Hello, I am a little confused about the augmented BNF for Authentication-Info in RFC 2617 3.2.3. The part of the ABNF I am confused about is: AuthenticationInfo = "Authentication-Info" ":" auth-info auth-info = 1#(nextnonce | [ message-qop ] | [ response-auth ] | [ cnonce ] | [nonce-count] ) Does this ABNF mean that nextnonce is required in auth-info? If so, why is there the sentence, "If the nextnonce field is present the client SHOULD use it when constructing the Authorization header for its next request." ? That would seem to imply that nextnonce is optional. Later on, the RFC also states "pipelined requests will not be possible if every response includes a nextnonce directive that must be used on the next request received by the server." Searching the archives show that this issue was brought up over a year ago, but there was no response (http://lists.w3.org/Archives/Public/ietf-http-wg/2006AprJun/0031.html). Any feedback would be appreciated. Thanks! -TimReceived on Monday, 1 October 2007 19:47:14 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:22 GMT