Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

draft-ietf-httpbis-p7-auth-02-from-1.diff.html @ 841

Last change on this file since 841 was 222, checked in by fielding@…, 12 years ago
diffs from 01 to 02
Property svn:eol-style set to `native` Property svn:mime-type set to `text/html; charset=iso-8859-1`
File size: 97.0 KB

Line
1	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2	<!-- Generated by rfcdiff 1.34: rfcdiff -->
3	<!-- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional" > -->
4	<!-- System: Darwin kiwi.local 8.11.0 Darwin Kernel Version 8.11.0: Wed Oct 10 18:26:00 PDT 2007; root:xnu-792.24.17~1/RELEASE_PPC Power Macintosh powerpc -->
5	<!-- Using awk: /usr/local/bin/gawk: GNU Awk 3.1.6 -->
6	<!-- Using diff: /usr/bin/diff: diff (GNU diffutils) 2.8.1 -->
7	<!-- Using wdiff: /usr/local/bin/wdiff: wdiff (Free wdiff) 0.5g -->
8	<html>
9	<head>
10	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
11	<meta http-equiv="Content-Style-Type" content="text/css" />
12	<title>Diff: draft-ietf-httpbis-p7-auth-01.txt - draft-ietf-httpbis-p7-auth-02.txt</title>
13	<style type="text/css">
14	body { margin: 0.4ex; margin-right: auto; }
15	tr { }
16	td { white-space: pre; font-family: monospace; vertical-align: top; font-size: 0.86em;}
17	th { font-size: 0.86em; }
18	.small { font-size: 0.6em; font-style: italic; font-family: Verdana, Helvetica, sans-serif; }
19	.left { background-color: #EEE; }
20	.right { background-color: #FFF; }
21	.diff { background-color: #CCF; }
22	.lblock { background-color: #BFB; }
23	.rblock { background-color: #FF8; }
24	.insert { background-color: #8FF; }
25	.delete { background-color: #ACF; }
26	.void { background-color: #FFB; }
27	.cont { background-color: #EEE; }
28	.linebr { background-color: #AAA; }
29	.lineno { color: red; background-color: #FFF; font-size: 0.7em; text-align: right; padding: 0 2px; }
30	.elipsis{ background-color: #AAA; }
31	.left .cont { background-color: #DDD; }
32	.right .cont { background-color: #EEE; }
33	.lblock .cont { background-color: #9D9; }
34	.rblock .cont { background-color: #DD6; }
35	.insert .cont { background-color: #0DD; }
36	.delete .cont { background-color: #8AD; }
37	.stats, .stats td, .stats th { background-color: #EEE; padding: 2px 0; }
38	</style>
39	</head>
40	<body >
41	<table border="0" cellpadding="0" cellspacing="0">
42	<tr bgcolor="orange"><th></th><th> draft-ietf-httpbis-p7-auth-01.txt </th><th> </th><th> draft-ietf-httpbis-p7-auth-02.txt </th><th></th></tr>
43	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
44	<tr><td class="lineno" valign="top"></td><td class="left">Network Working Group R. Fielding, Ed.</td><td> </td><td class="right">Network Working Group R. Fielding, Ed.</td><td class="lineno" valign="top"></td></tr>
45	<tr><td class="lineno" valign="top"></td><td class="left">Internet-Draft Day Software</td><td> </td><td class="right">Internet-Draft Day Software</td><td class="lineno" valign="top"></td></tr>
46	<tr><td class="lineno" valign="top"></td><td class="left">Obsoletes: 2616 (if approved) J. Gettys</td><td> </td><td class="right">Obsoletes: 2616 (if approved) J. Gettys</td><td class="lineno" valign="top"></td></tr>
47	<tr><td class="lineno" valign="top"></td><td class="left">Updates: 2617 (if approved) One Laptop per Child</td><td> </td><td class="right">Updates: 2617 (if approved) One Laptop per Child</td><td class="lineno" valign="top"></td></tr>
48	<tr><td class="lineno" valign="top"></td><td class="left">Intended status: Standards Track J. Mogul</td><td> </td><td class="right">Intended status: Standards Track J. Mogul</td><td class="lineno" valign="top"></td></tr>
49	<tr><td><a name="diff0001" /></td></tr>
50	<tr><td class="lineno" valign="top"></td><td class="lblock">Expires: <span class="delete">July 15, 2008 </span> HP</td><td> </td><td class="rblock">Expires: <span class="insert">August 27, 2008</span> HP</td><td class="lineno" valign="top"></td></tr>
51	<tr><td class="lineno" valign="top"></td><td class="left"> H. Frystyk</td><td> </td><td class="right"> H. Frystyk</td><td class="lineno" valign="top"></td></tr>
52	<tr><td class="lineno" valign="top"></td><td class="left"> Microsoft</td><td> </td><td class="right"> Microsoft</td><td class="lineno" valign="top"></td></tr>
53	<tr><td class="lineno" valign="top"></td><td class="left"> L. Masinter</td><td> </td><td class="right"> L. Masinter</td><td class="lineno" valign="top"></td></tr>
54	<tr><td class="lineno" valign="top"></td><td class="left"> Adobe Systems</td><td> </td><td class="right"> Adobe Systems</td><td class="lineno" valign="top"></td></tr>
55	<tr><td class="lineno" valign="top"></td><td class="left"> P. Leach</td><td> </td><td class="right"> P. Leach</td><td class="lineno" valign="top"></td></tr>
56	<tr><td class="lineno" valign="top"></td><td class="left"> Microsoft</td><td> </td><td class="right"> Microsoft</td><td class="lineno" valign="top"></td></tr>
57	<tr><td class="lineno" valign="top"></td><td class="left"> T. Berners-Lee</td><td> </td><td class="right"> T. Berners-Lee</td><td class="lineno" valign="top"></td></tr>
58	<tr><td class="lineno" valign="top"></td><td class="left"> W3C/MIT</td><td> </td><td class="right"> W3C/MIT</td><td class="lineno" valign="top"></td></tr>
59	<tr><td class="lineno" valign="top"></td><td class="left"> Y. Lafon, Ed.</td><td> </td><td class="right"> Y. Lafon, Ed.</td><td class="lineno" valign="top"></td></tr>
60	<tr><td class="lineno" valign="top"></td><td class="left"> W3C</td><td> </td><td class="right"> W3C</td><td class="lineno" valign="top"></td></tr>
61	<tr><td class="lineno" valign="top"></td><td class="left"> J. Reschke, Ed.</td><td> </td><td class="right"> J. Reschke, Ed.</td><td class="lineno" valign="top"></td></tr>
62	<tr><td class="lineno" valign="top"></td><td class="left"> greenbytes</td><td> </td><td class="right"> greenbytes</td><td class="lineno" valign="top"></td></tr>
63	<tr><td><a name="diff0002" /></td></tr>
64	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete"> January 12</span>, 2008</td><td> </td><td class="rblock"> <span class="insert">February 24</span>, 2008</td><td class="lineno" valign="top"></td></tr>
65	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
66	<tr><td class="lineno" valign="top"></td><td class="left"> HTTP/1.1, part 7: Authentication</td><td> </td><td class="right"> HTTP/1.1, part 7: Authentication</td><td class="lineno" valign="top"></td></tr>
67	<tr><td><a name="diff0003" /></td></tr>
68	<tr><td class="lineno" valign="top"></td><td class="lblock"> draft-ietf-httpbis-p7-auth-0<span class="delete">1</span></td><td> </td><td class="rblock"> draft-ietf-httpbis-p7-auth-0<span class="insert">2</span></td><td class="lineno" valign="top"></td></tr>
69	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
70	<tr><td class="lineno" valign="top"></td><td class="left">Status of this Memo</td><td> </td><td class="right">Status of this Memo</td><td class="lineno" valign="top"></td></tr>
71	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
72	<tr><td class="lineno" valign="top"></td><td class="left"> By submitting this Internet-Draft, each author represents that any</td><td> </td><td class="right"> By submitting this Internet-Draft, each author represents that any</td><td class="lineno" valign="top"></td></tr>
73	<tr><td class="lineno" valign="top"></td><td class="left"> applicable patent or other IPR claims of which he or she is aware</td><td> </td><td class="right"> applicable patent or other IPR claims of which he or she is aware</td><td class="lineno" valign="top"></td></tr>
74	<tr><td class="lineno" valign="top"></td><td class="left"> have been or will be disclosed, and any of which he or she becomes</td><td> </td><td class="right"> have been or will be disclosed, and any of which he or she becomes</td><td class="lineno" valign="top"></td></tr>
75	<tr><td class="lineno" valign="top"></td><td class="left"> aware will be disclosed, in accordance with Section 6 of BCP 79.</td><td> </td><td class="right"> aware will be disclosed, in accordance with Section 6 of BCP 79.</td><td class="lineno" valign="top"></td></tr>
76	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
77	<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are working documents of the Internet Engineering</td><td> </td><td class="right"> Internet-Drafts are working documents of the Internet Engineering</td><td class="lineno" valign="top"></td></tr>
78	<tr><td class="lineno" valign="top"></td><td class="left"> Task Force (IETF), its areas, and its working groups. Note that</td><td> </td><td class="right"> Task Force (IETF), its areas, and its working groups. Note that</td><td class="lineno" valign="top"></td></tr>
79	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
80	<tr bgcolor="gray" ><td></td><th><a name="part-l2" /><small>skipping to change at</small><em> page 1, line 49</em></th><th> </th><th><a name="part-r2" /><small>skipping to change at</small><em> page 1, line 49</em></th><td></td></tr>
81	<tr><td class="lineno" valign="top"></td><td class="left"> and may be updated, replaced, or obsoleted by other documents at any</td><td> </td><td class="right"> and may be updated, replaced, or obsoleted by other documents at any</td><td class="lineno" valign="top"></td></tr>
82	<tr><td class="lineno" valign="top"></td><td class="left"> time. It is inappropriate to use Internet-Drafts as reference</td><td> </td><td class="right"> time. It is inappropriate to use Internet-Drafts as reference</td><td class="lineno" valign="top"></td></tr>
83	<tr><td class="lineno" valign="top"></td><td class="left"> material or to cite them other than as "work in progress."</td><td> </td><td class="right"> material or to cite them other than as "work in progress."</td><td class="lineno" valign="top"></td></tr>
84	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
85	<tr><td class="lineno" valign="top"></td><td class="left"> The list of current Internet-Drafts can be accessed at</td><td> </td><td class="right"> The list of current Internet-Drafts can be accessed at</td><td class="lineno" valign="top"></td></tr>
86	<tr><td class="lineno" valign="top"></td><td class="left"> http://www.ietf.org/ietf/1id-abstracts.txt.</td><td> </td><td class="right"> http://www.ietf.org/ietf/1id-abstracts.txt.</td><td class="lineno" valign="top"></td></tr>
