W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2011

Re: #177: Realm required on challenges

From: Julian Reschke <julian.reschke@gmx.de>
Date: Sun, 07 Aug 2011 20:53:45 +0200
Message-ID: <4E3EDF39.8080007@gmx.de>
To: "Manger, James H" <James.H.Manger@team.telstra.com>
CC: HTTP Working Group <ietf-http-wg@w3.org>
On 2011-07-26 17:47, Julian Reschke wrote:
> On 2011-07-25 15:48, Julian Reschke wrote:
>> On 2011-07-25 02:47, Manger, James H wrote:
>>> Julian,
>>>
>>> The concept of a "protection space" is quite important (eg for
>>> automatically applying credentials), regardless of whether or not a
>>> 'realm' parameter is present. Unfortunately, the proposed patch to
>>> make 'realm' optional also effectively makes a protection space
>>> optional. How about changing the 1st sentence of the 2nd paragraph of
>>> 2.2 "Protection Space (Realm)" to the following:
>>>
>>> A protection space is defined by the canonical root URI (...)
>>> of the server being accessed, in combination with the realm
>>> value if present.
>> > ...
>>
>> OK; new proposed patch:
>> <http://trac.tools.ietf.org/wg/httpbis/trac/attachment/ticket/177/177.diff>.
>>
>> ...
>
> ...applied with
> <http://trac.tools.ietf.org/wg/httpbis/trac/attachment/ticket/177/177.diff>.
> ...

Additionally, I have added this as a "Change from RFC 2616", and fixed 
the ABNF for challenges not to require an auth-param anymore.

See: <http://trac.tools.ietf.org/wg/httpbis/trac/changeset/1385>

Best regards, Julian
Received on Sunday, 7 August 2011 18:54:23 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:46 GMT