- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Thu, 31 Oct 2013 15:30:22 +0100
- To: Julian Reschke <julian.reschke@greenbytes.de>
- Cc: Stephen Kent <kent@bbn.com>, secdir <secdir@ietf.org>, Barry Leiba <barryleiba@computer.org>, Pete Resnick <presnick@qti.qualcomm.com>, "Mankin, Allison" <amankin@verisign.com>, HTTP Working Group <ietf-http-wg@w3.org>
* Julian Reschke wrote: >On 2013-10-29 20:35, Stephen Kent wrote: >> ... >> In Section 4.3, the text says: >> >> A proxy MAY relay >> >> the credentials from the client request to the next proxy if that is >> >> the mechanism by which the proxies cooperatively authenticate a given >> >> request. >> >> If, as stated here, a set of proxies cooperatively authenticate a >> request, then isn’t this a MUST vs. a MAY? >> ... > >Maybe. I have no experience with proxy authentication, and this piece of >text was copied from ><http://greenbytes.de/tech/webdav/rfc2616.html#rfc.section.14.34>. > >Perhaps this is a case where we should drop the RFC2119 keywords [...] Ordinarily a proxy is not supposed to forward the `Proxy-Authorization` header and an implementation that forwards it by accident fails to meet the requirements of the specification, so use of RFC 2119 keywords seems appropriate to me. I also see nothing wrong with the proxy offering an configuration option to, say, relay the credentials for some users, but not for others, so this cannot be a MUST. I think the text is fine. -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Thursday, 31 October 2013 14:30:58 UTC