87	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
88	<tr><td class="lineno" valign="top"></td><td class="left"> The list of Internet-Draft Shadow Directories can be accessed at</td><td> </td><td class="right"> The list of Internet-Draft Shadow Directories can be accessed at</td><td class="lineno" valign="top"></td></tr>
89	<tr><td class="lineno" valign="top"></td><td class="left"> http://www.ietf.org/shadow.html.</td><td> </td><td class="right"> http://www.ietf.org/shadow.html.</td><td class="lineno" valign="top"></td></tr>
90	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
91	<tr><td><a name="diff0004" /></td></tr>
92	<tr><td class="lineno" valign="top"></td><td class="lblock"> This Internet-Draft will expire on <span class="delete">July 15</span>, 2008.</td><td> </td><td class="rblock"> This Internet-Draft will expire on <span class="insert">August 27</span>, 2008.</td><td class="lineno" valign="top"></td></tr>
93	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
94	<tr><td class="lineno" valign="top"></td><td class="left">Copyright Notice</td><td> </td><td class="right">Copyright Notice</td><td class="lineno" valign="top"></td></tr>
95	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
96	<tr><td class="lineno" valign="top"></td><td class="left"> Copyright (C) The IETF Trust (2008).</td><td> </td><td class="right"> Copyright (C) The IETF Trust (2008).</td><td class="lineno" valign="top"></td></tr>
97	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
98	<tr><td class="lineno" valign="top"></td><td class="left">Abstract</td><td> </td><td class="right">Abstract</td><td class="lineno" valign="top"></td></tr>
99	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
100	<tr><td class="lineno" valign="top"></td><td class="left"> The Hypertext Transfer Protocol (HTTP) is an application-level</td><td> </td><td class="right"> The Hypertext Transfer Protocol (HTTP) is an application-level</td><td class="lineno" valign="top"></td></tr>
101	<tr><td class="lineno" valign="top"></td><td class="left"> protocol for distributed, collaborative, hypermedia information</td><td> </td><td class="right"> protocol for distributed, collaborative, hypermedia information</td><td class="lineno" valign="top"></td></tr>
102	<tr><td class="lineno" valign="top"></td><td class="left"> systems. HTTP has been in use by the World Wide Web global</td><td> </td><td class="right"> systems. HTTP has been in use by the World Wide Web global</td><td class="lineno" valign="top"></td></tr>
103	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
104	<tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 3, line 9</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 3, line 9</em></th><td></td></tr>
105	<tr><td class="lineno" valign="top"></td><td class="left"> This draft incorporates those issue resolutions that were either</td><td> </td><td class="right"> This draft incorporates those issue resolutions that were either</td><td class="lineno" valign="top"></td></tr>
106	<tr><td class="lineno" valign="top"></td><td class="left"> collected in the original RFC2616 errata list</td><td> </td><td class="right"> collected in the original RFC2616 errata list</td><td class="lineno" valign="top"></td></tr>
107	<tr><td class="lineno" valign="top"></td><td class="left"> (<http://purl.org/NET/http-errata>), or which were agreed upon on the</td><td> </td><td class="right"> (<http://purl.org/NET/http-errata>), or which were agreed upon on the</td><td class="lineno" valign="top"></td></tr>
108	<tr><td class="lineno" valign="top"></td><td class="left"> mailing list between October 2006 and November 2007 (as published in</td><td> </td><td class="right"> mailing list between October 2006 and November 2007 (as published in</td><td class="lineno" valign="top"></td></tr>
109	<tr><td class="lineno" valign="top"></td><td class="left"> "draft-lafon-rfc2616bis-03").</td><td> </td><td class="right"> "draft-lafon-rfc2616bis-03").</td><td class="lineno" valign="top"></td></tr>
110	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
111	<tr><td class="lineno" valign="top"></td><td class="left">Table of Contents</td><td> </td><td class="right">Table of Contents</td><td class="lineno" valign="top"></td></tr>
112	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
113	<tr><td class="lineno" valign="top"></td><td class="left"> 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4</td><td> </td><td class="right"> 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4</td><td class="lineno" valign="top"></td></tr>
114	<tr><td class="lineno" valign="top"></td><td class="left"> 1.1. Requirements . . . . . . . . . . . . . . . . . . . . . . . 4</td><td> </td><td class="right"> 1.1. Requirements . . . . . . . . . . . . . . . . . . . . . . . 4</td><td class="lineno" valign="top"></td></tr>
115	<tr><td><a name="diff0005" /></td></tr>
116	<tr><td class="lineno" valign="top"></td><td class="lblock"> 2. Status Code Definitions . . . . . . . . . . . . . . . . . . . <span class="delete">4</span></td><td> </td><td class="rblock"> 2. <span class="insert">Notational Conventions and Generic Grammar . . . . . . . . . . 4</span></td><td class="lineno" valign="top"></td></tr>
117	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 2.1.</span> 401 Unauthorized . . . . . . . . . . . . . . . . . . . . . <span class="delete">4</span></td><td> </td><td class="rblock"><span class="insert"> 3.</span> Status Code Definitions . . . . . . . . . . . . . . . . . . . <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
118	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 2.2.</span> 407 Proxy Authentication Required . . . . . . . . . . . . 5</td><td> </td><td class="rblock"><span class="insert"> 3.1.</span> 401 Unauthorized . . . . . . . . . . . . . . . . . . . . . <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
119	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">3.</span> Header Field Definitions . . . . . . . . . . . . . . . . . . . 5</td><td> </td><td class="rblock"><span class="insert"> 3.2.</span> 407 Proxy Authentication Required . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr>
120	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">3.1.</span> Authorization . . . . . . . . . . . . . . . . . . . . . . 5</td><td> </td><td class="rblock"> <span class="insert">4.</span> Header Field Definitions . . . . . . . . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr>
121	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">3.2.</span> Proxy-Authenticate . . . . . . . . . . . . . . . . . . . . 6</td><td> </td><td class="rblock"> <span class="insert">4.1.</span> Authorization . . . . . . . . . . . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr>
122	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">3.3.</span> Proxy-Authorization . . . . . . . . . . . . . . . . . . . <span class="delete">6</span></td><td> </td><td class="rblock"> <span class="insert">4.2.</span> Proxy-Authenticate . . . . . . . . . . . . . . . . . . . . 6</td><td class="lineno" valign="top"></td></tr>
123	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 3.4.</span> WWW-Authenticate . . . . . . . . . . . . . . . . . . . . . 7</td><td> </td><td class="rblock"> <span class="insert">4.3.</span> Proxy-Authorization . . . . . . . . . . . . . . . . . . . <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
124	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">4.</span> IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7</td><td> </td><td class="rblock"><span class="insert"> 4.4.</span> WWW-Authenticate . . . . . . . . . . . . . . . . . . . . . 7</td><td class="lineno" valign="top"></td></tr>
125	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">5.</span> Security Considerations . . . . . . . . . . . . . . . . . . . 7</td><td> </td><td class="rblock"> <span class="insert">5.</span> IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7</td><td class="lineno" valign="top"></td></tr>
126	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">5.1.</span> Authentication Credentials and Idle Clients . . . . . . . <span class="delete">7</span></td><td> </td><td class="rblock"> <span class="insert">6.</span> Security Considerations . . . . . . . . . . . . . . . . . . . 7</td><td class="lineno" valign="top"></td></tr>
127	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 6.</span> Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8</td><td> </td><td class="rblock"> <span class="insert">6.1.</span> Authentication Credentials and Idle Clients . . . . . . . <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
128	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">7.</span> References . . . . . . . . . . . . . . . . . . . . . . . . . . 8</td><td> </td><td class="rblock"><span class="insert"> 7.</span> Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8</td><td class="lineno" valign="top"></td></tr>
129	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">7.1.</span> Normative References . . . . . . . . . . . . . . . . . . . 8</td><td> </td><td class="rblock"> <span class="insert">8.</span> References . . . . . . . . . . . . . . . . . . . . . . . . . . 8</td><td class="lineno" valign="top"></td></tr>
130	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">7.2.</span> Informative References . . . . . . . . . . . . . . . . . . <span class="delete">8</span></td><td> </td><td class="rblock"> <span class="insert">8.1.</span> Normative References . . . . . . . . . . . . . . . . . . . 8</td><td class="lineno" valign="top"></td></tr>
131	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">8.2.</span> Informative References . . . . . . . . . . . . . . . . . . <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
132	<tr><td class="lineno" valign="top"></td><td class="left"> Appendix A. Compatibility with Previous Versions . . . . . . . . 9</td><td> </td><td class="right"> Appendix A. Compatibility with Previous Versions . . . . . . . . 9</td><td class="lineno" valign="top"></td></tr>
133	<tr><td class="lineno" valign="top"></td><td class="left"> A.1. Changes from RFC 2616 . . . . . . . . . . . . . . . . . . 9</td><td> </td><td class="right"> A.1. Changes from RFC 2616 . . . . . . . . . . . . . . . . . . 9</td><td class="lineno" valign="top"></td></tr>
