W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

WWW-Authenticate parsing quirks, was: SECDIR review of draft-ietf-httpbis-p7-auth-24

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 30 Oct 2013 15:22:14 +0100
Message-ID: <52711616.1060008@gmx.de>
To: Stephen Kent <kent@bbn.com>, secdir <secdir@ietf.org>, fielding@gbiv.com, mnot@pobox.com, Barry Leiba <barryleiba@computer.org>, Pete Resnick <presnick@qti.qualcomm.com>, "Mankin, Allison" <amankin@verisign.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 2013-10-29 20:35, Stephen Kent wrote:
> ...
> In Section 4.4 the text says:
> Note: The challenge grammar production uses the list syntax as
> well.Therefore, a sequence of comma, whitespace, and comma can
> be considered both as applying to the preceding challenge, or to
> be an empty entry in the list of challenges.In practice, this
> ambiguity does not affect the semantics of the header field value
> Should “both” be “either” in the above text? Does the potentially
 > ...

Yes (done)

> ambiguous construct ever take on both meanings simultaneously?
> ...

Yes, but these two meanings do not affect the semantics of the header 
field as a whole (it's either an empty entry in the list of auth 
parameters, or an empty challenge value).

Best regards, Julian
Received on Wednesday, 30 October 2013 14:22:51 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:38 UTC