Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

draft-ietf-httpbis-p7-auth-06-from-5.diff.html @ 2110

Last change on this file since 2110 was 547, checked in by julian.reschke@…, 12 years ago
Prepare submission of draft -06 on Monday, March 09.
Property svn:eol-style set to `native` Property svn:mime-type set to `text/html; charset=iso-8859-1`
File size: 147.0 KB

Line
1	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2	<!-- Generated by rfcdiff 1.35: rfcdiff -->
3	<!-- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional" > -->
4	<html>
5	<head>
6	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
7	<meta http-equiv="Content-Style-Type" content="text/css" />
8	<title>Diff: draft-ietf-httpbis-p7-auth-05.txt - draft-ietf-httpbis-p7-auth-06.txt</title>
9	<style type="text/css">
10	body { margin: 0.4ex; margin-right: auto; }
11	tr { }
12	td { white-space: pre; font-family: monospace; vertical-align: top; font-size: 0.86em;}
13	th { font-size: 0.86em; }
14	.small { font-size: 0.6em; font-style: italic; font-family: Verdana, Helvetica, sans-serif; }
15	.left { background-color: #EEE; }
16	.right { background-color: #FFF; }
17	.diff { background-color: #CCF; }
18	.lblock { background-color: #BFB; }
19	.rblock { background-color: #FF8; }
20	.insert { background-color: #8FF; }
21	.delete { background-color: #ACF; }
22	.void { background-color: #FFB; }
23	.cont { background-color: #EEE; }
24	.linebr { background-color: #AAA; }
25	.lineno { color: red; background-color: #FFF; font-size: 0.7em; text-align: right; padding: 0 2px; }
26	.elipsis{ background-color: #AAA; }
27	.left .cont { background-color: #DDD; }
28	.right .cont { background-color: #EEE; }
29	.lblock .cont { background-color: #9D9; }
30	.rblock .cont { background-color: #DD6; }
31	.insert .cont { background-color: #0DD; }
32	.delete .cont { background-color: #8AD; }
33	.stats, .stats td, .stats th { background-color: #EEE; padding: 2px 0; }
34	</style>
35	</head>
36	<body >
37	<table border="0" cellpadding="0" cellspacing="0">
38	<tr bgcolor="orange"><th></th><th> draft-ietf-httpbis-p7-auth-05.txt </th><th> </th><th> draft-ietf-httpbis-p7-auth-06.txt </th><th></th></tr>
39	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
40	<tr><td><a name="diff0001" /></td></tr>
41	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Network</span> Working Group R. Fielding, Ed.</td><td> </td><td class="rblock"><span class="insert">HTTPbis</span> Working Group R. Fielding, Ed.</td><td class="lineno" valign="top"></td></tr>
42	<tr><td class="lineno" valign="top"></td><td class="left">Internet-Draft Day Software</td><td> </td><td class="right">Internet-Draft Day Software</td><td class="lineno" valign="top"></td></tr>
43	<tr><td class="lineno" valign="top"></td><td class="left">Obsoletes: 2616 (if approved) J. Gettys</td><td> </td><td class="right">Obsoletes: 2616 (if approved) J. Gettys</td><td class="lineno" valign="top"></td></tr>
44	<tr><td class="lineno" valign="top"></td><td class="left">Updates: 2617 (if approved) One Laptop per Child</td><td> </td><td class="right">Updates: 2617 (if approved) One Laptop per Child</td><td class="lineno" valign="top"></td></tr>
45	<tr><td class="lineno" valign="top"></td><td class="left">Intended status: Standards Track J. Mogul</td><td> </td><td class="right">Intended status: Standards Track J. Mogul</td><td class="lineno" valign="top"></td></tr>
46	<tr><td><a name="diff0002" /></td></tr>
47	<tr><td class="lineno" valign="top"></td><td class="lblock">Expires: <span class="delete">May 20, 2009 </span> HP</td><td> </td><td class="rblock">Expires: <span class="insert">September 10, 2009</span> HP</td><td class="lineno" valign="top"></td></tr>
48	<tr><td class="lineno" valign="top"></td><td class="left"> H. Frystyk</td><td> </td><td class="right"> H. Frystyk</td><td class="lineno" valign="top"></td></tr>
49	<tr><td class="lineno" valign="top"></td><td class="left"> Microsoft</td><td> </td><td class="right"> Microsoft</td><td class="lineno" valign="top"></td></tr>
50	<tr><td class="lineno" valign="top"></td><td class="left"> L. Masinter</td><td> </td><td class="right"> L. Masinter</td><td class="lineno" valign="top"></td></tr>
51	<tr><td class="lineno" valign="top"></td><td class="left"> Adobe Systems</td><td> </td><td class="right"> Adobe Systems</td><td class="lineno" valign="top"></td></tr>
52	<tr><td class="lineno" valign="top"></td><td class="left"> P. Leach</td><td> </td><td class="right"> P. Leach</td><td class="lineno" valign="top"></td></tr>
53	<tr><td class="lineno" valign="top"></td><td class="left"> Microsoft</td><td> </td><td class="right"> Microsoft</td><td class="lineno" valign="top"></td></tr>
54	<tr><td class="lineno" valign="top"></td><td class="left"> T. Berners-Lee</td><td> </td><td class="right"> T. Berners-Lee</td><td class="lineno" valign="top"></td></tr>
55	<tr><td class="lineno" valign="top"></td><td class="left"> W3C/MIT</td><td> </td><td class="right"> W3C/MIT</td><td class="lineno" valign="top"></td></tr>
56	<tr><td class="lineno" valign="top"></td><td class="left"> Y. Lafon, Ed.</td><td> </td><td class="right"> Y. Lafon, Ed.</td><td class="lineno" valign="top"></td></tr>
57	<tr><td class="lineno" valign="top"></td><td class="left"> W3C</td><td> </td><td class="right"> W3C</td><td class="lineno" valign="top"></td></tr>
58	<tr><td class="lineno" valign="top"></td><td class="left"> J. Reschke, Ed.</td><td> </td><td class="right"> J. Reschke, Ed.</td><td class="lineno" valign="top"></td></tr>
59	<tr><td class="lineno" valign="top"></td><td class="left"> greenbytes</td><td> </td><td class="right"> greenbytes</td><td class="lineno" valign="top"></td></tr>
60	<tr><td><a name="diff0003" /></td></tr>
61	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">November 16, 2008</span></td><td> </td><td class="rblock"> <span class="insert"> March 9, 2009</span></td><td class="lineno" valign="top"></td></tr>
62	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
63	<tr><td class="lineno" valign="top"></td><td class="left"> HTTP/1.1, part 7: Authentication</td><td> </td><td class="right"> HTTP/1.1, part 7: Authentication</td><td class="lineno" valign="top"></td></tr>
64	<tr><td><a name="diff0004" /></td></tr>
65	<tr><td class="lineno" valign="top"></td><td class="lblock"> draft-ietf-httpbis-p7-auth-0<span class="delete">5</span></td><td> </td><td class="rblock"> draft-ietf-httpbis-p7-auth-0<span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
66	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
67	<tr><td class="lineno" valign="top"></td><td class="left">Status of this Memo</td><td> </td><td class="right">Status of this Memo</td><td class="lineno" valign="top"></td></tr>
68	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
69	<tr><td><a name="diff0005" /></td></tr>
70	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">By submitting this Internet-Draft, each author represents that any</span></td><td> </td><td class="rblock"> <span class="insert">This Internet-Draft is submitted to IETF in full conformance with the</span></td><td class="lineno" valign="top"></td></tr>
71	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> applicable patent or other IPR claims</span> of <span class="delete">which he</span> or <span class="delete">she is aware</span></td><td> </td><td class="rblock"><span class="insert"> provisions</span> of <span class="insert">BCP 78 and BCP 79. This document may contain material</span></td><td class="lineno" valign="top"></td></tr>
72	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> have been</span> or <span class="delete">will</span> be <span class="delete">disclosed,</span> and <span class="delete">any</span> of <span class="delete">which he or she becomes</span></td><td> </td><td class="rblock"><span class="insert"> from IETF Documents</span> or <span class="insert">IETF Contributions published</span> or <span class="insert">made publicly</span></td><td class="lineno" valign="top"></td></tr>
73	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> aware will</span> be <span class="delete">disclosed, in accordance with Section 6 of BCP 79.</span></td><td> </td><td class="rblock"><span class="insert"> available before November 10, 2008. The person(s) controlling the</span></td><td class="lineno" valign="top"></td></tr>
74	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> copyright in some of this material may not have granted the IETF</span></td><td class="lineno" valign="top"></td></tr>
75	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Trust the right to allow modifications of such material outside the</span></td><td class="lineno" valign="top"></td></tr>
76	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> IETF Standards Process. Without obtaining an adequate license from</span></td><td class="lineno" valign="top"></td></tr>
77	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> the person(s) controlling the copyright in such materials, this</span></td><td class="lineno" valign="top"></td></tr>
78	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> document may not</span> be <span class="insert">modified outside the IETF Standards Process,</span> and</td><td class="lineno" valign="top"></td></tr>
79	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">derivative works</span> of <span class="insert">it may not</span> be <span class="insert">created outside the IETF Standards</span></td><td class="lineno" valign="top"></td></tr>
80	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Process, except to format it for publication as an RFC or to</span></td><td class="lineno" valign="top"></td></tr>
81	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> translate it into languages other than English.</span></td><td class="lineno" valign="top"></td></tr>
82	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
83	<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are working documents of the Internet Engineering</td><td> </td><td class="right"> Internet-Drafts are working documents of the Internet Engineering</td><td class="lineno" valign="top"></td></tr>
84	<tr><td class="lineno" valign="top"></td><td class="left"> Task Force (IETF), its areas, and its working groups. Note that</td><td> </td><td class="right"> Task Force (IETF), its areas, and its working groups. Note that</td><td class="lineno" valign="top"></td></tr>
85	<tr><td class="lineno" valign="top"></td><td class="left"> other groups may also distribute working documents as Internet-</td><td> </td><td class="right"> other groups may also distribute working documents as Internet-</td><td class="lineno" valign="top"></td></tr>
86	<tr><td class="lineno" valign="top"></td><td class="left"> Drafts.</td><td> </td><td class="right"> Drafts.</td><td class="lineno" valign="top"></td></tr>
87	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
88	<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are draft documents valid for a maximum of six months</td><td> </td><td class="right"> Internet-Drafts are draft documents valid for a maximum of six months</td><td class="lineno" valign="top"></td></tr>
89	<tr><td class="lineno" valign="top"></td><td class="left"> and may be updated, replaced, or obsoleted by other documents at any</td><td> </td><td class="right"> and may be updated, replaced, or obsoleted by other documents at any</td><td class="lineno" valign="top"></td></tr>
90	<tr><td class="lineno" valign="top"></td><td class="left"> time. It is inappropriate to use Internet-Drafts as reference</td><td> </td><td class="right"> time. It is inappropriate to use Internet-Drafts as reference</td><td class="lineno" valign="top"></td></tr>
91	<tr><td class="lineno" valign="top"></td><td class="left"> material or to cite them other than as "work in progress."</td><td> </td><td class="right"> material or to cite them other than as "work in progress."</td><td class="lineno" valign="top"></td></tr>
92	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
93	<tr bgcolor="gray" ><td></td><th><a name="part-l2" /><small>skipping to change at</small><em> page 1, line 42</em></th><th> </th><th><a name="part-r2" /><small>skipping to change at</small><em> page 2, line 4</em></th><td></td></tr>
94	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
95	<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are working documents of the Internet Engineering</td><td> </td><td class="right"> Internet-Drafts are working documents of the Internet Engineering</td><td class="lineno" valign="top"></td></tr>
96	<tr><td class="lineno" valign="top"></td><td class="left"> Task Force (IETF), its areas, and its working groups. Note that</td><td> </td><td class="right"> Task Force (IETF), its areas, and its working groups. Note that</td><td class="lineno" valign="top"></td></tr>
97	<tr><td class="lineno" valign="top"></td><td class="left"> other groups may also distribute working documents as Internet-</td><td> </td><td class="right"> other groups may also distribute working documents as Internet-</td><td class="lineno" valign="top"></td></tr>
98	<tr><td class="lineno" valign="top"></td><td class="left"> Drafts.</td><td> </td><td class="right"> Drafts.</td><td class="lineno" valign="top"></td></tr>
99	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
100	<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are draft documents valid for a maximum of six months</td><td> </td><td class="right"> Internet-Drafts are draft documents valid for a maximum of six months</td><td class="lineno" valign="top"></td></tr>
101	<tr><td class="lineno" valign="top"></td><td class="left"> and may be updated, replaced, or obsoleted by other documents at any</td><td> </td><td class="right"> and may be updated, replaced, or obsoleted by other documents at any</td><td class="lineno" valign="top"></td></tr>
102	<tr><td class="lineno" valign="top"></td><td class="left"> time. It is inappropriate to use Internet-Drafts as reference</td><td> </td><td class="right"> time. It is inappropriate to use Internet-Drafts as reference</td><td class="lineno" valign="top"></td></tr>
103	<tr><td class="lineno" valign="top"></td><td class="left"> material or to cite them other than as "work in progress."</td><td> </td><td class="right"> material or to cite them other than as "work in progress."</td><td class="lineno" valign="top"></td></tr>
104	<tr><td><a name="diff0006" /></td></tr>
105	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> </span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
106	<tr><td class="lineno" valign="top"></td><td class="left"> The list of current Internet-Drafts can be accessed at</td><td> </td><td class="right"> The list of current Internet-Drafts can be accessed at</td><td class="lineno" valign="top"></td></tr>
107	<tr><td class="lineno" valign="top"></td><td class="left"> http://www.ietf.org/ietf/1id-abstracts.txt.</td><td> </td><td class="right"> http://www.ietf.org/ietf/1id-abstracts.txt.</td><td class="lineno" valign="top"></td></tr>
108	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