134	<tr><td class="lineno" valign="top"></td><td class="left"> Appendix B. Change Log (to be removed by RFC Editor before</td><td> </td><td class="right"> Appendix B. Change Log (to be removed by RFC Editor before</td><td class="lineno" valign="top"></td></tr>
135	<tr><td class="lineno" valign="top"></td><td class="left"> publication) . . . . . . . . . . . . . . . . . . . . 9</td><td> </td><td class="right"> publication) . . . . . . . . . . . . . . . . . . . . 9</td><td class="lineno" valign="top"></td></tr>
136	<tr><td class="lineno" valign="top"></td><td class="left"> B.1. Since RFC2616 . . . . . . . . . . . . . . . . . . . . . . 9</td><td> </td><td class="right"> B.1. Since RFC2616 . . . . . . . . . . . . . . . . . . . . . . 9</td><td class="lineno" valign="top"></td></tr>
137	<tr><td class="lineno" valign="top"></td><td class="left"> B.2. Since draft-ietf-httpbis-p7-auth-00 . . . . . . . . . . . 9</td><td> </td><td class="right"> B.2. Since draft-ietf-httpbis-p7-auth-00 . . . . . . . . . . . 9</td><td class="lineno" valign="top"></td></tr>
138	<tr><td><a name="diff0006" /></td></tr>
139	<tr><td class="lineno" valign="top"></td><td class="lblock"> Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">9</span></td><td> </td><td class="rblock"> <span class="insert">B.3. Since draft-ietf-httpbis-p7-auth-01 . . . . . . . . . . . 9</span></td><td class="lineno" valign="top"></td></tr>
140	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">10</span></td><td class="lineno" valign="top"></td></tr>
141	<tr><td class="lineno" valign="top"></td><td class="left"> Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10</td><td> </td><td class="right"> Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10</td><td class="lineno" valign="top"></td></tr>
142	<tr><td><a name="diff0007" /></td></tr>
143	<tr><td class="lineno" valign="top"></td><td class="lblock"> Intellectual Property and Copyright Statements . . . . . . . . . . 1<span class="delete">3</span></td><td> </td><td class="rblock"> Intellectual Property and Copyright Statements . . . . . . . . . . 1<span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
144	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
145	<tr><td class="lineno" valign="top"></td><td class="left">1. Introduction</td><td> </td><td class="right">1. Introduction</td><td class="lineno" valign="top"></td></tr>
146	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
147	<tr><td class="lineno" valign="top"></td><td class="left"> This document defines HTTP/1.1 access control and authentication.</td><td> </td><td class="right"> This document defines HTTP/1.1 access control and authentication.</td><td class="lineno" valign="top"></td></tr>
148	<tr><td class="lineno" valign="top"></td><td class="left"> Right now it includes the extracted relevant sections of RFC 2616</td><td> </td><td class="right"> Right now it includes the extracted relevant sections of RFC 2616</td><td class="lineno" valign="top"></td></tr>
149	<tr><td class="lineno" valign="top"></td><td class="left"> with only minor changes. The intention is to move the general</td><td> </td><td class="right"> with only minor changes. The intention is to move the general</td><td class="lineno" valign="top"></td></tr>
150	<tr><td class="lineno" valign="top"></td><td class="left"> framework for HTTP authentication here, as currently specified in</td><td> </td><td class="right"> framework for HTTP authentication here, as currently specified in</td><td class="lineno" valign="top"></td></tr>
151	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2617], and allow the individual authentication mechanisms to be</td><td> </td><td class="right"> [RFC2617], and allow the individual authentication mechanisms to be</td><td class="lineno" valign="top"></td></tr>
152	<tr><td class="lineno" valign="top"></td><td class="left"> defined elsewhere. This introduction will be rewritten when that</td><td> </td><td class="right"> defined elsewhere. This introduction will be rewritten when that</td><td class="lineno" valign="top"></td></tr>
153	<tr><td class="lineno" valign="top"></td><td class="left"> occurs.</td><td> </td><td class="right"> occurs.</td><td class="lineno" valign="top"></td></tr>
154	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
155	<tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 4, line 39</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 4, line 39</em></th><td></td></tr>
156	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
157	<tr><td class="lineno" valign="top"></td><td class="left"> An implementation is not compliant if it fails to satisfy one or more</td><td> </td><td class="right"> An implementation is not compliant if it fails to satisfy one or more</td><td class="lineno" valign="top"></td></tr>
158	<tr><td class="lineno" valign="top"></td><td class="left"> of the MUST or REQUIRED level requirements for the protocols it</td><td> </td><td class="right"> of the MUST or REQUIRED level requirements for the protocols it</td><td class="lineno" valign="top"></td></tr>
159	<tr><td class="lineno" valign="top"></td><td class="left"> implements. An implementation that satisfies all the MUST or</td><td> </td><td class="right"> implements. An implementation that satisfies all the MUST or</td><td class="lineno" valign="top"></td></tr>
160	<tr><td class="lineno" valign="top"></td><td class="left"> REQUIRED level and all the SHOULD level requirements for its</td><td> </td><td class="right"> REQUIRED level and all the SHOULD level requirements for its</td><td class="lineno" valign="top"></td></tr>
161	<tr><td class="lineno" valign="top"></td><td class="left"> protocols is said to be "unconditionally compliant"; one that</td><td> </td><td class="right"> protocols is said to be "unconditionally compliant"; one that</td><td class="lineno" valign="top"></td></tr>
162	<tr><td class="lineno" valign="top"></td><td class="left"> satisfies all the MUST level requirements but not all the SHOULD</td><td> </td><td class="right"> satisfies all the MUST level requirements but not all the SHOULD</td><td class="lineno" valign="top"></td></tr>
163	<tr><td class="lineno" valign="top"></td><td class="left"> level requirements for its protocols is said to be "conditionally</td><td> </td><td class="right"> level requirements for its protocols is said to be "conditionally</td><td class="lineno" valign="top"></td></tr>
164	<tr><td class="lineno" valign="top"></td><td class="left"> compliant."</td><td> </td><td class="right"> compliant."</td><td class="lineno" valign="top"></td></tr>
165	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
166	<tr><td><a name="diff0008" /></td></tr>
167	<tr><td class="lineno" valign="top"></td><td class="lblock">2. <span class="delete">Status Code Definitions</span></td><td> </td><td class="rblock">2. <span class="insert">Notational Conventions and Generic Grammar</span></td><td class="lineno" valign="top"></td></tr>
168	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
169	<tr><td><a name="diff0009" /></td></tr>
170	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">2.1.</span> 401 Unauthorized</td><td> </td><td class="rblock"> <span class="insert">This specification uses the ABNF syntax defined in Section 2.1 of</span></td><td class="lineno" valign="top"></td></tr>
171	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> [Part1]. [[abnf.dep: ABNF syntax and basic rules will be adopted from</span></td><td class="lineno" valign="top"></td></tr>
172	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> RFC 5234, see <http://tools.ietf.org/wg/httpbis/trac/ticket/36>.]]</span></td><td class="lineno" valign="top"></td></tr>
173	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
174	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> The ABNF rules below are defined in other specifications:</span></td><td class="lineno" valign="top"></td></tr>
175	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
176	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> challenge = <challenge, defined in [RFC2617], Section 1.2></span></td><td class="lineno" valign="top"></td></tr>
177	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> credentials = <credentials, defined in [RFC2617], Section 1.2></span></td><td class="lineno" valign="top"></td></tr>
178	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
179	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">3. Status Code Definitions</span></td><td class="lineno" valign="top"></td></tr>
180	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
181	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">3.1.</span> 401 Unauthorized</td><td class="lineno" valign="top"></td></tr>
182	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
183	<tr><td class="lineno" valign="top"></td><td class="left"> The request requires user authentication. The response MUST include</td><td> </td><td class="right"> The request requires user authentication. The response MUST include</td><td class="lineno" valign="top"></td></tr>
184	<tr><td><a name="diff0010" /></td></tr>
185	<tr><td class="lineno" valign="top"></td><td class="lblock"> a WWW-Authenticate header field (Section <span class="delete">3</span>.4) containing a challenge</td><td> </td><td class="rblock"> a WWW-Authenticate header field (Section <span class="insert">4</span>.4) containing a challenge</td><td class="lineno" valign="top"></td></tr>
186	<tr><td class="lineno" valign="top"></td><td class="left"> applicable to the requested resource. The client MAY repeat the</td><td> </td><td class="right"> applicable to the requested resource. The client MAY repeat the</td><td class="lineno" valign="top"></td></tr>
187	<tr><td><a name="diff0011" /></td></tr>
188	<tr><td class="lineno" valign="top"></td><td class="lblock"> request with a suitable Authorization header field (Section <span class="delete">3</span>.1). If</td><td> </td><td class="rblock"> request with a suitable Authorization header field (Section <span class="insert">4</span>.1). If</td><td class="lineno" valign="top"></td></tr>
189	<tr><td class="lineno" valign="top"></td><td class="left"> the request already included Authorization credentials, then the 401</td><td> </td><td class="right"> the request already included Authorization credentials, then the 401</td><td class="lineno" valign="top"></td></tr>
