- From: David W. Morris <dwm@shell.portal.com>
- Date: Tue, 28 May 1996 08:16:44 -0700 (PDT)
- To: http working group <http-wg@cuckoo.hpl.hp.com>
There seems to be a conflict between: Proxies MUST be completely transparent regarding user agent authentication. That is, they MUST forward the WWW-Authenticate and Authorization headers untouched, and MUST NOT cache the response to a request containing Authorization. (approximately 71 lines from the heading in draft -03) and section "18.9 Authorization": When a shared cache (see section 16.6) receives a request containing an Authorization field, it MUST NOT return the corresponding response as a reply to any other request, unless one of the following specific exceptions holds: [...] To resolve the conflict, I would propose the paragraph in section 14 be changed to read: Proxies MUST be completely transparent regarding user agent authentication. That is, they MUST forward the WWW-Authenticate and Authorization headers untouched, and MUST NOT use a cached response to a request containing Authorization to satisfy a new request except as specified in section 18.9. Dave Morris
Received on Tuesday, 28 May 1996 08:16:44 UTC