Re: opaque parameter in the Authorization request header

Henrik Nordstrom wrote:

> there really is no excuse for not returning it


I've no idea why RFC 2069 settled for a "should"
instead of a "must" here.  It could mean that
servers aren't forced to insist on its presence,
but if they insist on it they are not violating
the spec.  


Received on Wednesday, 13 August 2008 18:41:23 UTC