MSEdgeExplainers icon indicating copy to clipboard operation
MSEdgeExplainers copied to clipboard

Published 20 hours ago verified publisher icon MicrosoftEdge

Address gaps in BPoP protocol and feedback

Open sameerag opened this issue 2 years ago • 2 comments
trafficstars

Added support for the below:

  1. Edited the Explainer to add:

    • refresh-in support for background nonce renewal
    • expires-in support to reduce key verification frequency
    • Added adaptation considerations and key management considerations

  2. Added a new document (similar content but format more friendly for a W3 explainer)

  3. Pending:

    • Sequence diagrams

sameerag avatar Aug 08 '23 19:08 sameerag

A server may also return a new BPoP nonce on any 200 response.

why only 200? why it cannot be any response. We get first nonce via 401

Refers to: BindingContext/explainer.md:173 in bec12c8. [](commit_id = bec12c85762993aac874d80ae385b8e0e1e458c0, deletion_comment = False)

alextok avatar Sep 27 '23 04:09 alextok

A server may also return a new BPoP nonce on any 200 response.

why only 200? why it cannot be any response. We get first nonce via 401

Refers to: BindingContext/explainer.md:173 in bec12c8. [](commit_id = bec12c8, deletion_comment = False)

I think it is in-reference to piggy backing on regular oath flows, that BPoP-Nonce can be attached to any successful oauth response, and not specifically requested. @will-bartlett can clarify more.

sameerag avatar Sep 27 '23 05:09 sameerag