W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 2005


From: <bugzilla@soe.ucsc.edu>
Date: Wed, 14 Dec 2005 10:53:05 -0800
Message-Id: <200512141853.jBEIr5jP025010@ietf.cse.ucsc.edu>
To: w3c-dist-auth@w3.org


ejw@cs.ucsc.edu changed:

           What    |Removed                     |Added
         AssignedTo|joe-bugzilla@cursive.net    |lisa@osafoundation.org

------- Additional Comments From ejw@cs.ucsc.edu  2005-12-14 10:53 -------
Discussed during 12/14/05 teleconference.

Agreement on the call:

* Should add a statement that authentication and authorization MUST be performed
prior to evaluating If header. Evaluating the If header first might allow a
client to discover information about the resource that he wouldn't ordinarily be
able to find out without privileges. For example, a client could discover
whether a resource exists, or has changed. Text to be added to the If header

* There didn't seem to be a compelling reason to have If evaluated before/after
If-Match, and hence no text needs to be added here.

------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
Received on Wednesday, 14 December 2005 18:53:57 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:01:34 UTC