bound credentials issued by one server +(e.g., an identity provider) are presented by the user agent to a different server +(e.g., a relying party). +[[TOKBIND-PROTOCOL]] and [[TOKBIND-HTTPS]] describe support for Federated Token Binding. + +<p>A <dfn export id=referred-token-binding-id>referred-token-binding ID</dfn> is the +<a for=/>token binding ID</a> for a server other than the server to which the +<a for=/>request</a> is being sent. + +Script code from an <a for=/>origin</a> can set a <a for=/>request</a>'s +<var>useReferredTokenBinding</var> attribute to ask the user agent to send Updated to use Request attribute. (Moot now: API changes have been removed.) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/715#discussion_r185593916
Received on Wednesday, 2 May 2018 18:25:45 UTC