Script updating gh-pages from 9296b02. [ci skip]

oauth-wg · Feb 13, 2025 · 91ce788 · 91ce788
1 parent 7631bf9
commit 91ce788
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/PieterKas-patch-1/draft-ietf-oauth-transaction-tokens.html b/PieterKas-patch-1/draft-ietf-oauth-transaction-tokens.html
@@ -2286,7 +2286,7 @@ <h3 id="name-transaction-token-service-d">
 <a href="#section-9.8" class="section-number selfRef">9.8. </a><a href="#name-transaction-token-service-d" class="section-name selfRef">Transaction Token Service Discovery</a>
         </h3>
 <p id="section-9.8-1">A workload may use various mechanisms to determine which Transaction Token Service to interact with. Workloads MUST retrieve configuration information from a trusted source to minimize the risk of a threat actor providing malicious configuration data that points to a Transaction Token Service under it's control. Such a service could be used to collect Access Tokens sent as part of the Transaction Token Request message.<a href="#section-9.8-1" class="pilcrow">¶</a></p>
-<p id="section-9.8-2">To mitigate this risk, workloads SHOULD authenticate the service providing the configuration information and verify the integrity of the configuration information. This ensures that no unauthorized entity can insert or alter configuration data. The workload SHOULDuse Transport Layer Security (TLS) to authenticate the endpoint and secure the communication channel. Additionally, application-layer signatures or message authentication codes MAY be used to detect any tampering with the configuration information.<a href="#section-9.8-2" class="pilcrow">¶</a></p>
+<p id="section-9.8-2">To mitigate this risk, workloads SHOULD authenticate the service providing the configuration information and verify the integrity of the configuration information. This ensures that no unauthorized entity can insert or alter configuration data. The workload SHOULD use Transport Layer Security (TLS) to authenticate the endpoint and secure the communication channel. Additionally, application-layer signatures or message authentication codes MAY be used to detect any tampering with the configuration information.<a href="#section-9.8-2" class="pilcrow">¶</a></p>
 </section>
 </div>
 <div id="workload-configuration-protection">

diff --git a/PieterKas-patch-1/draft-ietf-oauth-transaction-tokens.txt b/PieterKas-patch-1/draft-ietf-oauth-transaction-tokens.txt
@@ -1072,11 +1072,11 @@ Table of Contents
    To mitigate this risk, workloads SHOULD authenticate the service
    providing the configuration information and verify the integrity of
    the configuration information.  This ensures that no unauthorized
-   entity can insert or alter configuration data.  The workload
-   SHOULDuse Transport Layer Security (TLS) to authenticate the endpoint
-   and secure the communication channel.  Additionally, application-
-   layer signatures or message authentication codes MAY be used to
-   detect any tampering with the configuration information.
+   entity can insert or alter configuration data.  The workload SHOULD
+   use Transport Layer Security (TLS) to authenticate the endpoint and
+   secure the communication channel.  Additionally, application-layer
+   signatures or message authentication codes MAY be used to detect any
+   tampering with the configuration information.
 
 9.9.  Workload Configuration Protection