1 files changed, 7 insertions, 7 deletions
diff --git a/98.md b/98.md
index ecbebc0..c8cba0f 100644
--- a/98.md
+++ b/98.md
@@ -6,9 +6,9 @@ HTTP Auth
 `draft` `optional` `author:kieran` `author:melvincarvalho`
-This NIP defines an ephemerial event used to authorize requests to HTTP servers using nostr events.
+This NIP defines an ephemeral event used to authorize requests to HTTP servers using nostr events.
-This is useful for HTTP services which are build for Nostr and deal with Nostr user accounts.
+This is useful for HTTP services which are built for Nostr and deal with Nostr user accounts.
 ## Nostr event
@@ -16,7 +16,7 @@ A `kind 27235` (In reference to [RFC 7235](https://www.rfc-editor.org/rfc/rfc723
 The `content` SHOULD be empty.
-The following tags are defined as REQUIRED.
+The following tags MUST be included.
 * `u` - absolute URL
 * `method` - HTTP Request Method
@@ -45,7 +45,7 @@ Example event:
 Servers MUST perform the following checks in order to validate the event:
 1. The `kind` MUST be `27235`.
-2. The `created_at` MUST be within a reasonable time window (suggestion 60 seconds).
+2. The `created_at` timestamp MUST be within a reasonable time window (suggestion 60 seconds).
 3. The `u` tag MUST be exactly the same as the absolute request URL (including query parameters).
 4. The `method` tag MUST be the same HTTP method used for the requested resource.
@@ -53,11 +53,11 @@ When the request contains a body (as in POST/PUT/PATCH methods) clients SHOULD i
 If one of the checks was to fail the server SHOULD respond with a 401 Unauthorized response code.
-All other checks which server MAY do are OPTIONAL, and implementation specific.
+Servers MAY perform additional implementation-specific validation checks.
 ## Request Flow
-Using the `Authorization` header, the `kind 27235` event MUST be `base64` encoded and use the Authorization scheme `Nostr`
+Using the `Authorization` HTTP header, the `kind 27235` event MUST be `base64` encoded and use the Authorization scheme `Nostr`
 Example HTTP Authorization header:
 ```
@@ -65,4 +65,4 @@ Authorization: Nostr eyJpZCI6ImZlOTY0ZTc1ODkwMzM2MGYyOGQ4NDI0ZDA5MmRhODQ5NGVkMjA
 ```
 ## Reference Implementations
- C# ASP.NET `AuthenticationHandler` [NostrAuth.cs](https://gist.github.com/v0l/74346ae530896115bfe2504c8cd018d3)
-\ No newline at end of file
+- C# ASP.NET `AuthenticationHandler` [NostrAuth.cs](https://gist.github.com/v0l/74346ae530896115bfe2504c8cd018d3)

diff --git a/98.md b/98.md index ecbebc0..c8cba0f 100644 --- a/98.md +++ b/98.md
@@ -6,9 +6,9 @@ HTTP Auth
6		6
7	`draft` `optional` `author:kieran` `author:melvincarvalho`	7	`draft` `optional` `author:kieran` `author:melvincarvalho`
8		8
9	This NIP defines an ephemerial event used to authorize requests to HTTP servers using nostr events.	9	This NIP defines an ephemeral event used to authorize requests to HTTP servers using nostr events.
10		10
11	This is useful for HTTP services which are build for Nostr and deal with Nostr user accounts.	11	This is useful for HTTP services which are built for Nostr and deal with Nostr user accounts.
12		12
13	## Nostr event	13	## Nostr event
14		14
@@ -16,7 +16,7 @@ A `kind 27235` (In reference to [RFC 7235](https://www.rfc-editor.org/rfc/rfc723
16		16
17	The `content` SHOULD be empty.	17	The `content` SHOULD be empty.
18		18
19	The following tags are defined as REQUIRED.	19	The following tags MUST be included.
20		20
21	* `u` - absolute URL	21	* `u` - absolute URL
22	* `method` - HTTP Request Method	22	* `method` - HTTP Request Method
@@ -45,7 +45,7 @@ Example event:
45		45
46	Servers MUST perform the following checks in order to validate the event:	46	Servers MUST perform the following checks in order to validate the event:
47	1. The `kind` MUST be `27235`.	47	1. The `kind` MUST be `27235`.
48	2. The `created_at` MUST be within a reasonable time window (suggestion 60 seconds).	48	2. The `created_at` timestamp MUST be within a reasonable time window (suggestion 60 seconds).
49	3. The `u` tag MUST be exactly the same as the absolute request URL (including query parameters).	49	3. The `u` tag MUST be exactly the same as the absolute request URL (including query parameters).
50	4. The `method` tag MUST be the same HTTP method used for the requested resource.	50	4. The `method` tag MUST be the same HTTP method used for the requested resource.
51		51
@@ -53,11 +53,11 @@ When the request contains a body (as in POST/PUT/PATCH methods) clients SHOULD i
53		53
54	If one of the checks was to fail the server SHOULD respond with a 401 Unauthorized response code.	54	If one of the checks was to fail the server SHOULD respond with a 401 Unauthorized response code.
55		55
56	All other checks which server MAY do are OPTIONAL, and implementation specific.	56	Servers MAY perform additional implementation-specific validation checks.
57		57
58	## Request Flow	58	## Request Flow
59		59
60	Using the `Authorization` header, the `kind 27235` event MUST be `base64` encoded and use the Authorization scheme `Nostr`	60	Using the `Authorization` HTTP header, the `kind 27235` event MUST be `base64` encoded and use the Authorization scheme `Nostr`
61		61
62	Example HTTP Authorization header:	62	Example HTTP Authorization header:
63	```	63	```
@@ -65,4 +65,4 @@ Authorization: Nostr eyJpZCI6ImZlOTY0ZTc1ODkwMzM2MGYyOGQ4NDI0ZDA5MmRhODQ5NGVkMjA
65	```	65	```
66		66
67	## Reference Implementations	67	## Reference Implementations
68	- C# ASP.NET `AuthenticationHandler` [NostrAuth.cs](https://gist.github.com/v0l/74346ae530896115bfe2504c8cd018d3) \ No newline at end of file	68	- C# ASP.NET `AuthenticationHandler` [NostrAuth.cs](https://gist.github.com/v0l/74346ae530896115bfe2504c8cd018d3)