Re: Call for adoption: draft-reschke-httpauth-auth-info-00

On 2015-02-02 15:08, Rifaat Shekh-Yusef wrote:
> This document does not define any semantics associated with these
> header, which means that the document that uses these header will be the
> one that must address the information leak issue.
> I do not see why we would restrict a future use of these headers based
> on the Digest usage; this seems odd to me.
> Regards,
>   Rifaat

Well, the goal for me was not to define anything new, but just to 
extract what we have already into something that can be maintained 
separately from DIGEST. As such, Hervé's comment made sense to me, and I 
updated the editor's copy accordingly:


Maybe other potential users of Auth-Info (Yutaka & Alexey) could state 
whether having this constraint would affect their ability to use 

Assuming that is not the case, I'd like to declare victory, submit a new 
draft, and ask Mark to start a WGLC...

Best regards, Julian

Received on Wednesday, 4 February 2015 16:47:55 UTC