- From: Koen Holtman <koen@win.tue.nl>
- Date: Tue, 8 Jul 1997 21:34:35 +0200 (MET DST)
- To: dwm@xpasc.com
- Cc: koen@win.tue.nl, dmk@bell-labs.com, frystyk@w3.org, http-wg@cuckoo.hpl.hp.com
David W. Morris: > [...] >I guess you wouldn't want a creative proxy which would re-write >BASIC authentication into digest authentication either? I don't want proxies to be `creative'. I think that HTTP/1.x should not allow creative proxies, and am against weakening MUSTs to allow such creativity. If you want a new creative service in a proxy, call it a HTTP/1.1 proxy which implements the `creative-authentication-rewrite' protocol extension on top of HTTP/1.1. The use of creative extensions can be negotiated either in-band or out-of-band. > Renaming >a program to be a user-agent or client because it doesn't follow an >arbitrary rule doesn't accomplish anything in terms of trust, etc. Protocol specifications do not have a concept of `arbitrary rules' which can be ignored without losing conformance. This is all about the allocation of blame. If you put up a proxy, for which you claim that it is a pure 1.1 implementation, while the thing actually ignores some `arbitrary rules', and things go wrong because a user acted on your claim of this being a pure 1.1 proxy, then some of the blame will be allocated at your end. Koen.
Received on Tuesday, 8 July 1997 12:37:42 UTC