Skip to content

Commit 6d4e2d6

Browse files
kmonsenkmonsen
authored
Add files via upload
1 parent fb0a4a7 commit 6d4e2d6

File tree

1 file changed

+26
-16
lines changed

1 file changed

+26
-16
lines changed

spec.bs

+26-16
Original file line numberDiff line numberDiff line change
@@ -274,19 +274,20 @@ The <dfn>session credential</dfn> is a [=struct=] with the following
274274
1. Let |header name| be "<code>Sec-Session-Challenge</code>".
275275
1. Let |challenge list| be the result of executing <a>get a structured
276276
field value</a> given |header name| and "list" from |response|’s
277-
[=response/header list=]. <a>parsing structured fields</a>
277+
[=response/header list=].
278278
1. [=list/For each=] |challenge entry| of |challenge list|:
279279
1. Parse |challenge entry| according to <a>parsing structured fields</a>.
280280
1. If the type of |challenge entry| is not string [=iteration/continue=].
281281
1. Let |challenge| be the parsed item.
282282
1. Let |session id| be null.
283-
1. If params["id"] exists and is a string, Set |session id| to params["id"]
283+
1. If params["id"] exists and is a string, Set |session id| to params["id"].
284284
1. If [=response/status=] is 401, resend this request as is with updated
285-
|challenge| in [=DBSC proof=]
285+
|challenge| in [=DBSC proof=].
286286
1. Otherwise:
287-
1. If |session id| is null, [=iteration/continue=]
287+
1. If |session id| is null, [=iteration/continue=].
288288
1. Identify session as described in [=identify a session=] given
289289
|response| and |session id| and store as |session object|.
290+
1. If |session object| is null, [=iteration/continue=].
290291
1. Store |challenge| in |session object| to be used next time a
291292
[=DBSC proof=] is to be sent from this [=device bound session=].
292293
</div>
@@ -306,17 +307,25 @@ parsing the registration structured header defined in
306307
field value</a> given |header name| and "list" from |response|’s
307308
[=response/header list=].
308309
1. [=list/For each=] |registration entry|, |params| → |registration list|:
309-
1. Parse |registration entry| as an innner list. Let |algorithm list| be a
310-
list of tokens from the inner list where only algorithms supported on this
311-
client should be added. If this list is empty return failure.
312-
1. If |params|["path"] exists and is a string let |path| be |params|["path"]
313-
1. Otherwise return failure.
314-
1. Let |challenge| be null and Let |authorization| be null.
315-
1. If |params|["challenge"] exists and is a string Set |challenge| to
316-
|params|["challenge"].
310+
1. Parse |registration entry| according to <a>parsing structured fields</a>.
311+
1. If |registration entry| is not an <a>sf-inner-list</a>,
312+
[=iteration/continue=].
313+
1. Let |algorithm list| be an empty [=list=].
314+
1. [=list/For each=] |algorithm| → |registration entry|
315+
1. If |algorithm| is not a <a>sf-token</a>, [=iteration/continue=].
316+
1. If |algorithm| represents a crypto algorithm supported in
317+
[:Sec-Session-Registration:], and is supported on this client, add
318+
|algorithm| to |algorithm list|
319+
1. If |algorithm list| is empty, [=iteration/continue=].
320+
1. If |params|["path"] does not exist, or is not of type <a>sf-string</a>,
321+
[=iteration/continue=].
322+
1. Let |path| be |params|["path"].
323+
1. Let |challenge| be null, and Let |authorization| be null.
324+
1. If |params|["challenge"] exists and is of type <a>sf-string</a>
325+
Set |challenge| to |params|["challenge"].
317326
1. If |params|["authorization"] exists and is a string Set |authorization|
318327
to |params|["authorization"].
319-
1. Call [[#algo-session-request]] with |registration list|, |path|,
328+
1. Call [[#algo-session-request]] with |algorithm list|, |path|,
320329
|challenge| and |authorization| parameters.
321330
</div>
322331

@@ -343,12 +352,13 @@ MUST be a <a>sf-token</a> representing a supported algorithm (ES256, RS256).
343352
Only these two values are currently supported.
344353

345354
The following parameters are defined:
355+
- A parameter whose key is "path", and whose value is a String (Section 3.3.3 of
356+
[[RFC8941]]), conveying the path to the registration endpoint. This may be
357+
relative to the current [=url=], or a full [=url=]. Entries without this
358+
parameter will be ignored in [=algo-create-session=].
346359
- A parameter whose key is "challenge", and whose value is a String (Section
347360
3.3.3 of [[RFC8941]]), conveying the challenge to be used in the session
348361
registration.
349-
- A parameter whose key is "path", and whose value is a String (Section 3.3.3 of
350-
[[RFC8941]]), conveying the path to the registration endpoint. This may be
351-
relative to the current [=url=], or a full [=url=].
352362
- A parameter whose key is "authorization", and whose value is a String (Section
353363
3.3.3 of [[RFC8941]]), this parameter will be copied into the registration
354364
JWT.

0 commit comments

Comments
 (0)