109	<tr><td class="lineno" valign="top"></td><td class="left"> The list of Internet-Draft Shadow Directories can be accessed at</td><td> </td><td class="right"> The list of Internet-Draft Shadow Directories can be accessed at</td><td class="lineno" valign="top"></td></tr>
110	<tr><td class="lineno" valign="top"></td><td class="left"> http://www.ietf.org/shadow.html.</td><td> </td><td class="right"> http://www.ietf.org/shadow.html.</td><td class="lineno" valign="top"></td></tr>
111	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
112	<tr><td><a name="diff0007" /></td></tr>
113	<tr><td class="lineno" valign="top"></td><td class="lblock"> This Internet-Draft will expire on <span class="delete">May 20,</span> 2009.</td><td> </td><td class="rblock"> This Internet-Draft will expire on <span class="insert">September 10,</span> 2009.</td><td class="lineno" valign="top"></td></tr>
114	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
115	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">Copyright Notice</span></td><td class="lineno" valign="top"></td></tr>
116	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
117	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Copyright (c) 2009 IETF Trust and the persons identified as the</span></td><td class="lineno" valign="top"></td></tr>
118	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> document authors. All rights reserved.</span></td><td class="lineno" valign="top"></td></tr>
119	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
120	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> This document is subject to BCP 78 and the IETF Trust's Legal</span></td><td class="lineno" valign="top"></td></tr>
121	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Provisions Relating to IETF Documents in effect on the date of</span></td><td class="lineno" valign="top"></td></tr>
122	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> publication of this document (http://trustee.ietf.org/license-info).</span></td><td class="lineno" valign="top"></td></tr>
123	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Please review these documents carefully, as they describe your rights</span></td><td class="lineno" valign="top"></td></tr>
124	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> and restrictions with respect to this document.</span></td><td class="lineno" valign="top"></td></tr>
125	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
126	<tr><td class="lineno" valign="top"></td><td class="left">Abstract</td><td> </td><td class="right">Abstract</td><td class="lineno" valign="top"></td></tr>
127	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
128	<tr><td class="lineno" valign="top"></td><td class="left"> The Hypertext Transfer Protocol (HTTP) is an application-level</td><td> </td><td class="right"> The Hypertext Transfer Protocol (HTTP) is an application-level</td><td class="lineno" valign="top"></td></tr>
129	<tr><td class="lineno" valign="top"></td><td class="left"> protocol for distributed, collaborative, hypermedia information</td><td> </td><td class="right"> protocol for distributed, collaborative, hypermedia information</td><td class="lineno" valign="top"></td></tr>
130	<tr><td class="lineno" valign="top"></td><td class="left"> systems. HTTP has been in use by the World Wide Web global</td><td> </td><td class="right"> systems. HTTP has been in use by the World Wide Web global</td><td class="lineno" valign="top"></td></tr>
131	<tr><td class="lineno" valign="top"></td><td class="left"> information initiative since 1990. This document is Part 7 of the</td><td> </td><td class="right"> information initiative since 1990. This document is Part 7 of the</td><td class="lineno" valign="top"></td></tr>
132	<tr><td class="lineno" valign="top"></td><td class="left"> seven-part specification that defines the protocol referred to as</td><td> </td><td class="right"> seven-part specification that defines the protocol referred to as</td><td class="lineno" valign="top"></td></tr>
133	<tr><td class="lineno" valign="top"></td><td class="left"> "HTTP/1.1" and, taken together, obsoletes RFC 2616. Part 7 defines</td><td> </td><td class="right"> "HTTP/1.1" and, taken together, obsoletes RFC 2616. Part 7 defines</td><td class="lineno" valign="top"></td></tr>
134	<tr><td class="lineno" valign="top"></td><td class="left"> HTTP Authentication.</td><td> </td><td class="right"> HTTP Authentication.</td><td class="lineno" valign="top"></td></tr>
135	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
136	<tr><td class="lineno" valign="top"></td><td class="left">Editorial Note (To be removed by RFC Editor)</td><td> </td><td class="right">Editorial Note (To be removed by RFC Editor)</td><td class="lineno" valign="top"></td></tr>
137	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
138	<tr><td class="lineno" valign="top"></td><td class="left"> Discussion of this draft should take place on the HTTPBIS working</td><td> </td><td class="right"> Discussion of this draft should take place on the HTTPBIS working</td><td class="lineno" valign="top"></td></tr>
139	<tr><td class="lineno" valign="top"></td><td class="left"> group mailing list (ietf-http-wg@w3.org). The current issues list is</td><td> </td><td class="right"> group mailing list (ietf-http-wg@w3.org). The current issues list is</td><td class="lineno" valign="top"></td></tr>
140	<tr><td class="lineno" valign="top"></td><td class="left"> at <http://tools.ietf.org/wg/httpbis/trac/report/11> and related</td><td> </td><td class="right"> at <http://tools.ietf.org/wg/httpbis/trac/report/11> and related</td><td class="lineno" valign="top"></td></tr>
141	<tr><td class="lineno" valign="top"></td><td class="left"> documents (including fancy diffs) can be found at</td><td> </td><td class="right"> documents (including fancy diffs) can be found at</td><td class="lineno" valign="top"></td></tr>
142	<tr><td class="lineno" valign="top"></td><td class="left"> <http://tools.ietf.org/wg/httpbis/>.</td><td> </td><td class="right"> <http://tools.ietf.org/wg/httpbis/>.</td><td class="lineno" valign="top"></td></tr>
143	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
144	<tr><td><a name="diff0008" /></td></tr>
145	<tr><td class="lineno" valign="top"></td><td class="lblock"> The changes in this draft are summarized in Appendix <span class="delete">B.6</span>.</td><td> </td><td class="rblock"> The changes in this draft are summarized in Appendix <span class="insert">C.7</span>.</td><td class="lineno" valign="top"></td></tr>
146	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
147	<tr><td class="lineno" valign="top"></td><td class="left">Table of Contents</td><td> </td><td class="right">Table of Contents</td><td class="lineno" valign="top"></td></tr>
148	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
149	<tr><td class="lineno" valign="top"></td><td class="left"> 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4</td><td> </td><td class="right"> 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4</td><td class="lineno" valign="top"></td></tr>
150	<tr><td class="lineno" valign="top"></td><td class="left"> 1.1. Requirements . . . . . . . . . . . . . . . . . . . . . . . 4</td><td> </td><td class="right"> 1.1. Requirements . . . . . . . . . . . . . . . . . . . . . . . 4</td><td class="lineno" valign="top"></td></tr>
151	<tr><td><a name="diff0009" /></td></tr>
152	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">2. Notational Conventions and Generic Grammar</span> . . . . . . . . . . 4</td><td> </td><td class="rblock"> <span class="insert">1.2. Syntax Notation . . . . . . . . . . .</span> . . . . . . . . . . 4</td><td class="lineno" valign="top"></td></tr>
153	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">3.</span> Status Code Definitions . . . . . . . . . . . . . . . . . . . 5</td><td> </td><td class="rblock"> <span class="insert">1.2.1. Core Rules . . . . . . . . . . . . . . . . . . . . . . 5</span></td><td class="lineno" valign="top"></td></tr>
154	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">3.1.</span> 401 Unauthorized . . . . . . . . . . . . . . . . . . . . . 5</td><td> </td><td class="rblock"><span class="insert"> 1.2.2. ABNF Rules defined in other Parts of the</span></td><td class="lineno" valign="top"></td></tr>
155	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">3.2.</span> 407 Proxy Authentication Required . . . . . . . . . . . . 5</td><td> </td><td class="rblock"><span class="insert"> Specification . . . . . . . . . . . . . . . . . . . . 5</span></td><td class="lineno" valign="top"></td></tr>
156	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">4.</span> Header Field Definitions . . . . . . . . . . . . . . . . . . . 5</td><td> </td><td class="rblock"><span class="insert"> 2.</span> Status Code Definitions . . . . . . . . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr>
157	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">4.1.</span> Authorization . . . . . . . . . . . . . . . . . . . . . . <span class="delete">5</span></td><td> </td><td class="rblock"> <span class="insert">2.1.</span> 401 Unauthorized . . . . . . . . . . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr>
158	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 4.2.</span> Proxy-Authenticate . . . . . . . . . . . . . . . . . . . . <span class="delete">6</span></td><td> </td><td class="rblock"> <span class="insert">2.2.</span> 407 Proxy Authentication Required . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr>
159	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 4.3.</span> Proxy-Authorization . . . . . . . . . . . . . . . . . . . 7</td><td> </td><td class="rblock"> <span class="insert">3.</span> Header Field Definitions . . . . . . . . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr>
160	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">4.4.</span> WWW-Authenticate . . . . . . . . . . . . . . . . . . . . . 7</td><td> </td><td class="rblock"> <span class="insert">3.1.</span> Authorization . . . . . . . . . . . . . . . . . . . . . . <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
161	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">5.</span> IANA Considerations . . . . . . . . . . . . . . . . . . . . . <span class="delete">7</span></td><td> </td><td class="rblock"><span class="insert"> 3.2.</span> Proxy-Authenticate . . . . . . . . . . . . . . . . . . . . <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
162	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 5.1.</span> Message Header Registration . . . . . . . . . . . . . . . 8</td><td> </td><td class="rblock"><span class="insert"> 3.3.</span> Proxy-Authorization . . . . . . . . . . . . . . . . . . . 7</td><td class="lineno" valign="top"></td></tr>
163	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">6.</span> Security Considerations . . . . . . . . . . . . . . . . . . . 8</td><td> </td><td class="rblock"> <span class="insert">3.4.</span> WWW-Authenticate . . . . . . . . . . . . . . . . . . . . . 7</td><td class="lineno" valign="top"></td></tr>
164	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">6.1.</span> Authentication Credentials and Idle Clients . . . . . . . 8</td><td> </td><td class="rblock"> <span class="insert">4.</span> IANA Considerations . . . . . . . . . . . . . . . . . . . . . <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
165	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">7.</span> Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9</td><td> </td><td class="rblock"><span class="insert"> 4.1.</span> Message Header Registration . . . . . . . . . . . . . . . 8</td><td class="lineno" valign="top"></td></tr>
166	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">8.</span> References . . . . . . . . . . . . . . . . . . . . . . . . . . 9</td><td> </td><td class="rblock"> <span class="insert">5.</span> Security Considerations . . . . . . . . . . . . . . . . . . . 8</td><td class="lineno" valign="top"></td></tr>
167	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">8.1.</span> Normative References . . . . . . . . . . . . . . . . . . . 9</td><td> </td><td class="rblock"> <span class="insert">5.1.</span> Authentication Credentials and Idle Clients . . . . . . . 8</td><td class="lineno" valign="top"></td></tr>
168	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">8.2.</span> Informative References . . . . . . . . . . . . . . . . . . <span class="delete">9</span></td><td> </td><td class="rblock"> <span class="insert">6.</span> Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9</td><td class="lineno" valign="top"></td></tr>
169	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">7.</span> References . . . . . . . . . . . . . . . . . . . . . . . . . . 9</td><td class="lineno" valign="top"></td></tr>
170	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">7.1.</span> Normative References . . . . . . . . . . . . . . . . . . . 9</td><td class="lineno" valign="top"></td></tr>
171	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">7.2.</span> Informative References . . . . . . . . . . . . . . . . . . <span class="insert">10</span></td><td class="lineno" valign="top"></td></tr>
172	<tr><td class="lineno" valign="top"></td><td class="left"> Appendix A. Compatibility with Previous Versions . . . . . . . . 10</td><td> </td><td class="right"> Appendix A. Compatibility with Previous Versions . . . . . . . . 10</td><td class="lineno" valign="top"></td></tr>
173	<tr><td class="lineno" valign="top"></td><td class="left"> A.1. Changes from RFC 2616 . . . . . . . . . . . . . . . . . . 10</td><td> </td><td class="right"> A.1. Changes from RFC 2616 . . . . . . . . . . . . . . . . . . 10</td><td class="lineno" valign="top"></td></tr>
174	<tr><td><a name="diff0010" /></td></tr>
175	<tr><td class="lineno" valign="top"></td><td class="lblock"> Appendix B. Change Log (to be removed by RFC Editor before</td><td> </td><td class="rblock"> Appendix B. <span class="insert">Collected ABNF . . . . . . . . . . . . . . . . . . . 10</span></td><td class="lineno" valign="top"></td></tr>
176	<tr><td class="lineno" valign="top"></td><td class="lblock"> publication) . . . . . . . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert"> Appendix C.</span> Change Log (to be removed by RFC Editor before</td><td class="lineno" valign="top"></td></tr>
177	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> B.1.</span> Since RFC2616 . . . . . . . . . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"> publication) . . . . . . . . . . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
178	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> B.2.</span> Since draft-ietf-httpbis-p7-auth-00 . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert"> C.1.</span> Since RFC2616 . . . . . . . . . . . . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
179	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> B.3.</span> Since draft-ietf-httpbis-p7-auth-01 . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert"> C.2.</span> Since draft-ietf-httpbis-p7-auth-00 . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
