W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2011

#321: Repeating auth-params

From: Julian Reschke <julian.reschke@gmx.de>
Date: Tue, 08 Nov 2011 22:37:38 +0100
Message-ID: <4EB9A122.4030600@gmx.de>
To: HTTP Working Group <ietf-http-wg@w3.org>
<http://trac.tools.ietf.org/wg/httpbis/trac/ticket/321>:

We need to add a statement about what it means if a specific auth-param 
occurs more than once in a challenge; in particular for "realm" (ack 
James Manger)

Proposed change: 
<http://trac.tools.ietf.org/wg/httpbis/trac/attachment/ticket/321/321.diff>

Which makes the beginning of 2.1 read:

2.1.  Challenge and Response

    HTTP provides a simple challenge-response authentication mechanism
    that can be used by a server to challenge a client request and by a
    client to provide authentication information.  It uses an extensible,
    case-insensitive token to identify the authentication scheme,
    followed by additional information necessary for achieving
    authentication via that scheme.  The latter can either be a comma-
    separated list of parameters or a single sequence of characters
    capable of holding base64-encoded information.

    Parameters are name-value pairs where the name is matched case-
    insensitively, and each parameter name MUST only occur once per
    challenge.


Feedback appreciated, Julian
Received on Tuesday, 8 November 2011 21:46:52 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:50 GMT