- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Fri, 27 Jan 2012 13:38:03 +1300
- To: Julian Reschke <julian.reschke@gmx.de>
- CC: ietf-http-wg@w3.org
On 27/01/2012 11:08 a.m., Julian Reschke wrote: > On 2012-01-25 22:58, Amos Jeffries wrote: >> ... >> I assume this is also not limited to WWW-Authenticate:. But applies >> equally to Proxy-Authenticate? >> ... > > Tracked at > <http://greenbytes.de/tech/webdav/draft-reschke-basicauth-enc-issues.html#issue.proxy>. > > As far as I can tell, the spec doesn't say anything about it. It could > be used for P-A as well; do we need to clarify that somewhere? If yes, > where precisely? I was thinking just in the example you have WWW-Authenticate. If you add an example of Proxy-Authenticate next to it its clear that the intention is for it to be wherever the Basic auth details are valid without having to enumerate all cases or account for future uses. AYJ
Received on Friday, 27 January 2012 00:38:41 UTC