From a23f23fcf06697480bd199a5bb1bbc5128b6f804 Mon Sep 17 00:00:00 2001 From: David Schinazi Date: Mon, 26 Jun 2023 11:40:21 -0700 Subject: [PATCH] Review comment from CAW Co-authored-by: Christopher Wood --- draft-ietf-httpbis-unprompted-auth.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-httpbis-unprompted-auth.md b/draft-ietf-httpbis-unprompted-auth.md index 24598381f..aabd3357e 100644 --- a/draft-ietf-httpbis-unprompted-auth.md +++ b/draft-ietf-httpbis-unprompted-auth.md @@ -239,7 +239,7 @@ Key material used for the Signature HTTP authentication scheme MUST NOT be reused in other protocols. Doing so can undermine the security guarantees of the authentication. -Origins offering this scheme are able to link requests that use the same key. +Origins offering this scheme can link requests that use the same key. However, requests are not linkable across origins if the keys used are specific to the individual origins using this scheme.