190	<tr><td class="lineno" valign="top"></td><td class="left"> response indicates that authorization has been refused for those</td><td> </td><td class="right"> response indicates that authorization has been refused for those</td><td class="lineno" valign="top"></td></tr>
191	<tr><td class="lineno" valign="top"></td><td class="left"> credentials. If the 401 response contains the same challenge as the</td><td> </td><td class="right"> credentials. If the 401 response contains the same challenge as the</td><td class="lineno" valign="top"></td></tr>
192	<tr><td class="lineno" valign="top"></td><td class="left"> prior response, and the user agent has already attempted</td><td> </td><td class="right"> prior response, and the user agent has already attempted</td><td class="lineno" valign="top"></td></tr>
193	<tr><td class="lineno" valign="top"></td><td class="left"> authentication at least once, then the user SHOULD be presented the</td><td> </td><td class="right"> authentication at least once, then the user SHOULD be presented the</td><td class="lineno" valign="top"></td></tr>
194	<tr><td class="lineno" valign="top"></td><td class="left"> entity that was given in the response, since that entity might</td><td> </td><td class="right"> entity that was given in the response, since that entity might</td><td class="lineno" valign="top"></td></tr>
195	<tr><td class="lineno" valign="top"></td><td class="left"> include relevant diagnostic information. HTTP access authentication</td><td> </td><td class="right"> include relevant diagnostic information. HTTP access authentication</td><td class="lineno" valign="top"></td></tr>
196	<tr><td class="lineno" valign="top"></td><td class="left"> is explained in "HTTP Authentication: Basic and Digest Access</td><td> </td><td class="right"> is explained in "HTTP Authentication: Basic and Digest Access</td><td class="lineno" valign="top"></td></tr>
197	<tr><td class="lineno" valign="top"></td><td class="left"> Authentication" [RFC2617].</td><td> </td><td class="right"> Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
198	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
199	<tr><td><a name="diff0012" /></td></tr>
200	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">2</span>.2. 407 Proxy Authentication Required</td><td> </td><td class="rblock"><span class="insert">3</span>.2. 407 Proxy Authentication Required</td><td class="lineno" valign="top"></td></tr>
201	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
202	<tr><td class="lineno" valign="top"></td><td class="left"> This code is similar to 401 (Unauthorized), but indicates that the</td><td> </td><td class="right"> This code is similar to 401 (Unauthorized), but indicates that the</td><td class="lineno" valign="top"></td></tr>
203	<tr><td class="lineno" valign="top"></td><td class="left"> client must first authenticate itself with the proxy. The proxy MUST</td><td> </td><td class="right"> client must first authenticate itself with the proxy. The proxy MUST</td><td class="lineno" valign="top"></td></tr>
204	<tr><td><a name="diff0013" /></td></tr>
205	<tr><td class="lineno" valign="top"></td><td class="lblock"> return a Proxy-Authenticate header field (Section <span class="delete">3</span>.2) containing a</td><td> </td><td class="rblock"> return a Proxy-Authenticate header field (Section <span class="insert">4</span>.2) containing a</td><td class="lineno" valign="top"></td></tr>
206	<tr><td class="lineno" valign="top"></td><td class="left"> challenge applicable to the proxy for the requested resource. The</td><td> </td><td class="right"> challenge applicable to the proxy for the requested resource. The</td><td class="lineno" valign="top"></td></tr>
207	<tr><td class="lineno" valign="top"></td><td class="left"> client MAY repeat the request with a suitable Proxy-Authorization</td><td> </td><td class="right"> client MAY repeat the request with a suitable Proxy-Authorization</td><td class="lineno" valign="top"></td></tr>
208	<tr><td><a name="diff0014" /></td></tr>
209	<tr><td class="lineno" valign="top"></td><td class="lblock"> header field (Section <span class="delete">3</span>.3). HTTP access authentication is explained</td><td> </td><td class="rblock"> header field (Section <span class="insert">4</span>.3). HTTP access authentication is explained</td><td class="lineno" valign="top"></td></tr>
210	<tr><td class="lineno" valign="top"></td><td class="left"> in "HTTP Authentication: Basic and Digest Access Authentication"</td><td> </td><td class="right"> in "HTTP Authentication: Basic and Digest Access Authentication"</td><td class="lineno" valign="top"></td></tr>
211	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2617].</td><td> </td><td class="right"> [RFC2617].</td><td class="lineno" valign="top"></td></tr>
212	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
213	<tr><td><a name="diff0015" /></td></tr>
214	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>. Header Field Definitions</td><td> </td><td class="rblock"><span class="insert">4</span>. Header Field Definitions</td><td class="lineno" valign="top"></td></tr>
215	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
216	<tr><td class="lineno" valign="top"></td><td class="left"> This section defines the syntax and semantics of HTTP/1.1 header</td><td> </td><td class="right"> This section defines the syntax and semantics of HTTP/1.1 header</td><td class="lineno" valign="top"></td></tr>
217	<tr><td class="lineno" valign="top"></td><td class="left"> fields related to authentication.</td><td> </td><td class="right"> fields related to authentication.</td><td class="lineno" valign="top"></td></tr>
218	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
219	<tr><td><a name="diff0016" /></td></tr>
220	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>.1. Authorization</td><td> </td><td class="rblock"><span class="insert">4</span>.1. Authorization</td><td class="lineno" valign="top"></td></tr>
221	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
222	<tr><td class="lineno" valign="top"></td><td class="left"> A user agent that wishes to authenticate itself with a server--</td><td> </td><td class="right"> A user agent that wishes to authenticate itself with a server--</td><td class="lineno" valign="top"></td></tr>
223	<tr><td class="lineno" valign="top"></td><td class="left"> usually, but not necessarily, after receiving a 401 response--does so</td><td> </td><td class="right"> usually, but not necessarily, after receiving a 401 response--does so</td><td class="lineno" valign="top"></td></tr>
224	<tr><td class="lineno" valign="top"></td><td class="left"> by including an Authorization request-header field with the request.</td><td> </td><td class="right"> by including an Authorization request-header field with the request.</td><td class="lineno" valign="top"></td></tr>
225	<tr><td class="lineno" valign="top"></td><td class="left"> The Authorization field value consists of credentials containing the</td><td> </td><td class="right"> The Authorization field value consists of credentials containing the</td><td class="lineno" valign="top"></td></tr>
226	<tr><td class="lineno" valign="top"></td><td class="left"> authentication information of the user agent for the realm of the</td><td> </td><td class="right"> authentication information of the user agent for the realm of the</td><td class="lineno" valign="top"></td></tr>
227	<tr><td class="lineno" valign="top"></td><td class="left"> resource being requested.</td><td> </td><td class="right"> resource being requested.</td><td class="lineno" valign="top"></td></tr>
228	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
229	<tr><td class="lineno" valign="top"></td><td class="left"> Authorization = "Authorization" ":" credentials</td><td> </td><td class="right"> Authorization = "Authorization" ":" credentials</td><td class="lineno" valign="top"></td></tr>
230	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
231	<tr><td class="lineno" valign="top"></td><td class="left"> HTTP access authentication is described in "HTTP Authentication:</td><td> </td><td class="right"> HTTP access authentication is described in "HTTP Authentication:</td><td class="lineno" valign="top"></td></tr>
232	<tr><td class="lineno" valign="top"></td><td class="left"> Basic and Digest Access Authentication" [RFC2617]. If a request is</td><td> </td><td class="right"> Basic and Digest Access Authentication" [RFC2617]. If a request is</td><td class="lineno" valign="top"></td></tr>
233	<tr><td class="lineno" valign="top"></td><td class="left"> authenticated and a realm specified, the same credentials SHOULD be</td><td> </td><td class="right"> authenticated and a realm specified, the same credentials SHOULD be</td><td class="lineno" valign="top"></td></tr>
234	<tr><td class="lineno" valign="top"></td><td class="left"> valid for all other requests within this realm (assuming that the</td><td> </td><td class="right"> valid for all other requests within this realm (assuming that the</td><td class="lineno" valign="top"></td></tr>
235	<tr><td class="lineno" valign="top"></td><td class="left"> authentication scheme itself does not require otherwise, such as</td><td> </td><td class="right"> authentication scheme itself does not require otherwise, such as</td><td class="lineno" valign="top"></td></tr>
236	<tr><td class="lineno" valign="top"></td><td class="left"> credentials that vary according to a challenge value or using</td><td> </td><td class="right"> credentials that vary according to a challenge value or using</td><td class="lineno" valign="top"></td></tr>
237	<tr><td class="lineno" valign="top"></td><td class="left"> synchronized clocks).</td><td> </td><td class="right"> synchronized clocks).</td><td class="lineno" valign="top"></td></tr>
238	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
239	<tr><td><a name="diff0017" /></td></tr>
240	<tr><td class="lineno" valign="top"></td><td class="lblock"> When a shared cache (see Section <span class="delete">8</span> of [Part6]) receives a request</td><td> </td><td class="rblock"> When a shared cache (see Section <span class="insert">9</span> of [Part6]) receives a request</td><td class="lineno" valign="top"></td></tr>
