- From: Henrik Nordstrom <hno@squid-cache.org>
- Date: Sat, 04 Nov 2006 20:43:51 +0100
- To: HTTP Working Group <ietf-http-wg@w3.org>
- Message-Id: <1162669431.11880.179.camel@henriknordstrom.net>
lör 2006-11-04 klockan 10:47 -0800 skrev Lisa Dusseault: > So I guess a decision that CLIENTS MUST support Basic and Digest in a > new HTTP RFC, might be signalled by a minor version bump. I too don't see thy a version bump would even be remotely needed in this case. It's already the server who dictates which authentication protocols is acceptable to the server, the client just selects what it thinks is best among the available choices. If there is no match communication is not possible, such as would be the case for a resource requiring strong secure authentication. The change to require support for strong authentication is not a technical change, it's a administrative policy change. The protocol isn't changed by this, only how the protocol may be applied. HTTP version numbers do have an implicit defined meaning: - Minor numbers signify a change in transport related features, but keeping the basic message format and meanings of headers intact. - Major numbers signify a change in message format, incompatible with earlier versions. For example if the header format is changed, or if already well defined headers is redefined to another meaning. Also remember that HTTP message numbers are hop-by-hop, while most headers describing capabilities such as authentication requirements is end-to-end. Regards enrik
Received on Saturday, 4 November 2006 19:44:49 UTC