W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

Re: comments on http-authentication-00

From: Henrik Frystyk Nielsen <frystyk@w3.org>
Date: Fri, 05 Dec 1997 12:53:04 -0500
Message-Id: <>
To: Dave Kristol <dmk@research.bell-labs.com>, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/4848
At 12:33 12/5/97 EST, Dave Kristol wrote:

>1) Sect 1.2
>	[Proxies] MUST forward the WWW-Authenticate and Authorization
>	headers untouched....
>I would like MUST to be SHOULD.  I've brought this up once before.
>There may be services (LPWA, lpwa.com, is one such) whose legitimate
>purpose is to provide authentication services for a user, such as
>replacing special character sequences in Authorization with a user's
>computed identity.  The proxy ought to be able to do so without being
>considered non-compliant.

Yes, this was resolved in the discussion [1] on the list. The solution that
was last called is stated in [2].


[1] http://www.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0181.html
[2] http://www.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0096.html

Henrik Frystyk Nielsen,
World Wide Web Consortium
Received on Friday, 5 December 1997 09:55:38 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:21 UTC