241	<tr><td class="lineno" valign="top"></td><td class="left"> containing an Authorization field, it MUST NOT return the</td><td> </td><td class="right"> containing an Authorization field, it MUST NOT return the</td><td class="lineno" valign="top"></td></tr>
242	<tr><td class="lineno" valign="top"></td><td class="left"> corresponding response as a reply to any other request, unless one of</td><td> </td><td class="right"> corresponding response as a reply to any other request, unless one of</td><td class="lineno" valign="top"></td></tr>
243	<tr><td class="lineno" valign="top"></td><td class="left"> the following specific exceptions holds:</td><td> </td><td class="right"> the following specific exceptions holds:</td><td class="lineno" valign="top"></td></tr>
244	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
245	<tr><td class="lineno" valign="top"></td><td class="left"> 1. If the response includes the "s-maxage" cache-control directive,</td><td> </td><td class="right"> 1. If the response includes the "s-maxage" cache-control directive,</td><td class="lineno" valign="top"></td></tr>
246	<tr><td class="lineno" valign="top"></td><td class="left"> the cache MAY use that response in replying to a subsequent</td><td> </td><td class="right"> the cache MAY use that response in replying to a subsequent</td><td class="lineno" valign="top"></td></tr>
247	<tr><td class="lineno" valign="top"></td><td class="left"> request. But (if the specified maximum age has passed) a proxy</td><td> </td><td class="right"> request. But (if the specified maximum age has passed) a proxy</td><td class="lineno" valign="top"></td></tr>
248	<tr><td class="lineno" valign="top"></td><td class="left"> cache MUST first revalidate it with the origin server, using the</td><td> </td><td class="right"> cache MUST first revalidate it with the origin server, using the</td><td class="lineno" valign="top"></td></tr>
249	<tr><td class="lineno" valign="top"></td><td class="left"> request-headers from the new request to allow the origin server</td><td> </td><td class="right"> request-headers from the new request to allow the origin server</td><td class="lineno" valign="top"></td></tr>
250	<tr><td class="lineno" valign="top"></td><td class="left"> to authenticate the new request. (This is the defined behavior</td><td> </td><td class="right"> to authenticate the new request. (This is the defined behavior</td><td class="lineno" valign="top"></td></tr>
251	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
252	<tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 6, line 24</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 6, line 34</em></th><td></td></tr>
253	<tr><td class="lineno" valign="top"></td><td class="left"> 2. If the response includes the "must-revalidate" cache-control</td><td> </td><td class="right"> 2. If the response includes the "must-revalidate" cache-control</td><td class="lineno" valign="top"></td></tr>
254	<tr><td class="lineno" valign="top"></td><td class="left"> directive, the cache MAY use that response in replying to a</td><td> </td><td class="right"> directive, the cache MAY use that response in replying to a</td><td class="lineno" valign="top"></td></tr>
255	<tr><td class="lineno" valign="top"></td><td class="left"> subsequent request. But if the response is stale, all caches</td><td> </td><td class="right"> subsequent request. But if the response is stale, all caches</td><td class="lineno" valign="top"></td></tr>
256	<tr><td class="lineno" valign="top"></td><td class="left"> MUST first revalidate it with the origin server, using the</td><td> </td><td class="right"> MUST first revalidate it with the origin server, using the</td><td class="lineno" valign="top"></td></tr>
257	<tr><td class="lineno" valign="top"></td><td class="left"> request-headers from the new request to allow the origin server</td><td> </td><td class="right"> request-headers from the new request to allow the origin server</td><td class="lineno" valign="top"></td></tr>
258	<tr><td class="lineno" valign="top"></td><td class="left"> to authenticate the new request.</td><td> </td><td class="right"> to authenticate the new request.</td><td class="lineno" valign="top"></td></tr>
259	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
260	<tr><td class="lineno" valign="top"></td><td class="left"> 3. If the response includes the "public" cache-control directive, it</td><td> </td><td class="right"> 3. If the response includes the "public" cache-control directive, it</td><td class="lineno" valign="top"></td></tr>
261	<tr><td class="lineno" valign="top"></td><td class="left"> MAY be returned in reply to any subsequent request.</td><td> </td><td class="right"> MAY be returned in reply to any subsequent request.</td><td class="lineno" valign="top"></td></tr>
262	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
263	<tr><td><a name="diff0018" /></td></tr>
264	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>.2. Proxy-Authenticate</td><td> </td><td class="rblock"><span class="insert">4</span>.2. Proxy-Authenticate</td><td class="lineno" valign="top"></td></tr>
265	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
266	<tr><td class="lineno" valign="top"></td><td class="left"> The Proxy-Authenticate response-header field MUST be included as part</td><td> </td><td class="right"> The Proxy-Authenticate response-header field MUST be included as part</td><td class="lineno" valign="top"></td></tr>
267	<tr><td class="lineno" valign="top"></td><td class="left"> of a 407 (Proxy Authentication Required) response. The field value</td><td> </td><td class="right"> of a 407 (Proxy Authentication Required) response. The field value</td><td class="lineno" valign="top"></td></tr>
268	<tr><td class="lineno" valign="top"></td><td class="left"> consists of a challenge that indicates the authentication scheme and</td><td> </td><td class="right"> consists of a challenge that indicates the authentication scheme and</td><td class="lineno" valign="top"></td></tr>
269	<tr><td class="lineno" valign="top"></td><td class="left"> parameters applicable to the proxy for this Request-URI.</td><td> </td><td class="right"> parameters applicable to the proxy for this Request-URI.</td><td class="lineno" valign="top"></td></tr>
270	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
271	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate = "Proxy-Authenticate" ":" 1#challenge</td><td> </td><td class="right"> Proxy-Authenticate = "Proxy-Authenticate" ":" 1#challenge</td><td class="lineno" valign="top"></td></tr>
272	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
273	<tr><td class="lineno" valign="top"></td><td class="left"> The HTTP access authentication process is described in "HTTP</td><td> </td><td class="right"> The HTTP access authentication process is described in "HTTP</td><td class="lineno" valign="top"></td></tr>
274	<tr><td class="lineno" valign="top"></td><td class="left"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td> </td><td class="right"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
275	<tr><td class="lineno" valign="top"></td><td class="left"> Unlike WWW-Authenticate, the Proxy-Authenticate header field applies</td><td> </td><td class="right"> Unlike WWW-Authenticate, the Proxy-Authenticate header field applies</td><td class="lineno" valign="top"></td></tr>
276	<tr><td class="lineno" valign="top"></td><td class="left"> only to the current connection and SHOULD NOT be passed on to</td><td> </td><td class="right"> only to the current connection and SHOULD NOT be passed on to</td><td class="lineno" valign="top"></td></tr>
277	<tr><td class="lineno" valign="top"></td><td class="left"> downstream clients. However, an intermediate proxy might need to</td><td> </td><td class="right"> downstream clients. However, an intermediate proxy might need to</td><td class="lineno" valign="top"></td></tr>
278	<tr><td class="lineno" valign="top"></td><td class="left"> obtain its own credentials by requesting them from the downstream</td><td> </td><td class="right"> obtain its own credentials by requesting them from the downstream</td><td class="lineno" valign="top"></td></tr>
279	<tr><td class="lineno" valign="top"></td><td class="left"> client, which in some circumstances will appear as if the proxy is</td><td> </td><td class="right"> client, which in some circumstances will appear as if the proxy is</td><td class="lineno" valign="top"></td></tr>
280	<tr><td class="lineno" valign="top"></td><td class="left"> forwarding the Proxy-Authenticate header field.</td><td> </td><td class="right"> forwarding the Proxy-Authenticate header field.</td><td class="lineno" valign="top"></td></tr>
281	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
282	<tr><td><a name="diff0019" /></td></tr>
283	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>.3. Proxy-Authorization</td><td> </td><td class="rblock"><span class="insert">4</span>.3. Proxy-Authorization</td><td class="lineno" valign="top"></td></tr>
284	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
285	<tr><td class="lineno" valign="top"></td><td class="left"> The Proxy-Authorization request-header field allows the client to</td><td> </td><td class="right"> The Proxy-Authorization request-header field allows the client to</td><td class="lineno" valign="top"></td></tr>
286	<tr><td class="lineno" valign="top"></td><td class="left"> identify itself (or its user) to a proxy which requires</td><td> </td><td class="right"> identify itself (or its user) to a proxy which requires</td><td class="lineno" valign="top"></td></tr>
287	<tr><td class="lineno" valign="top"></td><td class="left"> authentication. The Proxy-Authorization field value consists of</td><td> </td><td class="right"> authentication. The Proxy-Authorization field value consists of</td><td class="lineno" valign="top"></td></tr>
288	<tr><td class="lineno" valign="top"></td><td class="left"> credentials containing the authentication information of the user</td><td> </td><td class="right"> credentials containing the authentication information of the user</td><td class="lineno" valign="top"></td></tr>
289	<tr><td class="lineno" valign="top"></td><td class="left"> agent for the proxy and/or realm of the resource being requested.</td><td> </td><td class="right"> agent for the proxy and/or realm of the resource being requested.</td><td class="lineno" valign="top"></td></tr>
