I have reviewed this document as part of the Ops area directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the Ops area directors.
Document editors and WG chairs should treat these comments just like any other
last-call comments.

This document defines a new signature-based authentication scheme that is not probeable. 
Here are some comments and nits.

## Comments
1. Abstract
I'm wondering if it's necessary to retain the phrase "at the time of writing this document" that appears in the Abstract of this document. I noticed that this sentence was originally added in version 07.

2. Section 2
Please indicate the source of “the Authorization or Proxy-Authorization header field” mentioned in this section.

3.Section 5 & 6
There are references to "RFC8792" in Chapters 5 and 6. But it is not displayed correctly: [RFC8792].

## NITS:

1.Abstract
s/HTTP/ Hypertext Transfer Protocol (HTTP)

2.Section 2
s/the Authorization or Proxy-Authorization header field/ the Authorization (or Proxy-Authorization) header field   Note: The whole text remains consistent 

3. Section 3
OLD --> When a client wishes to uses the Concealed HTTP authentication scheme with a request. 
NEW --> When a client wishes to use the Concealed HTTP authentication scheme with a request.

Best Regards,
Ran Chen