W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

Re: comments on http-authentication-00

From: Henrik Frystyk Nielsen <frystyk@w3.org>
Date: Fri, 05 Dec 1997 12:53:04 -0500
Message-Id: <3.0.3.32.19971205125304.009a1100@localhost>
To: Dave Kristol <dmk@research.bell-labs.com>, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
At 12:33 12/5/97 EST, Dave Kristol wrote:

>1) Sect 1.2
>	[Proxies] MUST forward the WWW-Authenticate and Authorization
>	headers untouched....
>
>I would like MUST to be SHOULD.  I've brought this up once before.
>There may be services (LPWA, lpwa.com, is one such) whose legitimate
>purpose is to provide authentication services for a user, such as
>replacing special character sequences in Authorization with a user's
>computed identity.  The proxy ought to be able to do so without being
>considered non-compliant.

Yes, this was resolved in the discussion [1] on the list. The solution that
was last called is stated in [2].

Henrik

[1] http://www.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0181.html
[2] http://www.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0096.html

--
Henrik Frystyk Nielsen,
World Wide Web Consortium
http://www.w3.org/People/Frystyk
Received on Friday, 5 December 1997 09:55:38 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:04 EDT