- From: Foteos Macrides <MACRIDES@sci.wfbr.edu>
- Date: Tue, 18 Nov 1997 12:11:12 -0500 (EST)
- To: jg@pa.dec.com
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
jg@pa.dec.com (Jim Gettys) wrote: >This is in last call... >[...] >My revised text is: > >"A client SHOULD assume that all paths at or deeper than the depth of the >last symbolic element in the path field of the Request-URI also are within >the protection space specified by the Basic realm value of the current >challenge. A client MAY send the corresponding Authorization header with >requests for resources in that space without receipt of another challenge >from the server." That's good. You might also want to add an explicit statement in the section on Proxy-Authentication that the implied protection space for Basic is all URLs (which means that the realm value is irrelevant, but still must be included in the proxy's challenge and in the client's Proxy-Authorization header). Fote ========================================================================= Foteos Macrides Worcester Foundation for Biomedical Research MACRIDES@SCI.WFBR.EDU 222 Maple Avenue, Shrewsbury, MA 01545 =========================================================================
Received on Tuesday, 18 November 1997 09:16:05 UTC