Sync

relaycorp · Apr 5, 2024 · dbcaa33 · dbcaa33
1 parent 23a0a65
commit dbcaa33
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 5 deletions.
diff --git a/src/content/docs/mitigations/authentication.md b/src/content/docs/mitigations/authentication.md
@@ -1,10 +1,10 @@
 ---
-title: Authentication
+title: Client authentication
 sidebar:
   order: 3
 ---
 
-Authentication is the process of verifying the identity of a client or its user.
+Authentication is the process of verifying the identity of a client.
 In the context of DDoS mitigation,
 authentication plays a crucial role in ensuring that users comply with policies such as [rate limits](./rate-limiting.md),
 regardless of the network from which they are connecting.
@@ -72,4 +72,4 @@ or a dedicated registry to alert other services.
 
 - [Abuse reporting](./abuse-reporting.md).
 - [Client-based rate limiting](./rate-limiting.md).
-- [Client reputation scoring](./client-reputation.md), which could use authentication data amongst its signals.
+- [Client reputation scoring](./client-reputation.md), which could use the user's historic activity across devices and IP addresses amongst its signals.
diff --git a/src/content/docs/mitigations/client-reputation.md b/src/content/docs/mitigations/client-reputation.md
@@ -10,17 +10,26 @@ which estimates how likely it is to be malicious.
 This can determine which other [mitigations](./index.md) to apply
 (e.g. [cryptographic challenges](./crypto-challenges.md)) and how.
 
-Client reputation scoring can complement IP-based reputation systems used in
-[reverse proxies](./reverse-proxies.md)
+Client reputation scoring can complement IP-based reputation systems,
+used in [reverse proxies](./reverse-proxies.md)
 like [Akamai](https://techdocs.akamai.com/identity-cloud/docs/client-reputation-1) and [Cloudflare](https://developers.cloudflare.com/waf/custom-rules/use-cases/block-ip-reputation/),
 by considering signals about the client across devices and IP addresses.
+
 The signals that can be used to calculate the score include:
 
 - The age of the account.
 - Usage patterns.
 - Whether the client runs on a [trusted app](./app-attestation.md).
 - Whether the client has passed any [humanity verification test](./humanity-verification.md), if applicable.
 
+## Private State Tokens
+
+[Private State Tokens](https://developers.google.com/privacy-sandbox/protections/private-state-tokens)
+is a privacy-preserving protocol proposed by Google that allows users to demonstrate their
+trustworthiness on one website by sharing that they are trusted on another.
+As an experimental protocol designed to work in browsers and supported solely by Chrome,
+its applications may be limited for the time being.
+
 ## See also
 
 - [Client-based rate limiting](rate-limiting.md).