- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Wed, 04 Feb 2015 17:46:52 +0100
- To: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
- CC: Amos Jeffries <squid3@treenet.co.nz>, ietf-http-wg@w3.org, Yutaka Oiwa <y.oiwa@aist.go.jp>, Alexey Melnikov <alexey.melnikov@isode.com>
On 2015-02-02 15:08, Rifaat Shekh-Yusef wrote: > This document does not define any semantics associated with these > header, which means that the document that uses these header will be the > one that must address the information leak issue. > I do not see why we would restrict a future use of these headers based > on the Digest usage; this seems odd to me. > > Regards, > Rifaat Well, the goal for me was not to define anything new, but just to extract what we have already into something that can be maintained separately from DIGEST. As such, Hervé's comment made sense to me, and I updated the editor's copy accordingly: <http://greenbytes.de/tech/webdav/draft-ietf-httpbis-auth-info-latest-from-previous.diff.html> Maybe other potential users of Auth-Info (Yutaka & Alexey) could state whether having this constraint would affect their ability to use Authentication-Info? Assuming that is not the case, I'd like to declare victory, submit a new draft, and ask Mark to start a WGLC... Best regards, Julian
Received on Wednesday, 4 February 2015 16:47:55 UTC