180	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> B.4.</span> Since draft-ietf-httpbis-p7-auth-02 . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert"> C.3.</span> Since draft-ietf-httpbis-p7-auth-01 . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
181	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> B.5.</span> Since draft-ietf-httpbis-p7-auth-03 . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert"> C.4.</span> Since draft-ietf-httpbis-p7-auth-02 . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
182	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> B.6.</span> Since draft-ietf-httpbis-p7-auth-04 . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert"> C.5.</span> Since draft-ietf-httpbis-p7-auth-03 . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
183	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Index</span> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">11</span></td><td> </td><td class="rblock"><span class="insert"> C.6.</span> Since draft-ietf-httpbis-p7-auth-04 . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
184	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Authors' Addresses</span> . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">11</span></td><td> </td><td class="rblock"><span class="insert"> C.7. Since draft-ietf-httpbis-p7-auth-05</span> . . . . . . . . . . . <span class="insert">12</span></td><td class="lineno" valign="top"></td></tr>
185	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Intellectual Property and Copyright Statements</span> . . . . . . . . . . <span class="delete">15</span></td><td> </td><td class="rblock"><span class="insert"> Index</span> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">12</span></td><td class="lineno" valign="top"></td></tr>
186	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Authors' Addresses .</span> . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr>
187	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
188	<tr><td class="lineno" valign="top"></td><td class="left">1. Introduction</td><td> </td><td class="right">1. Introduction</td><td class="lineno" valign="top"></td></tr>
189	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
190	<tr><td class="lineno" valign="top"></td><td class="left"> This document defines HTTP/1.1 access control and authentication.</td><td> </td><td class="right"> This document defines HTTP/1.1 access control and authentication.</td><td class="lineno" valign="top"></td></tr>
191	<tr><td class="lineno" valign="top"></td><td class="left"> Right now it includes the extracted relevant sections of RFC 2616</td><td> </td><td class="right"> Right now it includes the extracted relevant sections of RFC 2616</td><td class="lineno" valign="top"></td></tr>
192	<tr><td class="lineno" valign="top"></td><td class="left"> with only minor changes. The intention is to move the general</td><td> </td><td class="right"> with only minor changes. The intention is to move the general</td><td class="lineno" valign="top"></td></tr>
193	<tr><td class="lineno" valign="top"></td><td class="left"> framework for HTTP authentication here, as currently specified in</td><td> </td><td class="right"> framework for HTTP authentication here, as currently specified in</td><td class="lineno" valign="top"></td></tr>
194	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2617], and allow the individual authentication mechanisms to be</td><td> </td><td class="right"> [RFC2617], and allow the individual authentication mechanisms to be</td><td class="lineno" valign="top"></td></tr>
195	<tr><td class="lineno" valign="top"></td><td class="left"> defined elsewhere. This introduction will be rewritten when that</td><td> </td><td class="right"> defined elsewhere. This introduction will be rewritten when that</td><td class="lineno" valign="top"></td></tr>
196	<tr><td class="lineno" valign="top"></td><td class="left"> occurs.</td><td> </td><td class="right"> occurs.</td><td class="lineno" valign="top"></td></tr>
197	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
198	<tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 4, line 39</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 4, line 39</em></th><td></td></tr>
199	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
200	<tr><td class="lineno" valign="top"></td><td class="left"> An implementation is not compliant if it fails to satisfy one or more</td><td> </td><td class="right"> An implementation is not compliant if it fails to satisfy one or more</td><td class="lineno" valign="top"></td></tr>
201	<tr><td class="lineno" valign="top"></td><td class="left"> of the MUST or REQUIRED level requirements for the protocols it</td><td> </td><td class="right"> of the MUST or REQUIRED level requirements for the protocols it</td><td class="lineno" valign="top"></td></tr>
202	<tr><td class="lineno" valign="top"></td><td class="left"> implements. An implementation that satisfies all the MUST or</td><td> </td><td class="right"> implements. An implementation that satisfies all the MUST or</td><td class="lineno" valign="top"></td></tr>
203	<tr><td class="lineno" valign="top"></td><td class="left"> REQUIRED level and all the SHOULD level requirements for its</td><td> </td><td class="right"> REQUIRED level and all the SHOULD level requirements for its</td><td class="lineno" valign="top"></td></tr>
204	<tr><td class="lineno" valign="top"></td><td class="left"> protocols is said to be "unconditionally compliant"; one that</td><td> </td><td class="right"> protocols is said to be "unconditionally compliant"; one that</td><td class="lineno" valign="top"></td></tr>
205	<tr><td class="lineno" valign="top"></td><td class="left"> satisfies all the MUST level requirements but not all the SHOULD</td><td> </td><td class="right"> satisfies all the MUST level requirements but not all the SHOULD</td><td class="lineno" valign="top"></td></tr>
206	<tr><td class="lineno" valign="top"></td><td class="left"> level requirements for its protocols is said to be "conditionally</td><td> </td><td class="right"> level requirements for its protocols is said to be "conditionally</td><td class="lineno" valign="top"></td></tr>
207	<tr><td class="lineno" valign="top"></td><td class="left"> compliant."</td><td> </td><td class="right"> compliant."</td><td class="lineno" valign="top"></td></tr>
208	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
209	<tr><td><a name="diff0011" /></td></tr>
210	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">2. Notational Conventions and Generic Grammar</span></td><td> </td><td class="rblock"><span class="insert">1.2. Syntax Notation</span></td><td class="lineno" valign="top"></td></tr>
211	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
212	<tr><td><a name="diff0012" /></td></tr>
213	<tr><td class="lineno" valign="top"></td><td class="lblock"> This specification uses the ABNF syntax defined in Section <span class="delete">2.1</span> of</td><td> </td><td class="rblock"> This specification uses the ABNF syntax defined in Section <span class="insert">1.2</span> of</td><td class="lineno" valign="top"></td></tr>
214	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">[Part1].</span></td><td> </td><td class="rblock"> <span class="insert">[Part1] (which extends the syntax defined in [RFC5234] with a list</span></td><td class="lineno" valign="top"></td></tr>
215	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> rule). Appendix B shows the collected ABNF, with the list rule</span></td><td class="lineno" valign="top"></td></tr>
216	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> expanded.</span></td><td class="lineno" valign="top"></td></tr>
217	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
218	<tr><td><a name="diff0013" /></td></tr>
219	<tr><td class="lineno" valign="top"></td><td class="lblock"> The <span class="delete">ABNF</span> rules <span class="delete">below</span> are defined in <span class="delete">other specifications:</span></td><td> </td><td class="rblock"> The <span class="insert">following core</span> rules are <span class="insert">included by reference, as</span> defined in</td><td class="lineno" valign="top"></td></tr>
220	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">[RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF</span></td><td class="lineno" valign="top"></td></tr>
221	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote),</span></td><td class="lineno" valign="top"></td></tr>
222	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> HEXDIG (hexadecimal 0-9/A-F/a-f), LF (line feed), OCTET (any 8-bit</span></td><td class="lineno" valign="top"></td></tr>
223	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> sequence of data), SP (space), VCHAR (any visible USASCII character),</span></td><td class="lineno" valign="top"></td></tr>
224	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> and WSP (whitespace).</span></td><td class="lineno" valign="top"></td></tr>
225	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
226	<tr><td><a name="diff0014" /></td></tr>
227	<tr><td class="lineno" valign="top"></td><td class="lblock"> OWS = <OWS, defined in [Part1], Section <span class="delete">2.2></span></td><td> </td><td class="rblock"><span class="insert">1.2.1. Core Rules</span></td><td class="lineno" valign="top"></td></tr>
228	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
229	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> The core rules below are defined in Section 1.2.2 of [Part1]:</span></td><td class="lineno" valign="top"></td></tr>
230	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
231	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> OWS = <OWS, defined in [Part1], Section <span class="insert">1.2.2></span></td><td class="lineno" valign="top"></td></tr>
232	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
233	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">1.2.2. ABNF Rules defined in other Parts of the Specification</span></td><td class="lineno" valign="top"></td></tr>
234	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
235	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> The ABNF rules below are defined in other specifications:</span></td><td class="lineno" valign="top"></td></tr>
236	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
237	<tr><td class="lineno" valign="top"></td><td class="left"> challenge = <challenge, defined in [RFC2617], Section 1.2></td><td> </td><td class="right"> challenge = <challenge, defined in [RFC2617], Section 1.2></td><td class="lineno" valign="top"></td></tr>
238	<tr><td class="lineno" valign="top"></td><td class="left"> credentials = <credentials, defined in [RFC2617], Section 1.2></td><td> </td><td class="right"> credentials = <credentials, defined in [RFC2617], Section 1.2></td><td class="lineno" valign="top"></td></tr>
239	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
240	<tr><td><a name="diff0015" /></td></tr>
241	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>. Status Code Definitions</td><td> </td><td class="rblock"><span class="insert">2</span>. Status Code Definitions</td><td class="lineno" valign="top"></td></tr>
242	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
243	<tr><td><a name="diff0016" /></td></tr>
244	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>.1. 401 Unauthorized</td><td> </td><td class="rblock"><span class="insert">2</span>.1. 401 Unauthorized</td><td class="lineno" valign="top"></td></tr>
245	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
246	<tr><td class="lineno" valign="top"></td><td class="left"> The request requires user authentication. The response MUST include</td><td> </td><td class="right"> The request requires user authentication. The response MUST include</td><td class="lineno" valign="top"></td></tr>
247	<tr><td><a name="diff0017" /></td></tr>
248	<tr><td class="lineno" valign="top"></td><td class="lblock"> a WWW-Authenticate header field (Section <span class="delete">4</span>.4) containing a challenge</td><td> </td><td class="rblock"> a WWW-Authenticate header field (Section <span class="insert">3</span>.4) containing a challenge</td><td class="lineno" valign="top"></td></tr>
249	<tr><td class="lineno" valign="top"></td><td class="left"> applicable to the requested resource. The client MAY repeat the</td><td> </td><td class="right"> applicable to the requested resource. The client MAY repeat the</td><td class="lineno" valign="top"></td></tr>
250	<tr><td><a name="diff0018" /></td></tr>
251	<tr><td class="lineno" valign="top"></td><td class="lblock"> request with a suitable Authorization header field (Section <span class="delete">4</span>.1). If</td><td> </td><td class="rblock"> request with a suitable Authorization header field (Section <span class="insert">3</span>.1). If</td><td class="lineno" valign="top"></td></tr>
252	<tr><td class="lineno" valign="top"></td><td class="left"> the request already included Authorization credentials, then the 401</td><td> </td><td class="right"> the request already included Authorization credentials, then the 401</td><td class="lineno" valign="top"></td></tr>
253	<tr><td class="lineno" valign="top"></td><td class="left"> response indicates that authorization has been refused for those</td><td> </td><td class="right"> response indicates that authorization has been refused for those</td><td class="lineno" valign="top"></td></tr>
254	<tr><td class="lineno" valign="top"></td><td class="left"> credentials. If the 401 response contains the same challenge as the</td><td> </td><td class="right"> credentials. If the 401 response contains the same challenge as the</td><td class="lineno" valign="top"></td></tr>
255	<tr><td class="lineno" valign="top"></td><td class="left"> prior response, and the user agent has already attempted</td><td> </td><td class="right"> prior response, and the user agent has already attempted</td><td class="lineno" valign="top"></td></tr>
256	<tr><td class="lineno" valign="top"></td><td class="left"> authentication at least once, then the user SHOULD be presented the</td><td> </td><td class="right"> authentication at least once, then the user SHOULD be presented the</td><td class="lineno" valign="top"></td></tr>
257	<tr><td class="lineno" valign="top"></td><td class="left"> entity that was given in the response, since that entity might</td><td> </td><td class="right"> entity that was given in the response, since that entity might</td><td class="lineno" valign="top"></td></tr>
258	<tr><td class="lineno" valign="top"></td><td class="left"> include relevant diagnostic information. HTTP access authentication</td><td> </td><td class="right"> include relevant diagnostic information. HTTP access authentication</td><td class="lineno" valign="top"></td></tr>
259	<tr><td class="lineno" valign="top"></td><td class="left"> is explained in "HTTP Authentication: Basic and Digest Access</td><td> </td><td class="right"> is explained in "HTTP Authentication: Basic and Digest Access</td><td class="lineno" valign="top"></td></tr>
