W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2011

Re: Additional HTTP Status Codes - draft-nottingham-http-new-status-02

From: James Snell <jasnell@gmail.com>
Date: Wed, 19 Oct 2011 16:44:07 -0700
Message-ID: <CABP7Rbdx+gwF6sqJxnOELgYCAkAjf4xLXTzCiesd0LcUGA42Fg@mail.gmail.com>
To: "Roy T. Fielding" <fielding@gbiv.com>
Cc: "Thomson, Martin" <Martin.Thomson@commscope.com>, Dan Anderson <dan-anderson@cox.net>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
+1 on this... but... I'm wondering if the spec should take some care
to differentiate the "511 Network Authentication Required" and "407
Proxy Authentication Required" response codes. Strictly off the
language in the spec, the two responses are virtually identical, with
the only exception that the 511 Response does not require the use of
the Proxy-Authenticate header. It would seem to me that a 407 with a
Proxy-Authenticate using a hypothetical "form" auth scheme and a
Location header could be applied to the same purpose without requiring
the introduction of a new response code... e.g.

HTTP/1.1 407 Proxy Authentication Required
Location: http://foo.example.com/proxy_login
Proxy-Authenticate: form

Just a thought...

- James

On Wed, Oct 19, 2011 at 3:35 PM, Roy T. Fielding <fielding@gbiv.com> wrote:
> [snip]
>> I wonder if a 3xx response was considered.  Since the typical scenario involves redirection, it's not that much of a stretch to imagine 3xx.
>
> I am not sure if we considered it or not -- it would be nice to make use
> of the Location header field.  Mark?
>
> ....Roy
>
>
>
Received on Wednesday, 19 October 2011 23:44:37 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:48 GMT