Tommy Pauly

It might be nice to still have some text to still mention that server can send back 403 status codes, etc, if they don't like the client certs. Don't add...

If a client without a client cert would see a 403, then I think it makes sense to mention that sending a 403 is what would reasonably happen here. I...

I'll think about the names. This is likely too strong, but "inherited" could be called "coercive centralization" or "forced centralization", where another layer tries to enforce centralization on a higher...

I'm wondering if we could talk about this as "conditions for centralization to exist", with "motivating" and "enabling" factors. For example, in the case of social media concentration, it seems...

Since iOS/macOS support what will be the standardized IETF version of privacy pass, I don't think we have any intent of supporting the older versions that trust token wraps up.

The point here would be to include literally what is in a Geo IP feed file, and align with that rather than sharing new information that would not be available...

@FredericJacobs the token message that's signed includes the origin name, so the issuer doesn't need to have per-origin keys.

Next to `issuer-policy-window`, we could define a property like `issuer-policy-window-start`, which would include a UTC timestamp for when the policy windows all begin and must align to.

I think this is something that should go to future work, personally — knowing the fuller set of RRs is something clients would need, but probably should have some client...

Interesting idea! I have a couple comments/questions: - Part of the goal of Private Access Tokens is to move away from needing IP-based authentication/rate-limiting. It prefers rooting the authentication on...