Technical Summary
This document specifies two variants of the two-message issuance
protocol for Privacy Pass tokens: one that produces tokens that are
privately verifiable using the issuance private key, and another that
produces tokens that are publicly verifiable using the issuance
public key.
Working Group Summary
Strong consensus (although the WG is relatively small)
Document Quality
There are deployed examples of the privacy pass protocol. References to
these implementations are included in the architecture document. This includes
two open source implementations that implement pieces of the architecture and vendor
products including private access tokens implemented by Apple, Cloudflare and
Fastly. These implementations communicate using the auth scheme defined in
this document (see e.g. https://developer.apple.com/news/?id=huqjyh7k,
https://www.fastly.com/blog/private-access-tokens-stepping-into-the-privacy-respecting-captcha-less).
A number of issues were addressed after various directorate reviews (esp the HTTPDIR review)
The 3 Media Types were approved by the Expert.
Personnel
The Document Shepherd for this document is Joseph A. Salowey. The
Responsible Area Director is Paul Wouters.