comments on proxy-authenticate.

In the real world, the use of proxies is going to become much more common. The
historic direct connection model of networking a rapidly being replaced by
collections of networks that Internetwork a higher levels rather than at the
packet level.

Following this thread, you can see that there maybe more than just a single
proxy between the client and the server. At each stage a proxy may need
to authenticate a client. Section 10.30 and 10.31 proxy-authenticate authorize
don't obviously deal with multiple proxies/firewalls. Proxies are going
to be used for many purposes caching, application gateways etc. To allow
for multiple levels, you only need to add a location field to the
Proxy- header lines so that a proxy can identify those headerlines that 
apply to it. The location can be considered a string that only has significance
to the proxy, and should be just copied by the client when formulating the
reply. A proxy would pass on proxy- header lines that don't apply to it.

Peter Churchyard.
The TIS Network Security Products Group has moved!
voice: 301-527-9500 x123 fax: 301-527-0482
2277 Research Boulevard, 5th Floor, Rockville, MD 20850

Received on Sunday, 21 January 1996 12:55:06 UTC