W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2011

#321: Repeating auth-params

From: Julian Reschke <julian.reschke@gmx.de>
Date: Tue, 08 Nov 2011 22:37:38 +0100
Message-ID: <4EB9A122.4030600@gmx.de>
To: HTTP Working Group <ietf-http-wg@w3.org>

We need to add a statement about what it means if a specific auth-param 
occurs more than once in a challenge; in particular for "realm" (ack 
James Manger)

Proposed change: 

Which makes the beginning of 2.1 read:

2.1.  Challenge and Response

    HTTP provides a simple challenge-response authentication mechanism
    that can be used by a server to challenge a client request and by a
    client to provide authentication information.  It uses an extensible,
    case-insensitive token to identify the authentication scheme,
    followed by additional information necessary for achieving
    authentication via that scheme.  The latter can either be a comma-
    separated list of parameters or a single sequence of characters
    capable of holding base64-encoded information.

    Parameters are name-value pairs where the name is matched case-
    insensitively, and each parameter name MUST only occur once per

Feedback appreciated, Julian
Received on Tuesday, 8 November 2011 21:46:52 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:26 UTC