W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1997

Re: ISSUE PROXY-AUTHORIZATION: Proposal wording

From: <rlgray@raleigh.ibm.com>
Date: Thu, 10 Jul 1997 14:21:16 EST
Message-Id: <199707101821.OAA20558@rtpmail03.raleigh.ibm.com>
To: http-wg@cuckoo.hpl.hp.com
I support this rewording.
It may be worth making an implementation note about this discussion
(that sometimes a proxy may find it desirable to replace end-to-end
headers).

** Reply to note from Henrik Frystyk Nielsen <frystyk@w3.org> Tue, 08 Jul 1997 18:36:59 -0400
..
> What about simply saying that
>   
>    The WWW-Authenticate and Authorization header fields are end-to-end
> headers 
>    following the rules found in section 14.8 and 14.46. Both the Proxy-
>    Authenticate and the Proxy-Authorization header fields are hop-by-hop
>    headers (see section 13.5.1).
>   
> instead of
>   
>    Proxies MUST be completely transparent regarding user agent authentication 
>    by origin servers. That is, they MUST forward the WWW-Authenticate and 
>    Authorization headers untouched, and follow the rules found in section
> 14.8. 
>    Both the Proxy-Authenticate and the Proxy-Authorization header fields are 
>    hop-by-hop headers (see section 13.5.1).
>   
> Section 13.5.1 gives us the flexibility to leave open who is the "ultimate
> recipient":
>   
>   o  End-to-end headers, which must be transmitted to the
>      ultimate recipient of a request or response. End-to-end
>      headers in responses must be stored as part of a cache entry
>      and transmitted in any response formed from a cache entry.
>   
> Henrik
> --
> Henrik Frystyk Nielsen, <frystyk@w3.org>
> World Wide Web Consortium
> http://www.w3.org/People/Frystyk
>   
> 
 

Richard L. Gray
chocolate - the One True food group
Received on Thursday, 10 July 1997 11:56:08 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:46 EDT