- From: Dave Kristol <dmk@bell-labs.com>
- Date: Fri, 07 Aug 1998 10:04:38 -0400
- To: Paul Leach <paulle@microsoft.com>
- Cc: http-wg@hplb.hpl.hp.com
Paul Leach wrote: > > In section 3.2.1, The WWW-Authenticate Response Header > > OLD: > > domain > > A space-separated list of URIs, as specified in RFC XURI [7]. The intent is > that the client could use this information to know the set of URIs for which > the same authentication information should be sent. The URIs in this list > may exist on different servers. If this keyword is omitted or empty, the > client should assume that the domain consists of all URIs on the responding > server. > > NEW: > > domain > > A space-separated list of URIs, as specified in RFC XURI [7] that define the > protection space. If a URI is relative, it is relative to canonical root > URL (see section 5.1.2 of [2]) of the server being accessed. The URIs in > this list may refer to different servers. The client can use this list to > determine the set of URIs for which the same authentication information may > be sent: any URI that has a URI in this list as a prefix (after both have > been made absolute) may be assumed to be in the same protection space. If > this keyword is omitted or empty, the client should assume that the > protection space consists of all URIs on the responding server. > > RATIONALE: > The terminology of "protection space" was not used for Digest. The means for > determining when Digest clients could use the same credentials was > under-specified. I agree the "protection space" for Digest needed to be specified. I have a problem with the proposed words above: I assume "5.1.2 of [2]" refers to the HTTP/1.1 spec. The words "canonical root URL" do not appear there, and I am therefore unsure what was meant. Since all URLs on a server are implicitly descended from "/" (no?), wouldn't it be easier just to say that relative URLs are taken to be relative to "/"? Dave Kristol
Received on Friday, 7 August 1998 07:06:50 UTC