rfc9577v2.txt   rfc9577.txt 
skipping to change at line 111 skipping to change at line 111
Section 11), "PrivateToken", that allows Clients to redeem various Section 11), "PrivateToken", that allows Clients to redeem various
kinds of Privacy Pass tokens. kinds of Privacy Pass tokens.
Clients and relying parties (Origins) interact using this scheme to Clients and relying parties (Origins) interact using this scheme to
perform the token challenge and token redemption flow. In perform the token challenge and token redemption flow. In
particular, Origins challenge Clients for a token with an HTTP particular, Origins challenge Clients for a token with an HTTP
authentication challenge (using the WWW-Authenticate response header authentication challenge (using the WWW-Authenticate response header
field). Clients can then react to that challenge by issuing a new field). Clients can then react to that challenge by issuing a new
request with a corresponding token (using the Authorization request request with a corresponding token (using the Authorization request
header field). Clients generate tokens that match the Origin's token header field). Clients generate tokens that match the Origin's token
challenge by running the token issuance protocol [ISSUANCE]. The act challenge by running one of the token issuance protocols defined in
of presenting a token in an Authorization request header field is [ISSUANCE]. The act of presenting a token in an Authorization
referred to as "token redemption". This interaction between the request header field is referred to as "token redemption". This
Client and Origin is shown below. interaction between the Client and Origin is shown below.
+--------+ +--------+ +--------+ +--------+
| Origin | | Client | | Origin | | Client |
+---+----+ +---+----+ +---+----+ +---+----+
| | | |
+-- WWW-Authenticate: TokenChallenge -->| +-- WWW-Authenticate: TokenChallenge -->|
| | | |
| (Run issuance protocol) | (Run issuance protocol)
| | | |
|<------ Authorization: token ----------+ |<------ Authorization: token ----------+
skipping to change at line 932 skipping to change at line 932
7.2. Informative References 7.2. Informative References
[COOKIES] Bingler, S., Ed., West, M., Ed., and J. Wilander, Ed., [COOKIES] Bingler, S., Ed., West, M., Ed., and J. Wilander, Ed.,
"Cookies: HTTP State Management Mechanism", Work in "Cookies: HTTP State Management Mechanism", Work in
Progress, Internet-Draft, draft-ietf-httpbis-rfc6265bis- Progress, Internet-Draft, draft-ietf-httpbis-rfc6265bis-
13, 15 November 2023, 13, 15 November 2023,
<https://datatracker.ietf.org/doc/html/draft-ietf-httpbis- <https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-
rfc6265bis-13>. rfc6265bis-13>.
[ISSUANCE] Celi, S., Davidson, A., Valdez, S., and C. A. Wood, [ISSUANCE] Celi, S., Davidson, A., Valdez, S., and C. A. Wood,
"Privacy Pass Issuance Protocol", RFC 9578, "Privacy Pass Issuance Protocols", RFC 9578,
DOI 10.17487/RFC9578, May 2024, DOI 10.17487/RFC9578, May 2024,
<https://www.rfc-editor.org/info/rfc9578>. <https://www.rfc-editor.org/info/rfc9578>.
[RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker,
"Randomness Requirements for Security", BCP 106, RFC 4086, "Randomness Requirements for Security", BCP 106, RFC 4086,
DOI 10.17487/RFC4086, June 2005, DOI 10.17487/RFC4086, June 2005,
<https://www.rfc-editor.org/info/rfc4086>. <https://www.rfc-editor.org/info/rfc4086>.
[RFC8470] Thomson, M., Nottingham, M., and W. Tarreau, "Using Early [RFC8470] Thomson, M., Nottingham, M., and W. Tarreau, "Using Early
Data in HTTP", RFC 8470, DOI 10.17487/RFC8470, September Data in HTTP", RFC 8470, DOI 10.17487/RFC8470, September
 End of changes. 2 change blocks. 
5 lines changed or deleted 5 lines changed or added

This html diff was produced by rfcdiff 1.48.