- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Tue, 30 May 2023 18:42:43 +0200
- To: Philippe Cloutier <chealer@gmail.com>, "Roy T. Fielding" <fielding@gbiv.com>
- Cc: RFC Errata System <rfc-editor@rfc-editor.org>, Mark Nottingham <mnot@mnot.net>, ietf-http-wg@w3.org
On 30.05.2023 18:37, Philippe Cloutier wrote: > Hi Roy, > > Le mar. 30 mai 2023 à 12:01, Roy T. Fielding <fielding@gbiv.com > <mailto:fielding@gbiv.com>> a écrit : > > > On May 29, 2023, at 2:47 PM, RFC Errata System > <rfc-editor@rfc-editor.org <mailto:rfc-editor@rfc-editor.org>> wrote: > > > > The following errata report has been submitted for RFC9110, > > "HTTP Semantics". > > > > -------------------------------------- > > You may review the report below and at: > > https://www.rfc-editor.org/errata/eid7530 > <https://www.rfc-editor.org/errata/eid7530> > > > > -------------------------------------- > > Type: Editorial > > Reported by: Philippe Cloutier <chealer@gmail.com > <mailto:chealer@gmail.com>> > > > > Section: 15.5.2. > > > > Original Text > > ------------- > > The 401 (Unauthorized) status code indicates that the request has not > > been applied because it lacks valid authentication credentials for > > the target resource. > > > > Corrected Text > > -------------- > > The 401 (Unauthorized) status code indicates that the request has not > > been processed because it lacks valid authentication credentials for > > the target resource. > > > > Notes > > ----- > > "applying a request" is not a standard expression. Usually, > requests are "treated", "granted" or "processed". > > > > This phrasing was imported in Apache Tomcat; thanks to Mark > Thomas for pointing out it came from this RFC. > > REJECT > > A method is applied to a resource to have an effect that results in > a response. > Any web search on "method applied" will show you that it is quite > common in > standard English. > > > You are right that a method can be applied. But the problematic > statement is about a *request*. It is perfectly valid to "apply a method > to process a request", for example, but that's not what the sentence says. The method is part of the HTTP request... > > The request has already been processed, at least partially, > in order to make a decision that resulted in a 401 error. > > > To clarify, the contents of "Corrected Text" are merely a suggestion. > Please don't take this as a request to change with the text I wrote, but > as a request to apply whatever fix is best. There are several other > options. I suggested "processed" since it's in line with 400, but I do > not disagree that returning a 401 error is some partial request processing. > > > The 401 (Unauthorized) status code indicates that the request has not > been granted because it lacks valid authentication credentials for the > target resource. > > ...would be IMO more exact. "fulfilled" would be another option. "granted" would be for authorization (403), but not for authentication (401). > > [...] > > In any case, RFC9110 defines a lot of standard expressions. > > > I am sorry but I fail to understand what you are saying. > > > ....Roy Same here. Let's stick to the terminology that we've been using for years now. Best regards, Julian
Received on Tuesday, 30 May 2023 16:43:02 UTC