290	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
291	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization = "Proxy-Authorization" ":" credentials</td><td> </td><td class="right"> Proxy-Authorization = "Proxy-Authorization" ":" credentials</td><td class="lineno" valign="top"></td></tr>
292	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
293	<tr><td class="lineno" valign="top"></td><td class="left"> The HTTP access authentication process is described in "HTTP</td><td> </td><td class="right"> The HTTP access authentication process is described in "HTTP</td><td class="lineno" valign="top"></td></tr>
294	<tr><td class="lineno" valign="top"></td><td class="left"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td> </td><td class="right"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
295	<tr><td class="lineno" valign="top"></td><td class="left"> Unlike Authorization, the Proxy-Authorization header field applies</td><td> </td><td class="right"> Unlike Authorization, the Proxy-Authorization header field applies</td><td class="lineno" valign="top"></td></tr>
296	<tr><td class="lineno" valign="top"></td><td class="left"> only to the next outbound proxy that demanded authentication using</td><td> </td><td class="right"> only to the next outbound proxy that demanded authentication using</td><td class="lineno" valign="top"></td></tr>
297	<tr><td class="lineno" valign="top"></td><td class="left"> the Proxy-Authenticate field. When multiple proxies are used in a</td><td> </td><td class="right"> the Proxy-Authenticate field. When multiple proxies are used in a</td><td class="lineno" valign="top"></td></tr>
298	<tr><td class="lineno" valign="top"></td><td class="left"> chain, the Proxy-Authorization header field is consumed by the first</td><td> </td><td class="right"> chain, the Proxy-Authorization header field is consumed by the first</td><td class="lineno" valign="top"></td></tr>
299	<tr><td class="lineno" valign="top"></td><td class="left"> outbound proxy that was expecting to receive credentials. A proxy</td><td> </td><td class="right"> outbound proxy that was expecting to receive credentials. A proxy</td><td class="lineno" valign="top"></td></tr>
300	<tr><td class="lineno" valign="top"></td><td class="left"> MAY relay the credentials from the client request to the next proxy</td><td> </td><td class="right"> MAY relay the credentials from the client request to the next proxy</td><td class="lineno" valign="top"></td></tr>
301	<tr><td class="lineno" valign="top"></td><td class="left"> if that is the mechanism by which the proxies cooperatively</td><td> </td><td class="right"> if that is the mechanism by which the proxies cooperatively</td><td class="lineno" valign="top"></td></tr>
302	<tr><td class="lineno" valign="top"></td><td class="left"> authenticate a given request.</td><td> </td><td class="right"> authenticate a given request.</td><td class="lineno" valign="top"></td></tr>
303	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
304	<tr><td><a name="diff0020" /></td></tr>
305	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>.4. WWW-Authenticate</td><td> </td><td class="rblock"><span class="insert">4</span>.4. WWW-Authenticate</td><td class="lineno" valign="top"></td></tr>
306	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
307	<tr><td class="lineno" valign="top"></td><td class="left"> The WWW-Authenticate response-header field MUST be included in 401</td><td> </td><td class="right"> The WWW-Authenticate response-header field MUST be included in 401</td><td class="lineno" valign="top"></td></tr>
308	<tr><td class="lineno" valign="top"></td><td class="left"> (Unauthorized) response messages. The field value consists of at</td><td> </td><td class="right"> (Unauthorized) response messages. The field value consists of at</td><td class="lineno" valign="top"></td></tr>
309	<tr><td class="lineno" valign="top"></td><td class="left"> least one challenge that indicates the authentication scheme(s) and</td><td> </td><td class="right"> least one challenge that indicates the authentication scheme(s) and</td><td class="lineno" valign="top"></td></tr>
310	<tr><td class="lineno" valign="top"></td><td class="left"> parameters applicable to the Request-URI.</td><td> </td><td class="right"> parameters applicable to the Request-URI.</td><td class="lineno" valign="top"></td></tr>
311	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
312	<tr><td class="lineno" valign="top"></td><td class="left"> WWW-Authenticate = "WWW-Authenticate" ":" 1#challenge</td><td> </td><td class="right"> WWW-Authenticate = "WWW-Authenticate" ":" 1#challenge</td><td class="lineno" valign="top"></td></tr>
313	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
314	<tr><td class="lineno" valign="top"></td><td class="left"> The HTTP access authentication process is described in "HTTP</td><td> </td><td class="right"> The HTTP access authentication process is described in "HTTP</td><td class="lineno" valign="top"></td></tr>
315	<tr><td class="lineno" valign="top"></td><td class="left"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td> </td><td class="right"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
316	<tr><td class="lineno" valign="top"></td><td class="left"> User agents are advised to take special care in parsing the WWW-</td><td> </td><td class="right"> User agents are advised to take special care in parsing the WWW-</td><td class="lineno" valign="top"></td></tr>
317	<tr><td class="lineno" valign="top"></td><td class="left"> Authenticate field value as it might contain more than one challenge,</td><td> </td><td class="right"> Authenticate field value as it might contain more than one challenge,</td><td class="lineno" valign="top"></td></tr>
318	<tr><td class="lineno" valign="top"></td><td class="left"> or if more than one WWW-Authenticate header field is provided, the</td><td> </td><td class="right"> or if more than one WWW-Authenticate header field is provided, the</td><td class="lineno" valign="top"></td></tr>
319	<tr><td class="lineno" valign="top"></td><td class="left"> contents of a challenge itself can contain a comma-separated list of</td><td> </td><td class="right"> contents of a challenge itself can contain a comma-separated list of</td><td class="lineno" valign="top"></td></tr>
320	<tr><td class="lineno" valign="top"></td><td class="left"> authentication parameters.</td><td> </td><td class="right"> authentication parameters.</td><td class="lineno" valign="top"></td></tr>
321	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
322	<tr><td><a name="diff0021" /></td></tr>
323	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>. IANA Considerations</td><td> </td><td class="rblock"><span class="insert">5</span>. IANA Considerations</td><td class="lineno" valign="top"></td></tr>
324	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
325	<tr><td><a name="diff0022" /></td></tr>
326	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">TBD.</span></td><td> </td><td class="rblock"> <span class="insert">[[anchor2: TBD.]]</span></td><td class="lineno" valign="top"></td></tr>
327	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
328	<tr><td><a name="diff0023" /></td></tr>
329	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">5</span>. Security Considerations</td><td> </td><td class="rblock"><span class="insert">6</span>. Security Considerations</td><td class="lineno" valign="top"></td></tr>
330	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
331	<tr><td class="lineno" valign="top"></td><td class="left"> This section is meant to inform application developers, information</td><td> </td><td class="right"> This section is meant to inform application developers, information</td><td class="lineno" valign="top"></td></tr>
332	<tr><td class="lineno" valign="top"></td><td class="left"> providers, and users of the security limitations in HTTP/1.1 as</td><td> </td><td class="right"> providers, and users of the security limitations in HTTP/1.1 as</td><td class="lineno" valign="top"></td></tr>
333	<tr><td class="lineno" valign="top"></td><td class="left"> described by this document. The discussion does not include</td><td> </td><td class="right"> described by this document. The discussion does not include</td><td class="lineno" valign="top"></td></tr>
334	<tr><td class="lineno" valign="top"></td><td class="left"> definitive solutions to the problems revealed, though it does make</td><td> </td><td class="right"> definitive solutions to the problems revealed, though it does make</td><td class="lineno" valign="top"></td></tr>
335	<tr><td class="lineno" valign="top"></td><td class="left"> some suggestions for reducing security risks.</td><td> </td><td class="right"> some suggestions for reducing security risks.</td><td class="lineno" valign="top"></td></tr>
336	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
337	<tr><td><a name="diff0024" /></td></tr>
338	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">5</span>.1. Authentication Credentials and Idle Clients</td><td> </td><td class="rblock"><span class="insert">6</span>.1. Authentication Credentials and Idle Clients</td><td class="lineno" valign="top"></td></tr>
339	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
340	<tr><td class="lineno" valign="top"></td><td class="left"> Existing HTTP clients and user agents typically retain authentication</td><td> </td><td class="right"> Existing HTTP clients and user agents typically retain authentication</td><td class="lineno" valign="top"></td></tr>
341	<tr><td class="lineno" valign="top"></td><td class="left"> information indefinitely. HTTP/1.1 does not provide a method for a</td><td> </td><td class="right"> information indefinitely. HTTP/1.1 does not provide a method for a</td><td class="lineno" valign="top"></td></tr>
342	<tr><td class="lineno" valign="top"></td><td class="left"> server to direct clients to discard these cached credentials. This</td><td> </td><td class="right"> server to direct clients to discard these cached credentials. This</td><td class="lineno" valign="top"></td></tr>
343	<tr><td class="lineno" valign="top"></td><td class="left"> is a significant defect that requires further extensions to HTTP.</td><td> </td><td class="right"> is a significant defect that requires further extensions to HTTP.</td><td class="lineno" valign="top"></td></tr>