260	<tr><td class="lineno" valign="top"></td><td class="left"> Authentication" [RFC2617].</td><td> </td><td class="right"> Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
261	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
262	<tr><td><a name="diff0019" /></td></tr>
263	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>.2. 407 Proxy Authentication Required</td><td> </td><td class="rblock"><span class="insert">2</span>.2. 407 Proxy Authentication Required</td><td class="lineno" valign="top"></td></tr>
264	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
265	<tr><td class="lineno" valign="top"></td><td class="left"> This code is similar to 401 (Unauthorized), but indicates that the</td><td> </td><td class="right"> This code is similar to 401 (Unauthorized), but indicates that the</td><td class="lineno" valign="top"></td></tr>
266	<tr><td class="lineno" valign="top"></td><td class="left"> client must first authenticate itself with the proxy. The proxy MUST</td><td> </td><td class="right"> client must first authenticate itself with the proxy. The proxy MUST</td><td class="lineno" valign="top"></td></tr>
267	<tr><td><a name="diff0020" /></td></tr>
268	<tr><td class="lineno" valign="top"></td><td class="lblock"> return a Proxy-Authenticate header field (Section <span class="delete">4</span>.2) containing a</td><td> </td><td class="rblock"> return a Proxy-Authenticate header field (Section <span class="insert">3</span>.2) containing a</td><td class="lineno" valign="top"></td></tr>
269	<tr><td class="lineno" valign="top"></td><td class="left"> challenge applicable to the proxy for the requested resource. The</td><td> </td><td class="right"> challenge applicable to the proxy for the requested resource. The</td><td class="lineno" valign="top"></td></tr>
270	<tr><td class="lineno" valign="top"></td><td class="left"> client MAY repeat the request with a suitable Proxy-Authorization</td><td> </td><td class="right"> client MAY repeat the request with a suitable Proxy-Authorization</td><td class="lineno" valign="top"></td></tr>
271	<tr><td><a name="diff0021" /></td></tr>
272	<tr><td class="lineno" valign="top"></td><td class="lblock"> header field (Section <span class="delete">4</span>.3). HTTP access authentication is explained</td><td> </td><td class="rblock"> header field (Section <span class="insert">3</span>.3). HTTP access authentication is explained</td><td class="lineno" valign="top"></td></tr>
273	<tr><td class="lineno" valign="top"></td><td class="left"> in "HTTP Authentication: Basic and Digest Access Authentication"</td><td> </td><td class="right"> in "HTTP Authentication: Basic and Digest Access Authentication"</td><td class="lineno" valign="top"></td></tr>
274	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2617].</td><td> </td><td class="right"> [RFC2617].</td><td class="lineno" valign="top"></td></tr>
275	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
276	<tr><td><a name="diff0022" /></td></tr>
277	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>. Header Field Definitions</td><td> </td><td class="rblock"><span class="insert">3</span>. Header Field Definitions</td><td class="lineno" valign="top"></td></tr>
278	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
279	<tr><td class="lineno" valign="top"></td><td class="left"> This section defines the syntax and semantics of HTTP/1.1 header</td><td> </td><td class="right"> This section defines the syntax and semantics of HTTP/1.1 header</td><td class="lineno" valign="top"></td></tr>
280	<tr><td class="lineno" valign="top"></td><td class="left"> fields related to authentication.</td><td> </td><td class="right"> fields related to authentication.</td><td class="lineno" valign="top"></td></tr>
281	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
282	<tr><td><a name="diff0023" /></td></tr>
283	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>.1. Authorization</td><td> </td><td class="rblock"><span class="insert">3</span>.1. Authorization</td><td class="lineno" valign="top"></td></tr>
284	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
285	<tr><td class="lineno" valign="top"></td><td class="left"> A user agent that wishes to authenticate itself with a server--</td><td> </td><td class="right"> A user agent that wishes to authenticate itself with a server--</td><td class="lineno" valign="top"></td></tr>
286	<tr><td class="lineno" valign="top"></td><td class="left"> usually, but not necessarily, after receiving a 401 response--does so</td><td> </td><td class="right"> usually, but not necessarily, after receiving a 401 response--does so</td><td class="lineno" valign="top"></td></tr>
287	<tr><td class="lineno" valign="top"></td><td class="left"> by including an Authorization request-header field with the request.</td><td> </td><td class="right"> by including an Authorization request-header field with the request.</td><td class="lineno" valign="top"></td></tr>
288	<tr><td class="lineno" valign="top"></td><td class="left"> The field "Authorization" consists of credentials containing the</td><td> </td><td class="right"> The field "Authorization" consists of credentials containing the</td><td class="lineno" valign="top"></td></tr>
289	<tr><td class="lineno" valign="top"></td><td class="left"> authentication information of the user agent for the realm of the</td><td> </td><td class="right"> authentication information of the user agent for the realm of the</td><td class="lineno" valign="top"></td></tr>
290	<tr><td class="lineno" valign="top"></td><td class="left"> resource being requested.</td><td> </td><td class="right"> resource being requested.</td><td class="lineno" valign="top"></td></tr>
291	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
292	<tr><td class="lineno" valign="top"></td><td class="left"> Authorization = "Authorization" ":" OWS Authorization-v</td><td> </td><td class="right"> Authorization = "Authorization" ":" OWS Authorization-v</td><td class="lineno" valign="top"></td></tr>
293	<tr><td class="lineno" valign="top"></td><td class="left"> Authorization-v = credentials</td><td> </td><td class="right"> Authorization-v = credentials</td><td class="lineno" valign="top"></td></tr>
294	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
295	<tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 6, line 4</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 6, line 18</em></th><td></td></tr>
296	<tr><td class="lineno" valign="top"></td><td class="left"> usually, but not necessarily, after receiving a 401 response--does so</td><td> </td><td class="right"> usually, but not necessarily, after receiving a 401 response--does so</td><td class="lineno" valign="top"></td></tr>
297	<tr><td class="lineno" valign="top"></td><td class="left"> by including an Authorization request-header field with the request.</td><td> </td><td class="right"> by including an Authorization request-header field with the request.</td><td class="lineno" valign="top"></td></tr>
298	<tr><td class="lineno" valign="top"></td><td class="left"> The field "Authorization" consists of credentials containing the</td><td> </td><td class="right"> The field "Authorization" consists of credentials containing the</td><td class="lineno" valign="top"></td></tr>
299	<tr><td class="lineno" valign="top"></td><td class="left"> authentication information of the user agent for the realm of the</td><td> </td><td class="right"> authentication information of the user agent for the realm of the</td><td class="lineno" valign="top"></td></tr>
300	<tr><td class="lineno" valign="top"></td><td class="left"> resource being requested.</td><td> </td><td class="right"> resource being requested.</td><td class="lineno" valign="top"></td></tr>
301	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
302	<tr><td class="lineno" valign="top"></td><td class="left"> Authorization = "Authorization" ":" OWS Authorization-v</td><td> </td><td class="right"> Authorization = "Authorization" ":" OWS Authorization-v</td><td class="lineno" valign="top"></td></tr>
303	<tr><td class="lineno" valign="top"></td><td class="left"> Authorization-v = credentials</td><td> </td><td class="right"> Authorization-v = credentials</td><td class="lineno" valign="top"></td></tr>
304	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
305	<tr><td class="lineno" valign="top"></td><td class="left"> HTTP access authentication is described in "HTTP Authentication:</td><td> </td><td class="right"> HTTP access authentication is described in "HTTP Authentication:</td><td class="lineno" valign="top"></td></tr>
306	<tr><td><a name="diff0024" /></td></tr>
307	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> </span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
308	<tr><td class="lineno" valign="top"></td><td class="left"> Basic and Digest Access Authentication" [RFC2617]. If a request is</td><td> </td><td class="right"> Basic and Digest Access Authentication" [RFC2617]. If a request is</td><td class="lineno" valign="top"></td></tr>
309	<tr><td class="lineno" valign="top"></td><td class="left"> authenticated and a realm specified, the same credentials SHOULD be</td><td> </td><td class="right"> authenticated and a realm specified, the same credentials SHOULD be</td><td class="lineno" valign="top"></td></tr>
310	<tr><td class="lineno" valign="top"></td><td class="left"> valid for all other requests within this realm (assuming that the</td><td> </td><td class="right"> valid for all other requests within this realm (assuming that the</td><td class="lineno" valign="top"></td></tr>
311	<tr><td class="lineno" valign="top"></td><td class="left"> authentication scheme itself does not require otherwise, such as</td><td> </td><td class="right"> authentication scheme itself does not require otherwise, such as</td><td class="lineno" valign="top"></td></tr>
312	<tr><td class="lineno" valign="top"></td><td class="left"> credentials that vary according to a challenge value or using</td><td> </td><td class="right"> credentials that vary according to a challenge value or using</td><td class="lineno" valign="top"></td></tr>
313	<tr><td class="lineno" valign="top"></td><td class="left"> synchronized clocks).</td><td> </td><td class="right"> synchronized clocks).</td><td class="lineno" valign="top"></td></tr>
314	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
315	<tr><td><a name="diff0025" /></td></tr>
316	<tr><td class="lineno" valign="top"></td><td class="lblock"> When a shared cache (see Section <span class="delete">9</span> of [Part6]) receives a request</td><td> </td><td class="rblock"> When a shared cache (see Section <span class="insert">1.2</span> of [Part6]) receives a request</td><td class="lineno" valign="top"></td></tr>
317	<tr><td class="lineno" valign="top"></td><td class="left"> containing an Authorization field, it MUST NOT return the</td><td> </td><td class="right"> containing an Authorization field, it MUST NOT return the</td><td class="lineno" valign="top"></td></tr>
318	<tr><td class="lineno" valign="top"></td><td class="left"> corresponding response as a reply to any other request, unless one of</td><td> </td><td class="right"> corresponding response as a reply to any other request, unless one of</td><td class="lineno" valign="top"></td></tr>
319	<tr><td class="lineno" valign="top"></td><td class="left"> the following specific exceptions holds:</td><td> </td><td class="right"> the following specific exceptions holds:</td><td class="lineno" valign="top"></td></tr>
320	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
321	<tr><td class="lineno" valign="top"></td><td class="left"> 1. If the response includes the "s-maxage" cache-control directive,</td><td> </td><td class="right"> 1. If the response includes the "s-maxage" cache-control directive,</td><td class="lineno" valign="top"></td></tr>
322	<tr><td class="lineno" valign="top"></td><td class="left"> the cache MAY use that response in replying to a subsequent</td><td> </td><td class="right"> the cache MAY use that response in replying to a subsequent</td><td class="lineno" valign="top"></td></tr>
323	<tr><td class="lineno" valign="top"></td><td class="left"> request. But (if the specified maximum age has passed) a proxy</td><td> </td><td class="right"> request. But (if the specified maximum age has passed) a proxy</td><td class="lineno" valign="top"></td></tr>
324	<tr><td class="lineno" valign="top"></td><td class="left"> cache MUST first revalidate it with the origin server, using the</td><td> </td><td class="right"> cache MUST first revalidate it with the origin server, using the</td><td class="lineno" valign="top"></td></tr>
325	<tr><td class="lineno" valign="top"></td><td class="left"> request-headers from the new request to allow the origin server</td><td> </td><td class="right"> request-headers from the new request to allow the origin server</td><td class="lineno" valign="top"></td></tr>
326	<tr><td class="lineno" valign="top"></td><td class="left"> to authenticate the new request. (This is the defined behavior</td><td> </td><td class="right"> to authenticate the new request. (This is the defined behavior</td><td class="lineno" valign="top"></td></tr>
327	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
328	<tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 6, line 36</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 7, line 5</em></th><td></td></tr>
329	<tr><td class="lineno" valign="top"></td><td class="left"> 2. If the response includes the "must-revalidate" cache-control</td><td> </td><td class="right"> 2. If the response includes the "must-revalidate" cache-control</td><td class="lineno" valign="top"></td></tr>
330	<tr><td class="lineno" valign="top"></td><td class="left"> directive, the cache MAY use that response in replying to a</td><td> </td><td class="right"> directive, the cache MAY use that response in replying to a</td><td class="lineno" valign="top"></td></tr>
331	<tr><td class="lineno" valign="top"></td><td class="left"> subsequent request. But if the response is stale, all caches</td><td> </td><td class="right"> subsequent request. But if the response is stale, all caches</td><td class="lineno" valign="top"></td></tr>
332	<tr><td class="lineno" valign="top"></td><td class="left"> MUST first revalidate it with the origin server, using the</td><td> </td><td class="right"> MUST first revalidate it with the origin server, using the</td><td class="lineno" valign="top"></td></tr>
333	<tr><td class="lineno" valign="top"></td><td class="left"> request-headers from the new request to allow the origin server</td><td> </td><td class="right"> request-headers from the new request to allow the origin server</td><td class="lineno" valign="top"></td></tr>
334	<tr><td class="lineno" valign="top"></td><td class="left"> to authenticate the new request.</td><td> </td><td class="right"> to authenticate the new request.</td><td class="lineno" valign="top"></td></tr>
335	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
336	<tr><td class="lineno" valign="top"></td><td class="left"> 3. If the response includes the "public" cache-control directive, it</td><td> </td><td class="right"> 3. If the response includes the "public" cache-control directive, it</td><td class="lineno" valign="top"></td></tr>
