- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Wed, 04 Jun 2014 07:10:48 +0200
- To: grahame@healthintersections.com.au, Wenbo Zhu <wenboz@google.com>
- CC: HTTP Working Group <ietf-http-wg@w3.org>
Hi there, I agree that this requires clarification, but it is too late for RFC 7235. That being said, it would be good to have a single place for proposed future changes. My proposal would be to keep using the SVN Trac instance for that. Best regards, Julian On 2014-06-03 23:39, Grahame Grieve wrote: > I think that this an attempt to propose clarification, which is good, > because this is confusing: > > The 401 (Unauthorized) status code indicates that the request has not > been applied because it lacks valid authentication credentials for > the target resource > > > A server that receives valid credentials which are not adequate to > gain access ought to respond with the 403 (Forbidden) status code > (Section 6.5.3 of [Part2 <http://tools.ietf.org/html/draft-ietf-httpbis-p7-auth-26#ref-Part2>]) > > > There's rather an overlap between those, and consequently quite a lack of > > clarity about which should be used when. > > > Grahame > > > > > On Wed, Jun 4, 2014 at 7:25 AM, Wenbo Zhu <wenboz@google.com > <mailto:wenboz@google.com>> wrote: > > Just ping the group and see if we may consider renaming 401 as > "unauthenticated", to be exact. > > http://tools.ietf.org/html/draft-ietf-httpbis-p7-auth-26#section-2.1 > > Thanks, > Wenbo > > > > > -- > ----- > http://www.healthintersections.com.au / > grahame@healthintersections.com.au > <mailto:grahame@healthintersections.com.au>
Received on Wednesday, 4 June 2014 05:11:21 UTC