- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Sun, 28 Apr 2013 17:45:45 +0200
- To: Mark Nottingham <mnot@mnot.net>
- CC: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
On 2013-04-23 05:48, Mark Nottingham wrote:
>
> * 2.1 "It uses an extensible, case-insensitive token..." I know what's meant here, but the token itself isn't extensible; it's an extension point. Suggest: :It uses a case-insensitive token as a means to identify..."
>
> * 2.1 "...based upon a challenge received from the server..." --> "...based upon a challenge received in a response" ("from the server" implies that the next inbound server generated the challenge, which isn't always the case).
>
> * 2.2 "Note that there can be multiple challenges with the same auth-scheme..." --> "Note that a response can have multiple challenges..."
>
> * 2.2 "Unless otherwise defined by the authentication scheme,..." --> "Unless specifically allowed by the authentication scheme..."
>
> * 2.3.1 "... can only be used once per challenge/credentials." --> "...once in a challenge or credential."
>
> * 2.3.1 needs references to p6 for cache-control directives it talks about.
>
> * 3.1 "The client MAY repeat the request with a new or replaced Authorisation header field." s/client/user agent/
>
> * 4.1 'The "Authorization" header field allows a user agent to authenticate itself with a server..." s/server/origin server/
>
> * 4.3 "Its value consists of credentials containing the authentication information of the user agent for the proxy..." s/user agent/client/
>
> * 6.2 First paragraph - all instances of 'server' to 'origin server'
>
> * 6.2 "This is of particular concern when a server hosts resources for multiple parties..." s/server/origin server/
>
> * 6.2 "...by using a different host name for each party." s/host name/origin/ (or similar; i.e. you can do this with ports too)
>
> --
> Mark Nottingham http://www.mnot.net/
-> <http://trac.tools.ietf.org/wg/httpbis/trac/changeset/2229>
Best regards, Julian
Received on Sunday, 28 April 2013 15:46:21 UTC