337	<tr><td class="lineno" valign="top"></td><td class="left"> MAY be returned in reply to any subsequent request.</td><td> </td><td class="right"> MAY be returned in reply to any subsequent request.</td><td class="lineno" valign="top"></td></tr>
338	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
339	<tr><td><a name="diff0026" /></td></tr>
340	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>.2. Proxy-Authenticate</td><td> </td><td class="rblock"><span class="insert">3</span>.2. Proxy-Authenticate</td><td class="lineno" valign="top"></td></tr>
341	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
342	<tr><td class="lineno" valign="top"></td><td class="left"> The response-header field "Proxy-Authenticate" MUST be included as</td><td> </td><td class="right"> The response-header field "Proxy-Authenticate" MUST be included as</td><td class="lineno" valign="top"></td></tr>
343	<tr><td class="lineno" valign="top"></td><td class="left"> part of a 407 (Proxy Authentication Required) response. The field</td><td> </td><td class="right"> part of a 407 (Proxy Authentication Required) response. The field</td><td class="lineno" valign="top"></td></tr>
344	<tr><td class="lineno" valign="top"></td><td class="left"> value consists of a challenge that indicates the authentication</td><td> </td><td class="right"> value consists of a challenge that indicates the authentication</td><td class="lineno" valign="top"></td></tr>
345	<tr><td><a name="diff0027" /></td></tr>
346	<tr><td class="lineno" valign="top"></td><td class="lblock"> scheme and parameters applicable to the proxy for this <span class="delete">Request-URI.</span></td><td> </td><td class="rblock"> scheme and parameters applicable to the proxy for this <span class="insert">request-</span></td><td class="lineno" valign="top"></td></tr>
347	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> target.</span></td><td class="lineno" valign="top"></td></tr>
348	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
349	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate = "Proxy-Authenticate" ":" OWS</td><td> </td><td class="right"> Proxy-Authenticate = "Proxy-Authenticate" ":" OWS</td><td class="lineno" valign="top"></td></tr>
350	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate-v</td><td> </td><td class="right"> Proxy-Authenticate-v</td><td class="lineno" valign="top"></td></tr>
351	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate-v = 1#challenge</td><td> </td><td class="right"> Proxy-Authenticate-v = 1#challenge</td><td class="lineno" valign="top"></td></tr>
352	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
353	<tr><td class="lineno" valign="top"></td><td class="left"> The HTTP access authentication process is described in "HTTP</td><td> </td><td class="right"> The HTTP access authentication process is described in "HTTP</td><td class="lineno" valign="top"></td></tr>
354	<tr><td class="lineno" valign="top"></td><td class="left"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td> </td><td class="right"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
355	<tr><td class="lineno" valign="top"></td><td class="left"> Unlike WWW-Authenticate, the Proxy-Authenticate header field applies</td><td> </td><td class="right"> Unlike WWW-Authenticate, the Proxy-Authenticate header field applies</td><td class="lineno" valign="top"></td></tr>
356	<tr><td class="lineno" valign="top"></td><td class="left"> only to the current connection and SHOULD NOT be passed on to</td><td> </td><td class="right"> only to the current connection and SHOULD NOT be passed on to</td><td class="lineno" valign="top"></td></tr>
357	<tr><td class="lineno" valign="top"></td><td class="left"> downstream clients. However, an intermediate proxy might need to</td><td> </td><td class="right"> downstream clients. However, an intermediate proxy might need to</td><td class="lineno" valign="top"></td></tr>
358	<tr><td class="lineno" valign="top"></td><td class="left"> obtain its own credentials by requesting them from the downstream</td><td> </td><td class="right"> obtain its own credentials by requesting them from the downstream</td><td class="lineno" valign="top"></td></tr>
359	<tr><td class="lineno" valign="top"></td><td class="left"> client, which in some circumstances will appear as if the proxy is</td><td> </td><td class="right"> client, which in some circumstances will appear as if the proxy is</td><td class="lineno" valign="top"></td></tr>
360	<tr><td class="lineno" valign="top"></td><td class="left"> forwarding the Proxy-Authenticate header field.</td><td> </td><td class="right"> forwarding the Proxy-Authenticate header field.</td><td class="lineno" valign="top"></td></tr>
361	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
362	<tr><td><a name="diff0028" /></td></tr>
363	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>.3. Proxy-Authorization</td><td> </td><td class="rblock"><span class="insert">3</span>.3. Proxy-Authorization</td><td class="lineno" valign="top"></td></tr>
364	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
365	<tr><td class="lineno" valign="top"></td><td class="left"> The request-header field "Proxy-Authorization" allows the client to</td><td> </td><td class="right"> The request-header field "Proxy-Authorization" allows the client to</td><td class="lineno" valign="top"></td></tr>
366	<tr><td class="lineno" valign="top"></td><td class="left"> identify itself (or its user) to a proxy which requires</td><td> </td><td class="right"> identify itself (or its user) to a proxy which requires</td><td class="lineno" valign="top"></td></tr>
367	<tr><td class="lineno" valign="top"></td><td class="left"> authentication. The Proxy-Authorization field value consists of</td><td> </td><td class="right"> authentication. The Proxy-Authorization field value consists of</td><td class="lineno" valign="top"></td></tr>
368	<tr><td class="lineno" valign="top"></td><td class="left"> credentials containing the authentication information of the user</td><td> </td><td class="right"> credentials containing the authentication information of the user</td><td class="lineno" valign="top"></td></tr>
369	<tr><td class="lineno" valign="top"></td><td class="left"> agent for the proxy and/or realm of the resource being requested.</td><td> </td><td class="right"> agent for the proxy and/or realm of the resource being requested.</td><td class="lineno" valign="top"></td></tr>
370	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
371	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization = "Proxy-Authorization" ":" OWS</td><td> </td><td class="right"> Proxy-Authorization = "Proxy-Authorization" ":" OWS</td><td class="lineno" valign="top"></td></tr>
372	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization-v</td><td> </td><td class="right"> Proxy-Authorization-v</td><td class="lineno" valign="top"></td></tr>
373	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization-v = credentials</td><td> </td><td class="right"> Proxy-Authorization-v = credentials</td><td class="lineno" valign="top"></td></tr>
374	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
375	<tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 7, line 30</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 7, line 49</em></th><td></td></tr>
376	<tr><td class="lineno" valign="top"></td><td class="left"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td> </td><td class="right"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
377	<tr><td class="lineno" valign="top"></td><td class="left"> Unlike Authorization, the Proxy-Authorization header field applies</td><td> </td><td class="right"> Unlike Authorization, the Proxy-Authorization header field applies</td><td class="lineno" valign="top"></td></tr>
378	<tr><td class="lineno" valign="top"></td><td class="left"> only to the next outbound proxy that demanded authentication using</td><td> </td><td class="right"> only to the next outbound proxy that demanded authentication using</td><td class="lineno" valign="top"></td></tr>
379	<tr><td class="lineno" valign="top"></td><td class="left"> the Proxy-Authenticate field. When multiple proxies are used in a</td><td> </td><td class="right"> the Proxy-Authenticate field. When multiple proxies are used in a</td><td class="lineno" valign="top"></td></tr>
380	<tr><td class="lineno" valign="top"></td><td class="left"> chain, the Proxy-Authorization header field is consumed by the first</td><td> </td><td class="right"> chain, the Proxy-Authorization header field is consumed by the first</td><td class="lineno" valign="top"></td></tr>
381	<tr><td class="lineno" valign="top"></td><td class="left"> outbound proxy that was expecting to receive credentials. A proxy</td><td> </td><td class="right"> outbound proxy that was expecting to receive credentials. A proxy</td><td class="lineno" valign="top"></td></tr>
382	<tr><td class="lineno" valign="top"></td><td class="left"> MAY relay the credentials from the client request to the next proxy</td><td> </td><td class="right"> MAY relay the credentials from the client request to the next proxy</td><td class="lineno" valign="top"></td></tr>
383	<tr><td class="lineno" valign="top"></td><td class="left"> if that is the mechanism by which the proxies cooperatively</td><td> </td><td class="right"> if that is the mechanism by which the proxies cooperatively</td><td class="lineno" valign="top"></td></tr>
384	<tr><td class="lineno" valign="top"></td><td class="left"> authenticate a given request.</td><td> </td><td class="right"> authenticate a given request.</td><td class="lineno" valign="top"></td></tr>
385	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
386	<tr><td><a name="diff0029" /></td></tr>
387	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>.4. WWW-Authenticate</td><td> </td><td class="rblock"><span class="insert">3</span>.4. WWW-Authenticate</td><td class="lineno" valign="top"></td></tr>
388	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
389	<tr><td class="lineno" valign="top"></td><td class="left"> The WWW-Authenticate response-header field MUST be included in 401</td><td> </td><td class="right"> The WWW-Authenticate response-header field MUST be included in 401</td><td class="lineno" valign="top"></td></tr>
390	<tr><td class="lineno" valign="top"></td><td class="left"> (Unauthorized) response messages. The field value consists of at</td><td> </td><td class="right"> (Unauthorized) response messages. The field value consists of at</td><td class="lineno" valign="top"></td></tr>
391	<tr><td class="lineno" valign="top"></td><td class="left"> least one challenge that indicates the authentication scheme(s) and</td><td> </td><td class="right"> least one challenge that indicates the authentication scheme(s) and</td><td class="lineno" valign="top"></td></tr>
392	<tr><td><a name="diff0030" /></td></tr>
393	<tr><td class="lineno" valign="top"></td><td class="lblock"> parameters applicable to the <span class="delete">Request-URI</span>.</td><td> </td><td class="rblock"> parameters applicable to the <span class="insert">request-target</span>.</td><td class="lineno" valign="top"></td></tr>
394	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
395	<tr><td class="lineno" valign="top"></td><td class="left"> WWW-Authenticate = "WWW-Authenticate" ":" OWS WWW-Authenticate-v</td><td> </td><td class="right"> WWW-Authenticate = "WWW-Authenticate" ":" OWS WWW-Authenticate-v</td><td class="lineno" valign="top"></td></tr>
396	<tr><td class="lineno" valign="top"></td><td class="left"> WWW-Authenticate-v = 1#challenge</td><td> </td><td class="right"> WWW-Authenticate-v = 1#challenge</td><td class="lineno" valign="top"></td></tr>
397	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
398	<tr><td class="lineno" valign="top"></td><td class="left"> The HTTP access authentication process is described in "HTTP</td><td> </td><td class="right"> The HTTP access authentication process is described in "HTTP</td><td class="lineno" valign="top"></td></tr>
399	<tr><td class="lineno" valign="top"></td><td class="left"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td> </td><td class="right"> Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
400	<tr><td class="lineno" valign="top"></td><td class="left"> User agents are advised to take special care in parsing the WWW-</td><td> </td><td class="right"> User agents are advised to take special care in parsing the WWW-</td><td class="lineno" valign="top"></td></tr>
401	<tr><td class="lineno" valign="top"></td><td class="left"> Authenticate field value as it might contain more than one challenge,</td><td> </td><td class="right"> Authenticate field value as it might contain more than one challenge,</td><td class="lineno" valign="top"></td></tr>
402	<tr><td class="lineno" valign="top"></td><td class="left"> or if more than one WWW-Authenticate header field is provided, the</td><td> </td><td class="right"> or if more than one WWW-Authenticate header field is provided, the</td><td class="lineno" valign="top"></td></tr>
403	<tr><td class="lineno" valign="top"></td><td class="left"> contents of a challenge itself can contain a comma-separated list of</td><td> </td><td class="right"> contents of a challenge itself can contain a comma-separated list of</td><td class="lineno" valign="top"></td></tr>
404	<tr><td class="lineno" valign="top"></td><td class="left"> authentication parameters.</td><td> </td><td class="right"> authentication parameters.</td><td class="lineno" valign="top"></td></tr>
405	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
406	<tr><td><a name="diff0031" /></td></tr>
407	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">5</span>. IANA Considerations</td><td> </td><td class="rblock"><span class="insert">4</span>. IANA Considerations</td><td class="lineno" valign="top"></td></tr>
408	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
409	<tr><td><a name="diff0032" /></td></tr>
410	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">5</span>.1. Message Header Registration</td><td> </td><td class="rblock"><span class="insert">4</span>.1. Message Header Registration</td><td class="lineno" valign="top"></td></tr>
411	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
412	<tr><td class="lineno" valign="top"></td><td class="left"> The Message Header Registry located at <http://www.iana.org/</td><td> </td><td class="right"> The Message Header Registry located at <http://www.iana.org/</td><td class="lineno" valign="top"></td></tr>
413	<tr><td class="lineno" valign="top"></td><td class="left"> assignments/message-headers/message-header-index.html> should be</td><td> </td><td class="right"> assignments/message-headers/message-header-index.html> should be</td><td class="lineno" valign="top"></td></tr>
414	<tr><td class="lineno" valign="top"></td><td class="left"> updated with the permanent registrations below (see [RFC3864]):</td><td> </td><td class="right"> updated with the permanent registrations below (see [RFC3864]):</td><td class="lineno" valign="top"></td></tr>
