Mercurial > hg > WebID / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset
minor change
authorHenry Story <henry.story@bblfish.net>
Mon, 01 Jul 2013 14:05:22 +0200
changeset 380 846cc82b366f
parent 379 c01ee21d4ef2
child 381 02912df11319
minor change
spec/tls-respec.html 
--- a/spec/tls-respec.html	Mon Jul 01 13:54:52 2013 +0200
+++ b/spec/tls-respec.html	Mon Jul 01 14:05:22 2013 +0200
@@ -724,7 +724,7 @@
         The <tref>Guard</tref> can then intercept that request and by checking access control rules associated with that type of request, determine if the client needs authorization and hence authentication.
         We will consider the case here where the client does need to be authenticated.
     </li>
-    <li>If the resource requires some form of authentication, the Guard MUST request the client to authenticate itself using public key cryptography by signing a token with its private key and have the Client send its Certificate. This has been carefully defined in the TLS protocol and can be summarized by the following steps:
+    <li>If the resource requires WebID authentication, the Guard MAY request the client to authenticate itself using public key cryptography by signing a token with its private key and have the Client send its Certificate. This has been carefully defined in the TLS protocol and can be summarized by the following steps:
         <ol>
             <li>The guard requests the TLS agent to make a Certificate Request to the client. The TLS layer does this. Because the WebID-TLS protocol does not rely on Certificate Authorities to verify the contents of the <tref>Certificate</tref>, the <tref>TLS Agent</tref> can ask for any Certificate from the Client. More details in <a href="#requesting-the-client-certificate">Requesting the Client Certificate</a>
             </li>
WebID

Hosted by W3C Systems Team, please report bugs to sysreq@w3.org