Skip to content

Commit

Permalink
Consider making permission defaults * instead of self
Browse files Browse the repository at this point in the history
Not asking for review of this yet, but posting here for consideration as part of #106
  • Loading branch information
arichiv authored Sep 9, 2024
1 parent 3530525 commit 34ca12a
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions spec.bs
Original file line number Diff line number Diff line change
Expand Up @@ -580,9 +580,9 @@ Note: [=request/Private token refresh policy=] is ignored unless [=request/priva

This specification defines two new [=policy-controlled features=]. Exactly one of these policy features applies for a given Private State Token operation.

The [=policy-controlled feature=] identified by "<dfn data-dfn-for="policy-controlled feature"><code>private-state-token-issuance</code></dfn>" applies for the <code>"token-request"</code> operation. The [=default allowlist=] for this feature is <code>["self"]</code>.
The [=policy-controlled feature=] identified by "<dfn data-dfn-for="policy-controlled feature"><code>private-state-token-issuance</code></dfn>" applies for the <code>"token-request"</code> operation. The [=default allowlist=] for this feature is <code>*</code>.

The [=policy-controlled feature=] identified by "<dfn data-dfn-for="policy-controlled feature"><code>private-state-token-redemption</code></dfn>" applies for the <code>"send-redemption-record"</code> and <code>"token-redemption"</code> operations. The [=default allowlist=] for this feature is <code>["self"]</code>.
The [=policy-controlled feature=] identified by "<dfn data-dfn-for="policy-controlled feature"><code>private-state-token-redemption</code></dfn>" applies for the <code>"send-redemption-record"</code> and <code>"token-redemption"</code> operations. The [=default allowlist=] for this feature is <code>*</code>.

A [=request=] has an associated <dfn for="request">pstPretokens</dfn>, which is null or a [=byte sequence=].

Expand Down

0 comments on commit 34ca12a

Please sign in to comment.