New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve terminology #121
Comments
This would IMO help. There seems to be important security properties related to demarcation between the requests and having terms that could lead to ambiguity doesn't seem good. |
I personally used the following terms when I implemented the client-side:
I didn't have terms for the inner requests and responses — the response was just a "decrypted response". But using "inner" might make sense, or "plaintext"? |
inner = encapsulated These all work for me. |
Hrm, on reflection, I don't think "oblivious request" and "oblivious response" will work for the client<>proxy messages, since oblivious request means something else in this document (the resource that decrypts the encapsulated request for the target). I have an alternative proposal in #121 that I think better describes the different requests and resources based on what they're doing. |
We need to improve the terminology in this draft. In particular, we need a distinguished term for the request to the proxy, which includes the encapsulated request, as well as a distinguished term for the inner request from client to target.
The text was updated successfully, but these errors were encountered: