Skip to content

Fixing typos #41

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
shanedk wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fixing typos #41

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions src/draft-sqrl.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -933,13 +933,13 @@ VUK = ed25519_public_key( curve25519_key_agreement( ILK, RLK ));]]></artwork>
<t hangText="btn"><vspace/>When receiving an "ask" query from the server, the client displays the query to the user. Once the user responds, the client MUST include the "btn" parameter with the character "1" or "2" depending on which button the user selected. If the prompt was acknowledged without selecting either button, "btn=3" is returned.</t>
<t hangText="idk"><vspace/>The IDentity Key. This is the user's SSPK which uniquely identifies them to the realm. See <xref format="title" target="IDK" />.</t>
<t hangText="pidk"><vspace/>The Previous IDentity Key. When a user has rekeyed their identity, it must be updated on any server the user has not visited since the rekeying. During one or more queries, the client will present the server with the user's current IDK and the previous PIDK along with its matching signature. This process MUST be repeated for each PIDK until either the authentication is successful and the IDK updated, or until the client runs out of PIDKs, causing the authentication to fail.</t>
<t hangText="suk"><vspace/>The <xref target="SUK">Server Unlock Key</xref>. Included in every query where the immediately previous server reply did not have the 0x01 bit of its TIF flags set. See <xref target="tif">Transaction Information Flags (TIFs)</xref>.</t>
<t hangText="vuk">The <xref target="VUK">Verify Unlock Key</xref>. Generated along with and always accompanies the SUK. [Add reference to TIF once that section is written]<vspace/></t>
<t hangText="ins"><vspace/>The INdex Secret. When the immediately previous server reply contains a "sin" parameter, the user's <xref target="SSSK">SSSK</xref> is passed through <xref target="algo-enhash">EnHash</xref> and used to key a secondary HMAC256 to hash the server's "sin" value. The output is base64url encoded and sent as the value for the "ins" parameter.</t>
<t hangText="suk"><vspace/>The Server Unlock Key. Included in every query where the immediately previous server reply did not have the 0x01 bit of its TIF flags set. See <xref target="tif">Transaction Information Flags (TIFs)</xref>.</t>
<t hangText="vuk"><vspace/>The Verify Unlock Key. Generated along with and always accompanies the SUK. See <xref target="tif">Transaction Information Flags (TIFs)</xref>.</t>
<t hangText="ins">The INdex Secret. When the immediately previous server reply contains a "sin" parameter, the user's <xref target="SSSK">SSSK</xref> is passed through <xref target="algo-enhash">EnHash</xref> and used to key a secondary HMAC256 to hash the server's "sin" value. The output is base64url encoded and sent as the value for the "ins" parameter.</t>
<t hangText="pins"><vspace/>The Previous INdex Secret. When the authentication was made using a PIDK, the client MUST include the corresponding PINS, calculated the same way as the INS, in its query.</t>
<t hangText="ids"><vspace/>The IDentity Signature. Authenticates the contents of the query block to the server. The SSSK is used to sign the concatenated values of the client and server prarameters.</t>
<t hangText="pids"><vspace/>The Previous IDentity Signature. Used when authentication was made using a PIDK.</t>
<t hangText="URS"><vspace/>Unlock Request Signature. When an account is locked, the server sends the SUK to the client, the client's IUK is used to generate the unlock request. The URS is the result of DHKA ( SUK, IUK ).</t>
<t hangText="URS"><vspace/>Unlock Request Signature. When an account is locked, the server sends the SUK to the client. The client's IUK is used to generate the unlock request. The URS is the result of DHKA ( SUK, IUK ).</t>
</list></t>
<t>The client MAY include additional name=value pairs not defined to support extensions to the SQRL protocol. Any undefined "name=" parameter SHOULD simply be ignored.</t>
<section anchor="cmd" title="Command Tokens">
Expand All @@ -953,7 +953,7 @@ VUK = ed25519_public_key( curve25519_key_agreement( ILK, RLK ));]]></artwork>
</section>
<section anchor="opt" title="Options">
<t><list style="hanging">
<t hangText="noiptest"><vspace/>Instructs the server to disable same-IP verification. Results in the 0x04 "IPs matched" TIF to be activated even if the IP addresses did not match. Used when the client knows the link was received from a remote device (e.g., when a QR code was scanned).</t>
<t hangText="noiptest"><vspace/>Instructs the server to disable same-IP verification. Results in the 0x04 "IPs matched" TIF being activated even if the IP addresses did not match. Used when the client knows the link was received from a remote device (e.g., when a QR code was scanned).</t>
<t hangText="sqrlonly"><vspace/>Requests that the server disable any alternative non-SQRL autentication methods such as username/password authentication.</t>
<t hangText="hardlock"><vspace/>Disables "out of band" changes to the user's SQRL identity such as security questions and email resets.</t>
<t hangText="cps"><vspace/>Client Provided Session. Informs the server that the client has a secure and private means of returning a server-supplied URL to the web browser after successful authentication.</t>
Expand Down