- From: Mark Nottingham <mnot@mnot.net>
- Date: Wed, 22 Sep 2010 16:01:13 +1000
- To: Julian Reschke <julian.reschke@gmx.de>
- Cc: Robert Collins <robertc@robertcollins.net>, HTTP Working Group <ietf-http-wg@w3.org>
On 15/09/2010, at 2:59 AM, Julian Reschke wrote: > > So maybe we should be pragmatic and say: > > - the realm is defined for all authentication protocols > - SHOULD be provided in the challenge > - if not provided, header should be treated as if an empty realm was specified +0.5. I'm not thrilled about it, but unless someone wants to argue that we shouldn't impose realms on all authentication schemes... Cheers, -- Mark Nottingham http://www.mnot.net/
Received on Wednesday, 22 September 2010 06:02:12 UTC