Re: #473, was: p7: forwarding Proxy-*

The conclusion of the conversation was Roy's statement:

> No, I am just saying that Connection is not required; if it is not
> included in Connection, then the intention is that it be forwarded
> until consumed.  OTOH, if it is included in Connection, then it
> will be consumed or deleted by the immediate recipient.  AFAIK,
> these fields are not normally included in Connection, but there
> might be a good reason to if the proxy selection is complicated.

Which seems reasonable and no one has objected. However, p7 still says:

> Unlike WWW-Authenticate, the Proxy-Authenticate header field applies only to the current connection, and intermediaries should not forward it to downstream clients. However, an intermediate proxy might need to obtain its own credentials by requesting them from the downstream client, which in some circumstances will appear as if the proxy is forwarding the Proxy-Authenticate header field.

… with similar text for Proxy-Authorization. The "SHOULD NOT forward…" requirement is in conflict with the sentiment expressed above.

I've changed the target to p7.

Cheers,



On Jul 28, 2013, at 1:07 PM, Julian Reschke <julian.reschke@gmx.de> wrote:

> On 2013-05-07 07:19, Mark Nottingham wrote:
>> OK, assigning for -23 with an editorial change to P1 to note the difference from 2616 (e.g., in "Changes from RFC2616").
> 
> In -21, we removed the concept of implicit hop-by-hop altogether; and this is mentioned already:
> 
> "Clarify exactly when "close" connection options have to be sent; drop notion of header fields being "hop-by-hop" without being listed in the Connection header field. (Section 6.1)" -- <http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p1-messaging-21.html#rfc.section.A.2.p.9>
> 
> Do we really need to mention Proxy-* explicitly?
> 
> Best regards, Julian
> 
> 
> 
> 

--
Mark Nottingham   http://www.mnot.net/

Received on Monday, 29 July 2013 12:32:04 UTC