Merge branch 'master' into clarify-json-serialization

1 files changed, 19 insertions, 25 deletions

diff --git a/98.md b/98.md
index ecbebc0..ca52304 100644
--- a/98.md
+++ b/98.md
@@ -2,13 +2,13 @@ NIP-98
 ======
 
 HTTP Auth
--------------------------
+---------
 
-`draft` `optional` `author:kieran` `author:melvincarvalho`
+`draft` `optional`
 
-This NIP defines an ephemerial event used to authorize requests to HTTP servers using nostr events.
+This NIP defines an ephemeral event used to authorize requests to HTTP servers using nostr events.
 
-This is useful for HTTP services which are build for Nostr and deal with Nostr user accounts.
+This is useful for HTTP services which are built for Nostr and deal with Nostr user accounts.
 
 ## Nostr event
 
@@ -16,7 +16,7 @@ A `kind 27235` (In reference to [RFC 7235](https://www.rfc-editor.org/rfc/rfc723
 
 The `content` SHOULD be empty.
 
-The following tags are defined as REQUIRED.
+The following tags MUST be included.
 
 * `u` - absolute URL
 * `method` - HTTP Request Method
@@ -24,28 +24,22 @@ The following tags are defined as REQUIRED.
 Example event:
 ```json
 {
-    "id": "fe964e758903360f28d8424d092da8494ed207cba823110be3a57dfe4b578734",
-    "pubkey": "63fe6318dc58583cfe16810f86dd09e18bfd76aabc24a0081ce2856f330504ed",
-    "content": "",
-    "kind": 27235,
-    "created_at": 1682327852,
-    "tags": [
-        [
-            "u",
-            "https://api.snort.social/api/v1/n5sp/list"
-        ],
-        [
-            "method",
-            "GET"
-        ]
-    ],
-    "sig": "5ed9d8ec958bc854f997bdc24ac337d005af372324747efe4a00e24f4c30437ff4dd8308684bed467d9d6be3e5a517bb43b1732cc7d33949a3aaf86705c22184"
+  "id": "fe964e758903360f28d8424d092da8494ed207cba823110be3a57dfe4b578734",
+  "pubkey": "63fe6318dc58583cfe16810f86dd09e18bfd76aabc24a0081ce2856f330504ed",
+  "content": "",
+  "kind": 27235,
+  "created_at": 1682327852,
+  "tags": [
+    ["u", "https://api.snort.social/api/v1/n5sp/list"],
+    ["method", "GET"]
+  ],
+  "sig": "5ed9d8ec958bc854f997bdc24ac337d005af372324747efe4a00e24f4c30437ff4dd8308684bed467d9d6be3e5a517bb43b1732cc7d33949a3aaf86705c22184"
 }
 ```
 
 Servers MUST perform the following checks in order to validate the event:
 1. The `kind` MUST be `27235`.
-2. The `created_at` MUST be within a reasonable time window (suggestion 60 seconds).
+2. The `created_at` timestamp MUST be within a reasonable time window (suggestion 60 seconds).
 3. The `u` tag MUST be exactly the same as the absolute request URL (including query parameters).
 4. The `method` tag MUST be the same HTTP method used for the requested resource.
 
@@ -53,11 +47,11 @@ When the request contains a body (as in POST/PUT/PATCH methods) clients SHOULD i
 
 If one of the checks was to fail the server SHOULD respond with a 401 Unauthorized response code.
 
-All other checks which server MAY do are OPTIONAL, and implementation specific.
+Servers MAY perform additional implementation-specific validation checks.
 
 ## Request Flow
 
-Using the `Authorization` header, the `kind 27235` event MUST be `base64` encoded and use the Authorization scheme `Nostr`
+Using the `Authorization` HTTP header, the `kind 27235` event MUST be `base64` encoded and use the Authorization scheme `Nostr`
 
 Example HTTP Authorization header:
 ```
@@ -65,4 +59,4 @@ Authorization: Nostr eyJpZCI6ImZlOTY0ZTc1ODkwMzM2MGYyOGQ4NDI0ZDA5MmRhODQ5NGVkMjA
 ```
 
 ## Reference Implementations
-- C# ASP.NET `AuthenticationHandler` [NostrAuth.cs](https://gist.github.com/v0l/74346ae530896115bfe2504c8cd018d3)
\ No newline at end of file
+- C# ASP.NET `AuthenticationHandler` [NostrAuth.cs](https://gist.github.com/v0l/74346ae530896115bfe2504c8cd018d3)