- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Mon, 12 Aug 2013 18:52:26 +0100
- To: Tim Bray <tbray@textuality.com>
- Cc: Jan Algermissen <jan.algermissen@nordsc.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 11 August 2013 06:58, Tim Bray <tbray@textuality.com> wrote: > I’m trying to think of a scenario in which you were granted a token and > subsequently got a 401 that is *not* an expiry. ... AND the difference was worth knowing about in some automated fashion. A lot of these cases I can imagine are related to some sort of credential revocation. In those cases, manual intervention (running the login scenario again) seems OK, which gives all sorts of application-context-specific opportunities for providing any necessary extra information.
Received on Monday, 12 August 2013 17:52:53 UTC