Ticket #349: 349.diff

File 349.diff, 1.7 KB (added by julian.reschke@…, 9 years ago)
  • p7-auth.xml

    298298   — can do so by including a Proxy-Authorization header field with the
    299299   request.
    301 <t>   
    302302   Both the Authorization field value and the Proxy-Authorization field value
    303    consist of credentials containing the authentication information of the
    304    client for the realm of the resource being requested. The user agent &MUST;
    305    choose to use one of the challenges with the strongest auth-scheme it
    306    understands and request credentials from the user based upon that challenge.
     303   contain the client's credentials for the realm of the resource being
     304   requested, based upon a challenge received from the server (possibly at
     305   some point in the past). When creating their values, the user agent ought to
     306   do so by selecting the challenge with what it considers to be the most
     307   secure auth-scheme that it understands, obtaining credentials from the user
     308   as appropriate.
    308310<figure><artwork type="abnf2616"><iref item="credentials" primary="true"/><iref primary="true" item="Grammar" subitem="credentials"/>
    309311  <x:ref>credentials</x:ref> = <x:ref>auth-scheme</x:ref> [ 1*<x:ref>SP</x:ref> ( <x:ref>b64token</x:ref> / #<x:ref>auth-param</x:ref> ) ]
    11231125<section title="Since draft-ietf-httpbis-p7-auth-19" anchor="changes.since.19">
    1125   None yet.
     1127  Closed issues:
     1128  <list style="symbols">
     1129    <t>
     1130      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/349"/>:
     1131      "Strength"
     1132    </t>
     1133  </list>