W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1995

Re: HTTP/1.0 Review Plan

From: Eric W. Sink <eric@rafiki.spyglass.com>
Date: Wed, 9 Aug 1995 11:15:40 -0500
Message-Id: <9508091615.AA08144@rafiki.spyglass.com>
To: Roy Fielding <fielding@beach.w3.org>
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com

>I would like to avoid getting too involved in
>the debate over portions of the 1.0 draft, except where it becomes
>necessary to describe the thinking behind some of the recent changes.

Given the number of surprise changes and objectionable ones at that, I
believe this is unrealistic.

>3) WWW-Authenticate
>
>   The new spec now uses semicolon to separate parameters -- keeping
>   it as comma-separated would prevent people from using more than
>   one AA scheme per resource.  This will break existing implementations
>   of Digest and PGP AA.  One alternative is to leave WWW-Authenticate
>   as a fixed field (i.e., only describe it for Basic), and define a
>   new syntax for an Authenticate header.
>
>   The same applies to Authorization.

Let's go for the alternative.  Breaking all existing implementations of
something like this seems unnecessary.  If you *must* go for semicolons,
define a new header.

--
Eric W. Sink
Senior Software Engineer, Spyglass
eric@spyglass.com
Received on Wednesday, 9 August 1995 09:20:59 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:24 EDT