HTTP binding: {http authentication realm} is required

In Part 2's 6.12 Specifying HTTP Access Authentication, we have:

     * {http authentication realm} REQUIRED. A xs:string to the Endpoint. It
       corresponds to the realm authentication parameter defined in [IETF
       RFC 2617]. If the value of the {http authentication scheme} property
       is not "none", it MUST not be empty.

[…]

   ┌──────────────────────┬────────────────────────────────────────────────┐
   │       Property       │                     Value                      │
   ├──────────────────────┼────────────────────────────────────────────────┤
[…]
   │                      │ The actual value of the                        │
   │ {http authentication │ whttp:authenticationRealm attribute            │
   │ realm}               │ information item; otherwise, "" (the empty     │
   │                      │ value).                                        │
   └──────────────────────┴────────────────────────────────────────────────┘

Why do we have this property required and defaulting to an empty
string?

It seems to make more sense to have this property optional.

Here's a proposal for the property definition:

  {http authentication realm}, OPTIONAL.

    A xs:string. It corresponds to the realm authentication parameter
    defined in [IETF RFC 2617]. If the value of the {http
    authentication scheme} property is not "none", it MUST be present
    and not empty.

and for its mapping:

    The actual value of the whttp:authenticationRealm attribute
    information item, if present.

This is related to another comment about optional properties
defaulting to empty values.

-- 
Hugo Haas - W3C
mailto:hugo@w3.org - http://www.w3.org/People/Hugo/

Received on Wednesday, 24 August 2005 10:16:50 UTC