You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This section defines a mechanism for identifying agents and end users that interact
3
3
with a linked web storage server. This specification does not mandate a particular
4
-
format for authentication credentials, though it does describe how existing identity systems
4
+
format for an <a>authentication credential</a>, though it does describe how existing identity systems
5
5
can be used in conjunction with the linked web storage authorization framework.
6
6
</p>
7
7
@@ -10,16 +10,16 @@ <h3>Authentication Credential Data Model</h3>
10
10
11
11
<p>
12
12
The data model described in this section outlines the requirements for any
13
-
concrete serialization of an authentication credential.
13
+
concrete serialization of an <a>authentication credential</a>.
14
14
</p>
15
15
16
16
<p>
17
-
An authentication credential MUST include tamper evident claims about a subject, including:
17
+
An <a>authentication credential</a> MUST include tamper evident claims about a subject, including:
18
18
</p>
19
19
20
20
<ul>
21
21
<li><dfn>subject</dfn><strong>REQUIRED</strong> — an identifier for an end user. This MUST be a URI.</li>
22
-
<li><dfn>issuer</dfn><strong>REQUIRED</strong> — an identifier for the entity that issued the authentication credential. This MUST be a URI.</li>
22
+
<li><dfn>issuer</dfn><strong>REQUIRED</strong> — an identifier for the entity that issued the <a>authentication credential</a>. This MUST be a URI.</li>
23
23
<li><dfn>client</dfn><strong>REQUIRED</strong> — an identifier for a client application. This SHOULD be a URI.</li>
24
24
<li><dfn>audience restriction</dfn><strong>RECOMMENDED</strong> — a list of values that SHOULD include an authorization server identifier.</li>
25
25
</ul>
@@ -28,21 +28,21 @@ <h3>Authentication Credential Data Model</h3>
28
28
<sectionid="authentication-validation">
29
29
<h3>Authentication Credential Validation</h3>
30
30
<p>
31
-
Validation of an authentication credential requires a trust relationship between the
31
+
Validation of an <a>authentication credential</a> requires a trust relationship between the
32
32
verifier and issuer of the credential. This trust relationship MAY be established
33
33
through an out-of-band mechanism. Any additional mechanisms for establishing trust
34
-
between a verifier and an issuer are outlined in specific authentication suites.
34
+
between a verifier and an issuer are outlined in specific <adata-lt="authentication suite">authentication suites</a>.
35
35
</p>
36
36
37
37
<p>
38
-
An authentication credential MUST be signed. It is RECOMMENDED that the signature uses asymmetric cryptography.
38
+
An <a>authentication credential</a> MUST be signed. It is RECOMMENDED that the signature uses asymmetric cryptography.
39
39
</p>
40
40
</section>
41
41
42
42
<sectionid="authentication-type-identifier">
43
43
<h3>Authentication Credential Type Identifiers</h3>
44
44
<p>
45
-
Each authentication suite MUST be associated with a token type URI. An authentication suite SHOULD use a URI defined in the IANA "OAuth URI" registry.
45
+
Each <a>authentication suite</a> MUST be associated with a token type URI. An <a>authentication suite</a> SHOULD use a URI defined in the IANA "OAuth URI" registry.
0 commit comments