415	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
416	<tr><td class="lineno" valign="top"></td><td class="left"> +---------------------+----------+----------+-------------+</td><td> </td><td class="right"> +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
417	<tr><td class="lineno" valign="top"></td><td class="left"> \| Header Field Name \| Protocol \| Status \| Reference \|</td><td> </td><td class="right"> \| Header Field Name \| Protocol \| Status \| Reference \|</td><td class="lineno" valign="top"></td></tr>
418	<tr><td class="lineno" valign="top"></td><td class="left"> +---------------------+----------+----------+-------------+</td><td> </td><td class="right"> +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
419	<tr><td><a name="diff0033" /></td></tr>
420	<tr><td class="lineno" valign="top"></td><td class="lblock"> \| Authorization \| http \| standard \| Section <span class="delete">4.1</span> \|</td><td> </td><td class="rblock"> \| Authorization \| http \| standard \| Section <span class="insert">3.1</span> \|</td><td class="lineno" valign="top"></td></tr>
421	<tr><td class="lineno" valign="top"></td><td class="lblock"> \| Proxy-Authenticate \| http \| standard \| Section <span class="delete">4.2</span> \|</td><td> </td><td class="rblock"> \| Proxy-Authenticate \| http \| standard \| Section <span class="insert">3.2</span> \|</td><td class="lineno" valign="top"></td></tr>
422	<tr><td class="lineno" valign="top"></td><td class="lblock"> \| Proxy-Authorization \| http \| standard \| Section <span class="delete">4.3</span> \|</td><td> </td><td class="rblock"> \| Proxy-Authorization \| http \| standard \| Section <span class="insert">3.3</span> \|</td><td class="lineno" valign="top"></td></tr>
423	<tr><td class="lineno" valign="top"></td><td class="lblock"> \| WWW-Authenticate \| http \| standard \| Section <span class="delete">4.4</span> \|</td><td> </td><td class="rblock"> \| WWW-Authenticate \| http \| standard \| Section <span class="insert">3.4</span> \|</td><td class="lineno" valign="top"></td></tr>
424	<tr><td class="lineno" valign="top"></td><td class="left"> +---------------------+----------+----------+-------------+</td><td> </td><td class="right"> +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
425	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
426	<tr><td class="lineno" valign="top"></td><td class="left"> The change controller is: "IETF (iesg@ietf.org) - Internet</td><td> </td><td class="right"> The change controller is: "IETF (iesg@ietf.org) - Internet</td><td class="lineno" valign="top"></td></tr>
427	<tr><td class="lineno" valign="top"></td><td class="left"> Engineering Task Force".</td><td> </td><td class="right"> Engineering Task Force".</td><td class="lineno" valign="top"></td></tr>
428	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
429	<tr><td><a name="diff0034" /></td></tr>
430	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">6</span>. Security Considerations</td><td> </td><td class="rblock"><span class="insert">5</span>. Security Considerations</td><td class="lineno" valign="top"></td></tr>
431	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
432	<tr><td class="lineno" valign="top"></td><td class="left"> This section is meant to inform application developers, information</td><td> </td><td class="right"> This section is meant to inform application developers, information</td><td class="lineno" valign="top"></td></tr>
433	<tr><td class="lineno" valign="top"></td><td class="left"> providers, and users of the security limitations in HTTP/1.1 as</td><td> </td><td class="right"> providers, and users of the security limitations in HTTP/1.1 as</td><td class="lineno" valign="top"></td></tr>
434	<tr><td class="lineno" valign="top"></td><td class="left"> described by this document. The discussion does not include</td><td> </td><td class="right"> described by this document. The discussion does not include</td><td class="lineno" valign="top"></td></tr>
435	<tr><td class="lineno" valign="top"></td><td class="left"> definitive solutions to the problems revealed, though it does make</td><td> </td><td class="right"> definitive solutions to the problems revealed, though it does make</td><td class="lineno" valign="top"></td></tr>
436	<tr><td class="lineno" valign="top"></td><td class="left"> some suggestions for reducing security risks.</td><td> </td><td class="right"> some suggestions for reducing security risks.</td><td class="lineno" valign="top"></td></tr>
437	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
438	<tr><td><a name="diff0035" /></td></tr>
439	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">6</span>.1. Authentication Credentials and Idle Clients</td><td> </td><td class="rblock"><span class="insert">5</span>.1. Authentication Credentials and Idle Clients</td><td class="lineno" valign="top"></td></tr>
440	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
441	<tr><td class="lineno" valign="top"></td><td class="left"> Existing HTTP clients and user agents typically retain authentication</td><td> </td><td class="right"> Existing HTTP clients and user agents typically retain authentication</td><td class="lineno" valign="top"></td></tr>
442	<tr><td class="lineno" valign="top"></td><td class="left"> information indefinitely. HTTP/1.1 does not provide a method for a</td><td> </td><td class="right"> information indefinitely. HTTP/1.1 does not provide a method for a</td><td class="lineno" valign="top"></td></tr>
443	<tr><td class="lineno" valign="top"></td><td class="left"> server to direct clients to discard these cached credentials. This</td><td> </td><td class="right"> server to direct clients to discard these cached credentials. This</td><td class="lineno" valign="top"></td></tr>
444	<tr><td class="lineno" valign="top"></td><td class="left"> is a significant defect that requires further extensions to HTTP.</td><td> </td><td class="right"> is a significant defect that requires further extensions to HTTP.</td><td class="lineno" valign="top"></td></tr>
445	<tr><td class="lineno" valign="top"></td><td class="left"> Circumstances under which credential caching can interfere with the</td><td> </td><td class="right"> Circumstances under which credential caching can interfere with the</td><td class="lineno" valign="top"></td></tr>
446	<tr><td class="lineno" valign="top"></td><td class="left"> application's security model include but are not limited to:</td><td> </td><td class="right"> application's security model include but are not limited to:</td><td class="lineno" valign="top"></td></tr>
447	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
448	<tr><td class="lineno" valign="top"></td><td class="left"> o Clients which have been idle for an extended period following</td><td> </td><td class="right"> o Clients which have been idle for an extended period following</td><td class="lineno" valign="top"></td></tr>
449	<tr><td class="lineno" valign="top"></td><td class="left"> which the server might wish to cause the client to reprompt the</td><td> </td><td class="right"> which the server might wish to cause the client to reprompt the</td><td class="lineno" valign="top"></td></tr>
450	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
451	<tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 9, line 9</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 9, line 26</em></th><td></td></tr>
452	<tr><td class="lineno" valign="top"></td><td class="left"> for the client to retain the credentials.</td><td> </td><td class="right"> for the client to retain the credentials.</td><td class="lineno" valign="top"></td></tr>
453	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
454	<tr><td class="lineno" valign="top"></td><td class="left"> This is currently under separate study. There are a number of work-</td><td> </td><td class="right"> This is currently under separate study. There are a number of work-</td><td class="lineno" valign="top"></td></tr>
455	<tr><td class="lineno" valign="top"></td><td class="left"> arounds to parts of this problem, and we encourage the use of</td><td> </td><td class="right"> arounds to parts of this problem, and we encourage the use of</td><td class="lineno" valign="top"></td></tr>
456	<tr><td class="lineno" valign="top"></td><td class="left"> password protection in screen savers, idle time-outs, and other</td><td> </td><td class="right"> password protection in screen savers, idle time-outs, and other</td><td class="lineno" valign="top"></td></tr>
457	<tr><td class="lineno" valign="top"></td><td class="left"> methods which mitigate the security problems inherent in this</td><td> </td><td class="right"> methods which mitigate the security problems inherent in this</td><td class="lineno" valign="top"></td></tr>
458	<tr><td class="lineno" valign="top"></td><td class="left"> problem. In particular, user agents which cache credentials are</td><td> </td><td class="right"> problem. In particular, user agents which cache credentials are</td><td class="lineno" valign="top"></td></tr>
459	<tr><td class="lineno" valign="top"></td><td class="left"> encouraged to provide a readily accessible mechanism for discarding</td><td> </td><td class="right"> encouraged to provide a readily accessible mechanism for discarding</td><td class="lineno" valign="top"></td></tr>
460	<tr><td class="lineno" valign="top"></td><td class="left"> cached credentials under user control.</td><td> </td><td class="right"> cached credentials under user control.</td><td class="lineno" valign="top"></td></tr>
461	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
462	<tr><td><a name="diff0036" /></td></tr>
463	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">7</span>. Acknowledgments</td><td> </td><td class="rblock"><span class="insert">6</span>. Acknowledgments</td><td class="lineno" valign="top"></td></tr>
464	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
465	<tr><td class="lineno" valign="top"></td><td class="left"> [[anchor2: TBD.]]</td><td> </td><td class="right"> [[anchor2: TBD.]]</td><td class="lineno" valign="top"></td></tr>
466	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
467	<tr><td><a name="diff0037" /></td></tr>
468	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">8</span>. References</td><td> </td><td class="rblock"><span class="insert">7</span>. References</td><td class="lineno" valign="top"></td></tr>
469	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
470	<tr><td><a name="diff0038" /></td></tr>
471	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">8</span>.1. Normative References</td><td> </td><td class="rblock"><span class="insert">7</span>.1. Normative References</td><td class="lineno" valign="top"></td></tr>
472	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
473	<tr><td class="lineno" valign="top"></td><td class="left"> [Part1] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</td><td> </td><td class="right"> [Part1] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</td><td class="lineno" valign="top"></td></tr>
474	<tr><td class="lineno" valign="top"></td><td class="left"> Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</td><td> </td><td class="right"> Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</td><td class="lineno" valign="top"></td></tr>
475	<tr><td class="lineno" valign="top"></td><td class="left"> and J. Reschke, Ed., "HTTP/1.1, part 1: URIs, Connections,</td><td> </td><td class="right"> and J. Reschke, Ed., "HTTP/1.1, part 1: URIs, Connections,</td><td class="lineno" valign="top"></td></tr>
476	<tr><td><a name="diff0039" /></td></tr>
477	<tr><td class="lineno" valign="top"></td><td class="lblock"> and Message Parsing", <span class="delete">draft-ietf-httpbis-p1-messaging-05</span></td><td> </td><td class="rblock"> and Message Parsing", <span class="insert">draft-ietf-httpbis-p1-messaging-06</span></td><td class="lineno" valign="top"></td></tr>
478	<tr><td class="lineno" valign="top"></td><td class="lblock"> (work in progress), <span class="delete">November 2008.</span></td><td> </td><td class="rblock"> (work in progress), <span class="insert">March 2009.</span></td><td class="lineno" valign="top"></td></tr>
479	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
480	<tr><td class="lineno" valign="top"></td><td class="left"> [Part6] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</td><td> </td><td class="right"> [Part6] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</td><td class="lineno" valign="top"></td></tr>
481	<tr><td class="lineno" valign="top"></td><td class="left"> Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</td><td> </td><td class="right"> Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</td><td class="lineno" valign="top"></td></tr>
482	<tr><td class="lineno" valign="top"></td><td class="left"> and J. Reschke, Ed., "HTTP/1.1, part 6: Caching",</td><td> </td><td class="right"> and J. Reschke, Ed., "HTTP/1.1, part 6: Caching",</td><td class="lineno" valign="top"></td></tr>
483	<tr><td><a name="diff0040" /></td></tr>
484	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">draft-ietf-httpbis-p6-cache-05</span> (work in progress),</td><td> </td><td class="rblock"> <span class="insert">draft-ietf-httpbis-p6-cache-06</span> (work in progress),</td><td class="lineno" valign="top"></td></tr>
485	<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">November 2008.</span></td><td> </td><td class="rblock"> <span class="insert">March 2009.</span></td><td class="lineno" valign="top"></td></tr>
486	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
487	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate</td><td> </td><td class="right"> [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate</td><td class="lineno" valign="top"></td></tr>
488	<tr><td class="lineno" valign="top"></td><td class="left"> Requirement Levels", BCP 14, RFC 2119, March 1997.</td><td> </td><td class="right"> Requirement Levels", BCP 14, RFC 2119, March 1997.</td><td class="lineno" valign="top"></td></tr>
489	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
490	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,</td><td> </td><td class="right"> [RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,</td><td class="lineno" valign="top"></td></tr>
491	<tr><td class="lineno" valign="top"></td><td class="left"> Leach, P., Luotonen, A., and L. Stewart, "HTTP</td><td> </td><td class="right"> Leach, P., Luotonen, A., and L. Stewart, "HTTP</td><td class="lineno" valign="top"></td></tr>
492	<tr><td class="lineno" valign="top"></td><td class="left"> Authentication: Basic and Digest Access Authentication",</td><td> </td><td class="right"> Authentication: Basic and Digest Access Authentication",</td><td class="lineno" valign="top"></td></tr>
493	<tr><td class="lineno" valign="top"></td><td class="left"> RFC 2617, June 1999.</td><td> </td><td class="right"> RFC 2617, June 1999.</td><td class="lineno" valign="top"></td></tr>
494	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
495	<tr><td><a name="diff0041" /></td></tr>
496	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">8.2.</span> Informative References</td><td> </td><td class="rblock"> <span class="insert">[RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax</span></td><td class="lineno" valign="top"></td></tr>
497	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Specifications: ABNF", STD 68, RFC 5234, January 2008.</span></td><td class="lineno" valign="top"></td></tr>
498	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
499	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">7.2.</span> Informative References</td><td class="lineno" valign="top"></td></tr>
500	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
501	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,</td><td> </td><td class="right"> [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,</td><td class="lineno" valign="top"></td></tr>
502	<tr><td class="lineno" valign="top"></td><td class="left"> Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext</td><td> </td><td class="right"> Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext</td><td class="lineno" valign="top"></td></tr>
503	<tr><td class="lineno" valign="top"></td><td class="left"> Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.</td><td> </td><td class="right"> Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.</td><td class="lineno" valign="top"></td></tr>
504	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
505	<tr><td class="lineno" valign="top"></td><td class="left"> [RFC3864] Klyne, G., Nottingham, M., and J. Mogul, "Registration</td><td> </td><td class="right"> [RFC3864] Klyne, G., Nottingham, M., and J. Mogul, "Registration</td><td class="lineno" valign="top"></td></tr>
506	<tr><td class="lineno" valign="top"></td><td class="left"> Procedures for Message Header Fields", BCP 90, RFC 3864,</td><td> </td><td class="right"> Procedures for Message Header Fields", BCP 90, RFC 3864,</td><td class="lineno" valign="top"></td></tr>
507	<tr><td class="lineno" valign="top"></td><td class="left"> September 2004.</td><td> </td><td class="right"> September 2004.</td><td class="lineno" valign="top"></td></tr>
508	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
509	<tr><td class="lineno" valign="top"></td><td class="left">Appendix A. Compatibility with Previous Versions</td><td> </td><td class="right">Appendix A. Compatibility with Previous Versions</td><td class="lineno" valign="top"></td></tr>
510	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
511	<tr><td class="lineno" valign="top"></td><td class="left">A.1. Changes from RFC 2616</td><td> </td><td class="right">A.1. Changes from RFC 2616</td><td class="lineno" valign="top"></td></tr>
512	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
513	<tr><td><a name="diff0042" /></td></tr>
514	<tr><td class="lineno" valign="top"></td><td class="lblock">Appendix B. C<span class="delete">hange Log (to be removed by RFC Editor before publication)</span></td><td> </td><td class="rblock">Appendix B. C<span class="insert">ollected ABNF</span></td><td class="lineno" valign="top"></td></tr>
515	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
516	<tr><td><a name="diff0043" /></td></tr>
517	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B.1.</span> Since RFC2616</td><td> </td><td class="rblock"> <span class="insert">Authorization = "Authorization:" OWS Authorization-v</span></td><td class="lineno" valign="top"></td></tr>
518	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Authorization-v = credentials</span></td><td class="lineno" valign="top"></td></tr>
519	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
520	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> OWS = <OWS, defined in [Part1], Section 1.2.2></span></td><td class="lineno" valign="top"></td></tr>
521	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
522	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Proxy-Authenticate = "Proxy-Authenticate:" OWS Proxy-Authenticate-v</span></td><td class="lineno" valign="top"></td></tr>
523	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Proxy-Authenticate-v = ( "," OWS ) challenge ( OWS "," [ OWS</span></td><td class="lineno" valign="top"></td></tr>
524	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> challenge ] )</span></td><td class="lineno" valign="top"></td></tr>
525	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Proxy-Authorization = "Proxy-Authorization:" OWS</span></td><td class="lineno" valign="top"></td></tr>
526	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Proxy-Authorization-v</span></td><td class="lineno" valign="top"></td></tr>
527	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Proxy-Authorization-v = credentials</span></td><td class="lineno" valign="top"></td></tr>
528	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
529	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> WWW-Authenticate = "WWW-Authenticate:" OWS WWW-Authenticate-v</span></td><td class="lineno" valign="top"></td></tr>
530	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> WWW-Authenticate-v = ( "," OWS ) challenge ( OWS "," [ OWS</span></td><td class="lineno" valign="top"></td></tr>
531	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> challenge ] )</span></td><td class="lineno" valign="top"></td></tr>
532	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
533	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> challenge = <challenge, defined in [RFC2617], Section 1.2></span></td><td class="lineno" valign="top"></td></tr>
534	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> credentials = <credentials, defined in [RFC2617], Section 1.2></span></td><td class="lineno" valign="top"></td></tr>
535	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> ABNF diagnostics:</span></td><td class="lineno" valign="top"></td></tr>
536	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
537	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> ; Authorization defined but not used</span></td><td class="lineno" valign="top"></td></tr>
538	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> ; Proxy-Authenticate defined but not used</span></td><td class="lineno" valign="top"></td></tr>
539	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> ; Proxy-Authorization defined but not used</span></td><td class="lineno" valign="top"></td></tr>
540	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> ; WWW-Authenticate defined but not used</span></td><td class="lineno" valign="top"></td></tr>
541	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
542	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">Appendix C. Change Log (to be removed by RFC Editor before publication)</span></td><td class="lineno" valign="top"></td></tr>
543	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
544	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">C.1.</span> Since RFC2616</td><td class="lineno" valign="top"></td></tr>
545	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
546	<tr><td class="lineno" valign="top"></td><td class="left"> Extracted relevant partitions from [RFC2616].</td><td> </td><td class="right"> Extracted relevant partitions from [RFC2616].</td><td class="lineno" valign="top"></td></tr>
547	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
548	<tr><td><a name="diff0044" /></td></tr>
549	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B</span>.2. Since draft-ietf-httpbis-p7-auth-00</td><td> </td><td class="rblock"><span class="insert">C</span>.2. Since draft-ietf-httpbis-p7-auth-00</td><td class="lineno" valign="top"></td></tr>
550	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
551	<tr><td class="lineno" valign="top"></td><td class="left"> Closed issues:</td><td> </td><td class="right"> Closed issues:</td><td class="lineno" valign="top"></td></tr>
552	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
553	<tr><td class="lineno" valign="top"></td><td class="left"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/35>: "Normative and</td><td> </td><td class="right"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/35>: "Normative and</td><td class="lineno" valign="top"></td></tr>
554	<tr><td class="lineno" valign="top"></td><td class="left"> Informative references"</td><td> </td><td class="right"> Informative references"</td><td class="lineno" valign="top"></td></tr>
555	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
556	<tr><td><a name="diff0045" /></td></tr>
557	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B</span>.3. Since draft-ietf-httpbis-p7-auth-01</td><td> </td><td class="rblock"><span class="insert">C</span>.3. Since draft-ietf-httpbis-p7-auth-01</td><td class="lineno" valign="top"></td></tr>
558	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
559	<tr><td class="lineno" valign="top"></td><td class="left"> Ongoing work on ABNF conversion</td><td> </td><td class="right"> Ongoing work on ABNF conversion</td><td class="lineno" valign="top"></td></tr>
560	<tr><td class="lineno" valign="top"></td><td class="left"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):</td><td> </td><td class="right"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):</td><td class="lineno" valign="top"></td></tr>
561	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
562	<tr><td class="lineno" valign="top"></td><td class="left"> o Explicitly import BNF rules for "challenge" and "credentials" from</td><td> </td><td class="right"> o Explicitly import BNF rules for "challenge" and "credentials" from</td><td class="lineno" valign="top"></td></tr>
563	<tr><td class="lineno" valign="top"></td><td class="left"> RFC2617.</td><td> </td><td class="right"> RFC2617.</td><td class="lineno" valign="top"></td></tr>
564	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
565	<tr><td class="lineno" valign="top"></td><td class="left"> o Add explicit references to BNF syntax and rules imported from</td><td> </td><td class="right"> o Add explicit references to BNF syntax and rules imported from</td><td class="lineno" valign="top"></td></tr>
566	<tr><td class="lineno" valign="top"></td><td class="left"> other parts of the specification.</td><td> </td><td class="right"> other parts of the specification.</td><td class="lineno" valign="top"></td></tr>
567	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
568	<tr><td><a name="diff0046" /></td></tr>
569	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B</span>.4. Since draft-ietf-httpbis-p7-auth-02</td><td> </td><td class="rblock"><span class="insert">C</span>.4. Since draft-ietf-httpbis-p7-auth-02</td><td class="lineno" valign="top"></td></tr>
570	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
571	<tr><td class="lineno" valign="top"></td><td class="left"> Ongoing work on IANA Message Header Registration</td><td> </td><td class="right"> Ongoing work on IANA Message Header Registration</td><td class="lineno" valign="top"></td></tr>
572	<tr><td class="lineno" valign="top"></td><td class="left"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/40>):</td><td> </td><td class="right"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/40>):</td><td class="lineno" valign="top"></td></tr>
573	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
574	<tr><td class="lineno" valign="top"></td><td class="left"> o Reference RFC 3984, and update header registrations for headers</td><td> </td><td class="right"> o Reference RFC 3984, and update header registrations for headers</td><td class="lineno" valign="top"></td></tr>
575	<tr><td class="lineno" valign="top"></td><td class="left"> defined in this document.</td><td> </td><td class="right"> defined in this document.</td><td class="lineno" valign="top"></td></tr>
576	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
577	<tr><td><a name="diff0047" /></td></tr>
578	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B</span>.5. Since draft-ietf-httpbis-p7-auth-03</td><td> </td><td class="rblock"><span class="insert">C</span>.5. Since draft-ietf-httpbis-p7-auth-03</td><td class="lineno" valign="top"></td></tr>
579	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
580	<tr><td><a name="diff0048" /></td></tr>
581	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B</span>.6. Since draft-ietf-httpbis-p7-auth-04</td><td> </td><td class="rblock"><span class="insert">C</span>.6. Since draft-ietf-httpbis-p7-auth-04</td><td class="lineno" valign="top"></td></tr>
582	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
583	<tr><td class="lineno" valign="top"></td><td class="left"> Ongoing work on ABNF conversion</td><td> </td><td class="right"> Ongoing work on ABNF conversion</td><td class="lineno" valign="top"></td></tr>
584	<tr><td class="lineno" valign="top"></td><td class="left"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):</td><td> </td><td class="right"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):</td><td class="lineno" valign="top"></td></tr>
585	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
586	<tr><td class="lineno" valign="top"></td><td class="left"> o Use "/" instead of "\|" for alternatives.</td><td> </td><td class="right"> o Use "/" instead of "\|" for alternatives.</td><td class="lineno" valign="top"></td></tr>
587	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
588	<tr><td class="lineno" valign="top"></td><td class="left"> o Introduce new ABNF rules for "bad" whitespace ("BWS"), optional</td><td> </td><td class="right"> o Introduce new ABNF rules for "bad" whitespace ("BWS"), optional</td><td class="lineno" valign="top"></td></tr>
589	<tr><td class="lineno" valign="top"></td><td class="left"> whitespace ("OWS") and required whitespace ("RWS").</td><td> </td><td class="right"> whitespace ("OWS") and required whitespace ("RWS").</td><td class="lineno" valign="top"></td></tr>
590	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
591	<tr><td class="lineno" valign="top"></td><td class="left"> o Rewrite ABNFs to spell out whitespace rules, factor out header</td><td> </td><td class="right"> o Rewrite ABNFs to spell out whitespace rules, factor out header</td><td class="lineno" valign="top"></td></tr>
592	<tr><td class="lineno" valign="top"></td><td class="left"> value format definitions.</td><td> </td><td class="right"> value format definitions.</td><td class="lineno" valign="top"></td></tr>
593	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
594	<tr><td><a name="diff0049" /></td></tr>
595	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">C.7. Since draft-ietf-httpbis-p7-auth-05</span></td><td class="lineno" valign="top"></td></tr>
596	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
597	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Final work on ABNF conversion</span></td><td class="lineno" valign="top"></td></tr>
598	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):</span></td><td class="lineno" valign="top"></td></tr>
599	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
600	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Add appendix containing collected and expanded ABNF, reorganize</span></td><td class="lineno" valign="top"></td></tr>