344	<tr><td class="lineno" valign="top"></td><td class="left"> Circumstances under which credential caching can interfere with the</td><td> </td><td class="right"> Circumstances under which credential caching can interfere with the</td><td class="lineno" valign="top"></td></tr>
345	<tr><td class="lineno" valign="top"></td><td class="left"> application's security model include but are not limited to:</td><td> </td><td class="right"> application's security model include but are not limited to:</td><td class="lineno" valign="top"></td></tr>
346	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
347	<tr><td class="lineno" valign="top"></td><td class="left"> o Clients which have been idle for an extended period following</td><td> </td><td class="right"> o Clients which have been idle for an extended period following</td><td class="lineno" valign="top"></td></tr>
348	<tr><td class="lineno" valign="top"></td><td class="left"> which the server might wish to cause the client to reprompt the</td><td> </td><td class="right"> which the server might wish to cause the client to reprompt the</td><td class="lineno" valign="top"></td></tr>
349	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
350	<tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 8, line 23</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 8, line 34</em></th><td></td></tr>
351	<tr><td class="lineno" valign="top"></td><td class="left"> for the client to retain the credentials.</td><td> </td><td class="right"> for the client to retain the credentials.</td><td class="lineno" valign="top"></td></tr>
352	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
353	<tr><td class="lineno" valign="top"></td><td class="left"> This is currently under separate study. There are a number of work-</td><td> </td><td class="right"> This is currently under separate study. There are a number of work-</td><td class="lineno" valign="top"></td></tr>
354	<tr><td class="lineno" valign="top"></td><td class="left"> arounds to parts of this problem, and we encourage the use of</td><td> </td><td class="right"> arounds to parts of this problem, and we encourage the use of</td><td class="lineno" valign="top"></td></tr>
355	<tr><td class="lineno" valign="top"></td><td class="left"> password protection in screen savers, idle time-outs, and other</td><td> </td><td class="right"> password protection in screen savers, idle time-outs, and other</td><td class="lineno" valign="top"></td></tr>
356	<tr><td class="lineno" valign="top"></td><td class="left"> methods which mitigate the security problems inherent in this</td><td> </td><td class="right"> methods which mitigate the security problems inherent in this</td><td class="lineno" valign="top"></td></tr>
357	<tr><td class="lineno" valign="top"></td><td class="left"> problem. In particular, user agents which cache credentials are</td><td> </td><td class="right"> problem. In particular, user agents which cache credentials are</td><td class="lineno" valign="top"></td></tr>
358	<tr><td class="lineno" valign="top"></td><td class="left"> encouraged to provide a readily accessible mechanism for discarding</td><td> </td><td class="right"> encouraged to provide a readily accessible mechanism for discarding</td><td class="lineno" valign="top"></td></tr>
359	<tr><td class="lineno" valign="top"></td><td class="left"> cached credentials under user control.</td><td> </td><td class="right"> cached credentials under user control.</td><td class="lineno" valign="top"></td></tr>
360	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
361	<tr><td><a name="diff0025" /></td></tr>
362	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">6</span>. Acknowledgments</td><td> </td><td class="rblock"><span class="insert">7</span>. Acknowledgments</td><td class="lineno" valign="top"></td></tr>
363	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
364	<tr><td class="lineno" valign="top"></td><td class="left"> TBD.</td><td> </td><td class="right"> TBD.</td><td class="lineno" valign="top"></td></tr>
365	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
366	<tr><td><a name="diff0026" /></td></tr>
367	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">7</span>. References</td><td> </td><td class="rblock"><span class="insert">8</span>. References</td><td class="lineno" valign="top"></td></tr>
368	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
369	<tr><td><a name="diff0027" /></td></tr>
370	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">7.1.</span> Normative References</td><td> </td><td class="rblock"><span class="insert">8.1.</span> Normative References</td><td class="lineno" valign="top"></td></tr>
371	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
372	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">[Part1] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</span></td><td class="lineno" valign="top"></td></tr>
373	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</span></td><td class="lineno" valign="top"></td></tr>
374	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> and J. Reschke, Ed., "HTTP/1.1, part 1: URIs, Connections,</span></td><td class="lineno" valign="top"></td></tr>
375	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> and Message Parsing", draft-ietf-httpbis-p1-messaging-02</span></td><td class="lineno" valign="top"></td></tr>
376	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> (work in progress), February 2008.</span></td><td class="lineno" valign="top"></td></tr>
377	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
378	<tr><td class="lineno" valign="top"></td><td class="left"> [Part6] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</td><td> </td><td class="right"> [Part6] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</td><td class="lineno" valign="top"></td></tr>
379	<tr><td class="lineno" valign="top"></td><td class="left"> Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</td><td> </td><td class="right"> Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</td><td class="lineno" valign="top"></td></tr>
380	<tr><td class="lineno" valign="top"></td><td class="left"> and J. Reschke, Ed., "HTTP/1.1, part 6: Caching",</td><td> </td><td class="right"> and J. Reschke, Ed., "HTTP/1.1, part 6: Caching",</td><td class="lineno" valign="top"></td></tr>
381	<tr><td><a name="diff0028" /></td></tr>
382	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">draft-ietf-httpbis-p6-cache-01</span> (work in progress),</td><td> </td><td class="rblock"> <span class="insert">draft-ietf-httpbis-p6-cache-02</span> (work in progress),</td><td class="lineno" valign="top"></td></tr>
383	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">January</span> 2008.</td><td> </td><td class="rblock"> <span class="insert">February</span> 2008.</td><td class="lineno" valign="top"></td></tr>
384	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
385	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate</td><td> </td><td class="right"> [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate</td><td class="lineno" valign="top"></td></tr>
386	<tr><td class="lineno" valign="top"></td><td class="left"> Requirement Levels", BCP 14, RFC 2119, March 1997.</td><td> </td><td class="right"> Requirement Levels", BCP 14, RFC 2119, March 1997.</td><td class="lineno" valign="top"></td></tr>
387	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
388	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,</td><td> </td><td class="right"> [RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,</td><td class="lineno" valign="top"></td></tr>
389	<tr><td class="lineno" valign="top"></td><td class="left"> Leach, P., Luotonen, A., and L. Stewart, "HTTP</td><td> </td><td class="right"> Leach, P., Luotonen, A., and L. Stewart, "HTTP</td><td class="lineno" valign="top"></td></tr>
390	<tr><td class="lineno" valign="top"></td><td class="left"> Authentication: Basic and Digest Access Authentication",</td><td> </td><td class="right"> Authentication: Basic and Digest Access Authentication",</td><td class="lineno" valign="top"></td></tr>
391	<tr><td class="lineno" valign="top"></td><td class="left"> RFC 2617, June 1999.</td><td> </td><td class="right"> RFC 2617, June 1999.</td><td class="lineno" valign="top"></td></tr>
392	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
393	<tr><td><a name="diff0029" /></td></tr>
394	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">7</span>.2. Informative References</td><td> </td><td class="rblock"><span class="insert">8</span>.2. Informative References</td><td class="lineno" valign="top"></td></tr>
395	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
396	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,</td><td> </td><td class="right"> [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,</td><td class="lineno" valign="top"></td></tr>
397	<tr><td class="lineno" valign="top"></td><td class="left"> Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext</td><td> </td><td class="right"> Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext</td><td class="lineno" valign="top"></td></tr>
398	<tr><td class="lineno" valign="top"></td><td class="left"> Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.</td><td> </td><td class="right"> Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.</td><td class="lineno" valign="top"></td></tr>
399	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
400	<tr><td class="lineno" valign="top"></td><td class="left">Appendix A. Compatibility with Previous Versions</td><td> </td><td class="right">Appendix A. Compatibility with Previous Versions</td><td class="lineno" valign="top"></td></tr>
401	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
402	<tr><td class="lineno" valign="top"></td><td class="left">A.1. Changes from RFC 2616</td><td> </td><td class="right">A.1. Changes from RFC 2616</td><td class="lineno" valign="top"></td></tr>
403	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
404	<tr><td class="lineno" valign="top"></td><td class="left">Appendix B. Change Log (to be removed by RFC Editor before publication)</td><td> </td><td class="right">Appendix B. Change Log (to be removed by RFC Editor before publication)</td><td class="lineno" valign="top"></td></tr>
