i have been receiving emails from this group, goodness knows what you are all talking about but i havent subscribed to your email group.

could you please take my email address of this list.



"And in the end; it's not the years in your life that count. It's the life in your years"
>From: Adam Roach >To: "'Scott Lawrence'" >CC: ietf-http-wg@w3.org >Subject: RE: RFC 2617 Authentication sessions >Date: Mon, 1 Dec 2003 11:00:59 -0600 >MIME-Version: 1.0 >Received: from frink.w3.org ([]) by mc8-f2.hotmail.com with Microsoft SMTPSVC(5.0.2195.6713); Mon, 1 Dec 2003 09:01:38 -0800 >Received: by frink.w3.org (Postfix, from userid 59936)id D3A8AA0982; Mon, 1 Dec 2003 12:01:36 -0500 (EST) >Received: from dr-nick.w3.org (dr-nick.w3.org [])by frink.w3.org (Postfix) with ESMTP id 0483FA0977for ; Mon, 1 Dec 2003 12:01:02 -0500 (EST) >Received: by dr-nick.w3.org (Postfix)id AD60C14181; Mon, 1 Dec 2003 12:01:01 -0500 (EST) >Received: from mail4.dynamicsoft.com (mail4.dyn amicsoft.com [])by dr-nick.w3.org (Postfix) with ESMTP id 706C114396for ; Mon, 1 Dec 2003 12:01:01 -0500 (EST) >Received: from DYN-TX-EXCH-001.dynamicsoft.com (dyn-tx-exch-001 [])by mail4.dynamicsoft.com (8.12.8/8.12.8) with ESMTP id hB1H10ZA014574;Mon, 1 Dec 2003 11:01:00 -0600 (CST) >Received: by dyn-tx-exch-001.dynamicsoft.com with Internet Mail Service (5.5.2653.19)id ; Mon, 1 Dec 2003 11:01:00 -0600 >X-Message-Info: EoYTbT2lH2PWoJZq8L4TVe6yROBkY5Fr >X-Original-To: ietf-http-wg@frink.w3.org >Delivered-To: ietf-http-wg@frink.w3.org >Delivered-To: ietf-http-wg@w3.org >Message-ID: <9BF66EBF6BEFD942915B4D4D45C051F3E86679@dyn-tx-exch-001.dynamicsoft.com> >X-Mailer: Internet Mail Service (5.5.2653.19) >X-Archived-At: http://www.w3.org/mid/9BF66EBF6BEFD942915B4D4D45C051F3E86679@dyn-tx-exch-001.dynamicsoft.com >Resent-From: ietf-http-wg@w3.org >X-Mailing-List: archive /latest/493 >X-Loop: ietf-http-wg@w3.org >Resent-Sender: ietf-http-wg-request@w3.org >Precedence: list >List-Id: >List-Help: >List-Unsubscribe: >Resent-Message-Id: <20031201170136.D3A8AA0982@frink.w3.org> >Resent-Date: Mon, 1 Dec 2003 12:01:36 -0500 (EST) >Return-Path: ietf-http-wg-request@w3.org >X-OriginalArrivalTime: 01 Dec 2003 17:01:39.0620 (UTC) FILETIME=[C98F7640:01C3B82C] > > > > > If we're opening this section for revisions, can we please > > > also address the issue of whether the session key is recalculated > > > when the server sends an Auth-Info header with nextnonce? > > > > I don't think that is ambiguous given the current text. If the server > > sends a nextnonce, then it wants the client to start using it. > >I agree that such behavior is logical; however, the text t hat >you just sent out says: > > If the "algorithm" directive's value is "MD5-sess", then A1 is > calculated only once - on the first request by the client following > receipt of a WWW-Authenticate challenge from the server. > >So... when you get a nextnonce, do you recalculate A1? Is that what >you mean by "start using it?" Or do you calculate A1 "only once - >on the first request by the client following receipt of a >WWW-Authenticate challenge from the server," as the forgoing text >indicates? > >/a >

Hot chart ringtones and polyphonics. Click here