601	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> ABNF introduction.</span></td><td class="lineno" valign="top"></td></tr>
602	<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
603	<tr><td class="lineno" valign="top"></td><td class="left">Index</td><td> </td><td class="right">Index</td><td class="lineno" valign="top"></td></tr>
604	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
605	<tr><td class="lineno" valign="top"></td><td class="left"> 4</td><td> </td><td class="right"> 4</td><td class="lineno" valign="top"></td></tr>
606	<tr><td class="lineno" valign="top"></td><td class="left"> 401 Unauthorized (status code) 5</td><td> </td><td class="right"> 401 Unauthorized (status code) 5</td><td class="lineno" valign="top"></td></tr>
607	<tr><td class="lineno" valign="top"></td><td class="left"> 407 Proxy Authentication Required (status code) 5</td><td> </td><td class="right"> 407 Proxy Authentication Required (status code) 5</td><td class="lineno" valign="top"></td></tr>
608	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
609	<tr><td class="lineno" valign="top"></td><td class="left"> A</td><td> </td><td class="right"> A</td><td class="lineno" valign="top"></td></tr>
610	<tr><td><a name="diff0050" /></td></tr>
611	<tr><td class="lineno" valign="top"></td><td class="lblock"> Authorization header <span class="delete">5</span></td><td> </td><td class="rblock"> Authorization header <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
612	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
613	<tr><td class="lineno" valign="top"></td><td class="left"> G</td><td> </td><td class="right"> G</td><td class="lineno" valign="top"></td></tr>
614	<tr><td class="lineno" valign="top"></td><td class="left"> Grammar</td><td> </td><td class="right"> Grammar</td><td class="lineno" valign="top"></td></tr>
615	<tr><td><a name="diff0051" /></td></tr>
616	<tr><td class="lineno" valign="top"></td><td class="lblock"> Authorization <span class="delete">5</span></td><td> </td><td class="rblock"> Authorization <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
617	<tr><td class="lineno" valign="top"></td><td class="lblock"> Authorization-v <span class="delete">5</span></td><td> </td><td class="rblock"> Authorization-v <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
618	<tr><td class="lineno" valign="top"></td><td class="lblock"> challenge <span class="delete">4</span></td><td> </td><td class="rblock"> challenge <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
619	<tr><td class="lineno" valign="top"></td><td class="lblock"> credentials <span class="delete">4</span></td><td> </td><td class="rblock"> credentials <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
620	<tr><td class="lineno" valign="top"></td><td class="lblock"> Proxy-Authenticate <span class="delete">6</span></td><td> </td><td class="rblock"> Proxy-Authenticate <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
621	<tr><td class="lineno" valign="top"></td><td class="lblock"> Proxy-Authenticate-v <span class="delete">6</span></td><td> </td><td class="rblock"> Proxy-Authenticate-v <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
622	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization 7</td><td> </td><td class="right"> Proxy-Authorization 7</td><td class="lineno" valign="top"></td></tr>
623	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization-v 7</td><td> </td><td class="right"> Proxy-Authorization-v 7</td><td class="lineno" valign="top"></td></tr>
624	<tr><td><a name="diff0052" /></td></tr>
625	<tr><td class="lineno" valign="top"></td><td class="lblock"> WWW-Authenticate <span class="delete">7</span></td><td> </td><td class="rblock"> WWW-Authenticate <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
626	<tr><td class="lineno" valign="top"></td><td class="lblock"> WWW-Authenticate-v <span class="delete">7</span></td><td> </td><td class="rblock"> WWW-Authenticate-v <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
627	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
628	<tr><td class="lineno" valign="top"></td><td class="left"> H</td><td> </td><td class="right"> H</td><td class="lineno" valign="top"></td></tr>
629	<tr><td class="lineno" valign="top"></td><td class="left"> Headers</td><td> </td><td class="right"> Headers</td><td class="lineno" valign="top"></td></tr>
630	<tr><td><a name="diff0053" /></td></tr>
631	<tr><td class="lineno" valign="top"></td><td class="lblock"> Authorization <span class="delete">5</span></td><td> </td><td class="rblock"> Authorization 6</td><td class="lineno" valign="top"></td></tr>
632	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Proxy-Authenticate</span> 6</td><td> </td><td class="rblock"> <span class="insert">Proxy-Authenticate 7</span></td><td class="lineno" valign="top"></td></tr>
633	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization 7</td><td> </td><td class="right"> Proxy-Authorization 7</td><td class="lineno" valign="top"></td></tr>
634	<tr><td class="lineno" valign="top"></td><td class="left"> WWW-Authenticate 7</td><td> </td><td class="right"> WWW-Authenticate 7</td><td class="lineno" valign="top"></td></tr>
635	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
636	<tr><td class="lineno" valign="top"></td><td class="left"> P</td><td> </td><td class="right"> P</td><td class="lineno" valign="top"></td></tr>
637	<tr><td><a name="diff0054" /></td></tr>
638	<tr><td class="lineno" valign="top"></td><td class="lblock"> Proxy-Authenticate header <span class="delete">6</span></td><td> </td><td class="rblock"> Proxy-Authenticate header <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
639	<tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization header 7</td><td> </td><td class="right"> Proxy-Authorization header 7</td><td class="lineno" valign="top"></td></tr>
640	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
641	<tr><td class="lineno" valign="top"></td><td class="left"> S</td><td> </td><td class="right"> S</td><td class="lineno" valign="top"></td></tr>
642	<tr><td class="lineno" valign="top"></td><td class="left"> Status Codes</td><td> </td><td class="right"> Status Codes</td><td class="lineno" valign="top"></td></tr>
643	<tr><td class="lineno" valign="top"></td><td class="left"> 401 Unauthorized 5</td><td> </td><td class="right"> 401 Unauthorized 5</td><td class="lineno" valign="top"></td></tr>
644	<tr><td class="lineno" valign="top"></td><td class="left"> 407 Proxy Authentication Required 5</td><td> </td><td class="right"> 407 Proxy Authentication Required 5</td><td class="lineno" valign="top"></td></tr>
645	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
646	<tr><td class="lineno" valign="top"></td><td class="left"> W</td><td> </td><td class="right"> W</td><td class="lineno" valign="top"></td></tr>
647	<tr><td class="lineno" valign="top"></td><td class="left"> WWW-Authenticate header 7</td><td> </td><td class="right"> WWW-Authenticate header 7</td><td class="lineno" valign="top"></td></tr>
648	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
649	<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
650	<tr bgcolor="gray" ><td></td><th><a name="part-l8" /><small>skipping to change at</small><em> page 15, line 4</em></th><th> </th><th><a name="part-r8" /><small>skipping to change at</small><em> line 634</em></th><td></td></tr>
651	<tr><td class="lineno" valign="top"></td><td class="left"> Julian F. Reschke (editor)</td><td> </td><td class="right"> Julian F. Reschke (editor)</td><td class="lineno" valign="top"></td></tr>
652	<tr><td class="lineno" valign="top"></td><td class="left"> greenbytes GmbH</td><td> </td><td class="right"> greenbytes GmbH</td><td class="lineno" valign="top"></td></tr>
653	<tr><td class="lineno" valign="top"></td><td class="left"> Hafenweg 16</td><td> </td><td class="right"> Hafenweg 16</td><td class="lineno" valign="top"></td></tr>
654	<tr><td class="lineno" valign="top"></td><td class="left"> Muenster, NW 48155</td><td> </td><td class="right"> Muenster, NW 48155</td><td class="lineno" valign="top"></td></tr>
655	<tr><td class="lineno" valign="top"></td><td class="left"> Germany</td><td> </td><td class="right"> Germany</td><td class="lineno" valign="top"></td></tr>
656	<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
657	<tr><td class="lineno" valign="top"></td><td class="left"> Phone: +49 251 2807760</td><td> </td><td class="right"> Phone: +49 251 2807760</td><td class="lineno" valign="top"></td></tr>
658	<tr><td class="lineno" valign="top"></td><td class="left"> Fax: +49 251 2807761</td><td> </td><td class="right"> Fax: +49 251 2807761</td><td class="lineno" valign="top"></td></tr>
659	<tr><td class="lineno" valign="top"></td><td class="left"> Email: julian.reschke@greenbytes.de</td><td> </td><td class="right"> Email: julian.reschke@greenbytes.de</td><td class="lineno" valign="top"></td></tr>
660	<tr><td class="lineno" valign="top"></td><td class="left"> URI: http://greenbytes.de/tech/webdav/</td><td> </td><td class="right"> URI: http://greenbytes.de/tech/webdav/</td><td class="lineno" valign="top"></td></tr>
661	<tr><td><a name="diff0055" /></td></tr>
662	<tr><td class="lineno" valign="top"></td><td class="lblock"> </td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
663	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Full Copyright Statement</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
664	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
665	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Copyright (C) The IETF Trust (2008).</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
666	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
667	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> This document is subject to the rights, licenses and restrictions</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
668	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> contained in BCP 78, and except as set forth therein, the authors</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
669	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> retain all their rights.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
670	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
671	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> This document and the information contained herein are provided on an</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
672	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
673	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
674	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
675	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
676	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
677	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
678	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
679	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Intellectual Property</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
680	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
681	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> The IETF takes no position regarding the validity or scope of any</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
682	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Intellectual Property Rights or other rights that might be claimed to</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
683	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> pertain to the implementation or use of the technology described in</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
684	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> this document or the extent to which any license under such rights</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
685	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> might or might not be available; nor does it represent that it has</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
686	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> made any independent effort to identify any such rights. Information</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
687	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> on the procedures with respect to rights in RFC documents can be</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
688	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> found in BCP 78 and BCP 79.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
689	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
690	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Copies of IPR disclosures made to the IETF Secretariat and any</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
691	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> assurances of licenses to be made available, or the result of an</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
692	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> attempt made to obtain a general license or permission for the use of</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
693	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> such proprietary rights by implementers or users of this</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
694	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> specification can be obtained from the IETF on-line IPR repository at</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
695	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> http://www.ietf.org/ipr.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
696	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
697	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> The IETF invites any interested party to bring to its attention any</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
698	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> copyrights, patents or patent applications, or other proprietary</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
699	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> rights that may cover technology that may be required to implement</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
700	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> this standard. Please address the information to the IETF at</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
701	<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> ietf-ipr@ietf.org.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
702
703	<tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr>
704	<tr bgcolor="gray"><th colspan="5" align="center"><a name="end"> End of changes. 55 change blocks. </a></th></tr>
705	<tr class="stats"><td></td><th><i>95 lines changed or deleted</i></th><th><i> </i></th><th><i>170 lines changed or added</i></th><td></td></tr>
706	<tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.35. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr>
707	</table>
708	</body>
709	</html>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: draft-ietf-httpbis/diffs/draft-ietf-httpbis-p7-auth-06-from-5.diff.html @ 2110

Download in other formats: