- From: Mark Nottingham <mnot@mnot.net>
- Date: Wed, 20 Jun 2012 21:00:11 +1000
- To: Yutaka OIWA <y.oiwa@aist.go.jp>
- Cc: Julian Reschke <julian.reschke@gmx.de>, Amos Jeffries <squid3@treenet.co.nz>, ietf-http-wg@w3.org
On 20/06/2012, at 8:48 PM, Yutaka OIWA wrote: > My current feeling after this thread of discussions is to honor both 401 and 403 > as desired responses with authz-failure, possibly with preference for 403 for > future implementations (if we want). That's effectively where we are; note that there aren't any RFC2119 conformance requirements placed around this. Cheers, -- Mark Nottingham http://www.mnot.net/
Received on Wednesday, 20 June 2012 11:00:49 UTC