rfc9578v3.txt   rfc9578.txt 
Internet Engineering Task Force (IETF) S. Celi Internet Engineering Task Force (IETF) S. Celi
Request for Comments: 9578 Brave Software Request for Comments: 9578 Brave Software
Category: Standards Track A. Davidson Category: Standards Track A. Davidson
ISSN: 2070-1721 NOVA LINCS, Universidade NOVA de Lisboa ISSN: 2070-1721 NOVA LINCS, Universidade NOVA de Lisboa
S. Valdez S. Valdez
Google LLC Google LLC
C. A. Wood C. A. Wood
Cloudflare Cloudflare
May 2024 June 2024
Privacy Pass Issuance Protocols Privacy Pass Issuance Protocols
Abstract Abstract
This document specifies two variants of the two-message issuance This document specifies two variants of the two-message issuance
protocol for Privacy Pass tokens: one that produces tokens that are protocol for Privacy Pass tokens: one that produces tokens that are
privately verifiable using the Issuer Private Key and one that privately verifiable using the Issuer Private Key and one that
produces tokens that are publicly verifiable using the Issuer Public produces tokens that are publicly verifiable using the Issuer Public
Key. Instances of "issuance protocol" and "issuance protocols" in Key. Instances of "issuance protocol" and "issuance protocols" in
skipping to change at line 725 skipping to change at line 725
Content-Length: <Length of TokenResponse> Content-Length: <Length of TokenResponse>
<Bytes containing the TokenResponse> <Bytes containing the TokenResponse>
6.3. Finalization 6.3. Finalization
Upon receipt, the Client handles the response and, if successful, Upon receipt, the Client handles the response and, if successful,
processes the content as follows: processes the content as follows:
authenticator = authenticator =
Finalize(pkI, nonce, blind_sig, blind_inv) Finalize(pkI, PrepareIdentity(token_input), blind_sig, blind_inv)
The Finalize function is defined in Section 4.4 of [BLINDRSA]. If The Finalize function is defined in Section 4.4 of [BLINDRSA]. If
this succeeds, the Client then constructs a token as described in this succeeds, the Client then constructs a token as described in
[AUTHSCHEME] as follows: [AUTHSCHEME] as follows:
struct { struct {
uint16_t token_type = 0x0002; /* Type Blind RSA (2048-bit) */ uint16_t token_type = 0x0002; /* Type Blind RSA (2048-bit) */
uint8_t nonce[32]; uint8_t nonce[32];
uint8_t challenge_digest[32]; uint8_t challenge_digest[32];
uint8_t token_key_id[32]; uint8_t token_key_id[32];
skipping to change at line 1032 skipping to change at line 1032
Author: See the Authors' Addresses section of RFC 9578. Author: See the Authors' Addresses section of RFC 9578.
Change controller: IETF Change controller: IETF
9. References 9. References
9.1. Normative References 9.1. Normative References
[ARCHITECTURE] [ARCHITECTURE]
Davidson, A., Iyengar, J., and C. A. Wood, "The Privacy Davidson, A., Iyengar, J., and C. A. Wood, "The Privacy
Pass Architecture", RFC 9576, DOI 10.17487/RFC9576, May Pass Architecture", RFC 9576, DOI 10.17487/RFC9576, June
2024, <https://www.rfc-editor.org/info/rfc9576>. 2024, <https://www.rfc-editor.org/info/rfc9576>.
[AUTHSCHEME] [AUTHSCHEME]
Pauly, T., Valdez, S., and C. A. Wood, "The Privacy Pass Pauly, T., Valdez, S., and C. A. Wood, "The Privacy Pass
HTTP Authentication Scheme", RFC 9577, HTTP Authentication Scheme", RFC 9577,
DOI 10.17487/RFC9577, May 2024, DOI 10.17487/RFC9577, June 2024,
<https://www.rfc-editor.org/info/rfc9577>. <https://www.rfc-editor.org/info/rfc9577>.
[BLINDRSA] Denis, F., Jacobs, F., and C. A. Wood, "RSA Blind [BLINDRSA] Denis, F., Jacobs, F., and C. A. Wood, "RSA Blind
Signatures", RFC 9474, DOI 10.17487/RFC9474, October 2023, Signatures", RFC 9474, DOI 10.17487/RFC9474, October 2023,
<https://www.rfc-editor.org/info/rfc9474>. <https://www.rfc-editor.org/info/rfc9474>.
[HTTP] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, [HTTP] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "HTTP Semantics", STD 97, RFC 9110, Ed., "HTTP Semantics", STD 97, RFC 9110,
DOI 10.17487/RFC9110, June 2022, DOI 10.17487/RFC9110, June 2022,
<https://www.rfc-editor.org/info/rfc9110>. <https://www.rfc-editor.org/info/rfc9110>.
 End of changes. 4 change blocks. 
4 lines changed or deleted 4 lines changed or added

This html diff was produced by rfcdiff 1.48.