Re: ISSUE PROXY-AUTHORIZATION: Proposal wording from rlgray@raleigh.ibm.com on 1997-07-10 (ietf-http-wg@w3.org from July to September 1997)

From: <rlgray@raleigh.ibm.com>
Date: Thu, 10 Jul 1997 14:21:16 EST
To: http-wg@cuckoo.hpl.hp.com
Message-Id: <199707101821.OAA20558@rtpmail03.raleigh.ibm.com>

I support this rewording.
It may be worth making an implementation note about this discussion
(that sometimes a proxy may find it desirable to replace end-to-end
headers).

** Reply to note from Henrik Frystyk Nielsen <frystyk@w3.org> Tue, 08 Jul 1997 18:36:59 -0400
..
> What about simply saying that
>   
>    The WWW-Authenticate and Authorization header fields are end-to-end
> headers 
>    following the rules found in section 14.8 and 14.46. Both the Proxy-
>    Authenticate and the Proxy-Authorization header fields are hop-by-hop
>    headers (see section 13.5.1).
>   
> instead of
>   
>    Proxies MUST be completely transparent regarding user agent authentication 
>    by origin servers. That is, they MUST forward the WWW-Authenticate and 
>    Authorization headers untouched, and follow the rules found in section
> 14.8. 
>    Both the Proxy-Authenticate and the Proxy-Authorization header fields are 
>    hop-by-hop headers (see section 13.5.1).
>   
> Section 13.5.1 gives us the flexibility to leave open who is the "ultimate
> recipient":
>   
>   o  End-to-end headers, which must be transmitted to the
>      ultimate recipient of a request or response. End-to-end
>      headers in responses must be stored as part of a cache entry
>      and transmitted in any response formed from a cache entry.
>   
> Henrik
> --
> Henrik Frystyk Nielsen, <frystyk@w3.org>
> World Wide Web Consortium
> http://www.w3.org/People/Frystyk
>   
> 
 

Richard L. Gray
chocolate - the One True food group

Received on Thursday, 10 July 1997 11:56:08 UTC