Merge pull request #224 from ietf-wg-privacypass/tfpauly-patch-11

ietf-wg-privacypass · Nov 23, 2022 · b4817b1 · b4817b1
2 parents c671a6d + 17f2693
commit b4817b1
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/draft-ietf-privacypass-auth-scheme.md b/draft-ietf-privacypass-auth-scheme.md
@@ -41,11 +41,12 @@ challenge clients to present an acceptable Privacy Pass token.
 # Introduction {#introduction}
 
 Privacy Pass tokens are unlinkable authenticators that can be used to
-anonymously authorize a client (see {{?ARCHITECTURE=I-D.ietf-privacypass-architecture}}). A
-client possessing such a token is able to prove that it was able to get a token
-issued by a token issuer -- based on some check from a token issuer, such as
-authentication or solving a CAPTCHA -- without allowing the relying party
-redeeming the client's token (the origin) to link it with issuance flow.
+anonymously authorize a client (see {{?ARCHITECTURE=I-D.ietf-privacypass-architecture}}).
+Tokens are generated by token issuers, on the basis of authentication,
+attestation, or some previous action such as solving a CAPTCHA. A client
+possessing such a token is able to prove that it was able to get a token
+issued, without allowing the relying party redeeming the client's token
+(the origin) to link it with the issuance flow.
 
 Different types of authenticators, using different token issuance protocols, can
 be used as Privacy Pass tokens.