Re: WGLC #357: Authentication Exchanges from David Morris on 2012-06-20 (ietf-http-wg@w3.org from April to June 2012)

From: David Morris <dwm@xpasc.com>
Date: Wed, 20 Jun 2012 11:01:11 -0700 (PDT)
To: "'HTTP Working Group'" <ietf-http-wg@w3.org>
Message-ID: <alpine.LRH.2.01.1206201059040.29960@egate.xpasc.com>

On Wed, 20 Jun 2012, Julian Reschke wrote:

> On 2012-06-20 06:11, Mark Nottingham wrote:
> > 

> > How about, after those two paragraphs:
> > 
> > """
> > A server receiving credentials that are valid, but not adequate to gain
> > access, ought to respond with the 403 (Forbidden) status code.
> > """

Seems to me that 'ought to' should either be 'SHOULD' or 'MAY'?

Received on Wednesday, 20 June 2012 18:01:41 UTC