- From: John Franks <john@math.nwu.edu>
- Date: Tue, 30 Dec 1997 11:44:26 -0600 (CST)
- To: Scott Lawrence <lawrence@agranat.com>
- cc: paulle@microsoft.com, ietf-http-wg@w3.org, http-wg@cuckoo.hpl.hp.com
Here are suggested changes to the BNF in the authentication
spec. The BNF for "entity-digest" and "Authentication-info"
are the only ones changed. The differences are that in entity-digest
H(A1) is replaced by H(H(A1)) as suggested by Paul Leach and
the response status code is added as suggested by John Mallery.
In Authentication-info a new field dheaders is added to solve the
problem that proxies might changes headers. I think these changes
can be characterized as largely fixes to interoperability
problems between authenticating agents and proxies.
-------------------------------------------
entity-digest =
<"> KD (H(H(A1)), unquoted nonce-value ":"
transaction-info ":" H(entity-body)) <">
; format is <"> *LHEX <">
transaction-info =
H(
Method ":"
digest-uri-value ":"
media-type ":" ; Content-Type, see section 3.7 of [2]
content-coding ":" ; Content-Encoding, see 3.5 of [2]
dheader-content
)
dheader-content = *DIGIT ":" ; HTTP response status code
*DIGIT ":" ; entity-length, see ??
date ":" ; contents of origin HTTP date header
last-modified ":" ; last modified date
expires ; expiration date
-------------------------------------------
AuthenticationInfo = "Authentication-Info" ":"
1#( digest "," digested-headers | nextnonce )
nextnonce = "nextnonce" "=" nonce-value
digest = "digest" "=" entity-digest
digested-headers = "dheaders" "=" <"> dheader-content <">
date = rfc1123-date ; see section 3.3.1 of[2]
last-modified = rfc1123-date ; see section 3.3.1 of [2]
expires = rfc1123-date
-------------------------------------------
John Franks
john@math.nwu.edu
Received on Tuesday, 30 December 1997 12:44:56 UTC