405	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
406	<tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 9, line 22</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 9, line 39</em></th><td></td></tr>
407	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
408	<tr><td class="lineno" valign="top"></td><td class="left"> Extracted relevant partitions from [RFC2616].</td><td> </td><td class="right"> Extracted relevant partitions from [RFC2616].</td><td class="lineno" valign="top"></td></tr>
409	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
410	<tr><td class="lineno" valign="top"></td><td class="left">B.2. Since draft-ietf-httpbis-p7-auth-00</td><td> </td><td class="right">B.2. Since draft-ietf-httpbis-p7-auth-00</td><td class="lineno" valign="top"></td></tr>
411	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
412	<tr><td class="lineno" valign="top"></td><td class="left"> Closed issues:</td><td> </td><td class="right"> Closed issues:</td><td class="lineno" valign="top"></td></tr>
413	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
414	<tr><td class="lineno" valign="top"></td><td class="left"> o <http://www3.tools.ietf.org/wg/httpbis/trac/ticket/35>: "Normative</td><td> </td><td class="right"> o <http://www3.tools.ietf.org/wg/httpbis/trac/ticket/35>: "Normative</td><td class="lineno" valign="top"></td></tr>
415	<tr><td class="lineno" valign="top"></td><td class="left"> and Informative references"</td><td> </td><td class="right"> and Informative references"</td><td class="lineno" valign="top"></td></tr>
416	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
417	<tr><td><a name="diff0030" /></td></tr>
418	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">B.3. Since draft-ietf-httpbis-p7-auth-01</span></td><td class="lineno" valign="top"></td></tr>
419	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
420	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Ongoing work on ABNF conversion</span></td><td class="lineno" valign="top"></td></tr>
421	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> (<http://www3.tools.ietf.org/wg/httpbis/trac/ticket/36>):</span></td><td class="lineno" valign="top"></td></tr>
422	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
423	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Explicitly import BNF rules for "challenge" and "credentials" from</span></td><td class="lineno" valign="top"></td></tr>
424	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> RFC2617.</span></td><td class="lineno" valign="top"></td></tr>
425	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
426	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Add explicit references to BNF syntax and rules imported from</span></td><td class="lineno" valign="top"></td></tr>
427	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> other parts of the specification.</span></td><td class="lineno" valign="top"></td></tr>
428	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
429	<tr><td class="lineno" valign="top"></td><td class="left">Index</td><td> </td><td class="right">Index</td><td class="lineno" valign="top"></td></tr>
430	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
431	<tr><td class="lineno" valign="top"></td><td class="left"> 4</td><td> </td><td class="right"> 4</td><td class="lineno" valign="top"></td></tr>
432	<tr><td><a name="diff0031" /></td></tr>
433	<tr><td class="lineno" valign="top"></td><td class="lblock"> 401 Unauthorized (status code) <span class="delete">4</span></td><td> </td><td class="rblock"> 401 Unauthorized (status code) <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
434	<tr><td class="lineno" valign="top"></td><td class="left"> 407 Proxy Authentication Required (status code) 5</td><td> </td><td class="right"> 407 Proxy Authentication Required (status code) 5</td><td class="lineno" valign="top"></td></tr>
435	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
436	<tr><td class="lineno" valign="top"></td><td class="left"> A</td><td> </td><td class="right"> A</td><td class="lineno" valign="top"></td></tr>
437	<tr><td class="lineno" valign="top"></td><td class="left"> Authorization header 5</td><td> </td><td class="right"> Authorization header 5</td><td class="lineno" valign="top"></td></tr>
438	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
439	<tr><td class="lineno" valign="top"></td><td class="left"> G</td><td> </td><td class="right"> G</td><td class="lineno" valign="top"></td></tr>
440	<tr><td class="lineno" valign="top"></td><td class="left"> Grammar</td><td> </td><td class="right"> Grammar</td><td class="lineno" valign="top"></td></tr>
441	<tr><td class="lineno" valign="top"></td><td class="left"> Authorization 5</td><td> </td><td class="right"> Authorization 5</td><td class="lineno" valign="top"></td></tr>
442	<tr><td><a name="diff0032" /></td></tr>
443	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">challenge 4</span></td><td class="lineno" valign="top"></td></tr>
444	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> credentials 4</span></td><td class="lineno" valign="top"></td></tr>
445	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate 6</td><td> </td><td class="right"> Proxy-Authenticate 6</td><td class="lineno" valign="top"></td></tr>
446	<tr><td><a name="diff0033" /></td></tr>
447	<tr><td class="lineno" valign="top"></td><td class="lblock"> Proxy-Authorization <span class="delete">6</span></td><td> </td><td class="rblock"> Proxy-Authorization <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
448	<tr><td class="lineno" valign="top"></td><td class="left"> WWW-Authenticate 7</td><td> </td><td class="right"> WWW-Authenticate 7</td><td class="lineno" valign="top"></td></tr>
449	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
450	<tr><td class="lineno" valign="top"></td><td class="left"> H</td><td> </td><td class="right"> H</td><td class="lineno" valign="top"></td></tr>
451	<tr><td class="lineno" valign="top"></td><td class="left"> Headers</td><td> </td><td class="right"> Headers</td><td class="lineno" valign="top"></td></tr>
452	<tr><td class="lineno" valign="top"></td><td class="left"> Authorization 5</td><td> </td><td class="right"> Authorization 5</td><td class="lineno" valign="top"></td></tr>
453	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate 6</td><td> </td><td class="right"> Proxy-Authenticate 6</td><td class="lineno" valign="top"></td></tr>
454	<tr><td><a name="diff0034" /></td></tr>
455	<tr><td class="lineno" valign="top"></td><td class="lblock"> Proxy-Authorization <span class="delete">6</span></td><td> </td><td class="rblock"> Proxy-Authorization <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
456	<tr><td class="lineno" valign="top"></td><td class="left"> WWW-Authenticate 7</td><td> </td><td class="right"> WWW-Authenticate 7</td><td class="lineno" valign="top"></td></tr>
457	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
458	<tr><td class="lineno" valign="top"></td><td class="left"> P</td><td> </td><td class="right"> P</td><td class="lineno" valign="top"></td></tr>
459	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate header 6</td><td> </td><td class="right"> Proxy-Authenticate header 6</td><td class="lineno" valign="top"></td></tr>
460	<tr><td><a name="diff0035" /></td></tr>
461	<tr><td class="lineno" valign="top"></td><td class="lblock"> Proxy-Authorization header <span class="delete">6</span></td><td> </td><td class="rblock"> Proxy-Authorization header <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
462	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
463	<tr><td class="lineno" valign="top"></td><td class="left"> S</td><td> </td><td class="right"> S</td><td class="lineno" valign="top"></td></tr>
464	<tr><td class="lineno" valign="top"></td><td class="left"> Status Codes</td><td> </td><td class="right"> Status Codes</td><td class="lineno" valign="top"></td></tr>
465	<tr><td><a name="diff0036" /></td></tr>
466	<tr><td class="lineno" valign="top"></td><td class="lblock"> 401 Unauthorized <span class="delete">4</span></td><td> </td><td class="rblock"> 401 Unauthorized <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
467	<tr><td class="lineno" valign="top"></td><td class="left"> 407 Proxy Authentication Required 5</td><td> </td><td class="right"> 407 Proxy Authentication Required 5</td><td class="lineno" valign="top"></td></tr>
468	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
469	<tr><td class="lineno" valign="top"></td><td class="left"> W</td><td> </td><td class="right"> W</td><td class="lineno" valign="top"></td></tr>
470	<tr><td class="lineno" valign="top"></td><td class="left"> WWW-Authenticate header 7</td><td> </td><td class="right"> WWW-Authenticate header 7</td><td class="lineno" valign="top"></td></tr>
471	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
472	<tr><td class="lineno" valign="top"></td><td class="left">Authors' Addresses</td><td> </td><td class="right">Authors' Addresses</td><td class="lineno" valign="top"></td></tr>
473	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
474	<tr><td class="lineno" valign="top"></td><td class="left"> Roy T. Fielding (editor)</td><td> </td><td class="right"> Roy T. Fielding (editor)</td><td class="lineno" valign="top"></td></tr>
475	<tr><td class="lineno" valign="top"></td><td class="left"> Day Software</td><td> </td><td class="right"> Day Software</td><td class="lineno" valign="top"></td></tr>
476	<tr><td class="lineno" valign="top"></td><td class="left"> 23 Corporate Plaza DR, Suite 280</td><td> </td><td class="right"> 23 Corporate Plaza DR, Suite 280</td><td class="lineno" valign="top"></td></tr>
477
478	<tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr>
479	<tr bgcolor="gray"><th colspan="5" align="center"><a name="end"> End of changes. 36 change blocks. </a></th></tr>
480	<tr class="stats"><td></td><th><i>49 lines changed or deleted</i></th><th><i> </i></th><th><i>81 lines changed or added</i></th><td></td></tr>
481	<tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.34. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr>
482	</table>
483	</body>
484	</html>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: draft-ietf-httpbis/diffs/draft-ietf-httpbis-p7-auth-02-from-1.diff.html @ 841

Download in other formats: