source: draft-ietf-httpbis/diffs/draft-ietf-httpbis-p7-auth-06-from-5.diff.html @ 605

Last change on this file since 605 was 547, checked in by julian.reschke@…, 11 years ago

Prepare submission of draft -06 on Monday, March 09.

  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/html; charset=iso-8859-1
File size: 147.0 KB
Line 
1<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
2<!-- Generated by rfcdiff 1.35: rfcdiff  --> 
3<!-- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional" > -->
4<html> 
5<head> 
6  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> 
7  <meta http-equiv="Content-Style-Type" content="text/css" /> 
8  <title>Diff: draft-ietf-httpbis-p7-auth-05.txt - draft-ietf-httpbis-p7-auth-06.txt</title> 
9  <style type="text/css"> 
10    body    { margin: 0.4ex; margin-right: auto; } 
11    tr      { } 
12    td      { white-space: pre; font-family: monospace; vertical-align: top; font-size: 0.86em;} 
13    th      { font-size: 0.86em; } 
14    .small  { font-size: 0.6em; font-style: italic; font-family: Verdana, Helvetica, sans-serif; } 
15    .left   { background-color: #EEE; } 
16    .right  { background-color: #FFF; } 
17    .diff   { background-color: #CCF; } 
18    .lblock { background-color: #BFB; } 
19    .rblock { background-color: #FF8; } 
20    .insert { background-color: #8FF; } 
21    .delete { background-color: #ACF; } 
22    .void   { background-color: #FFB; } 
23    .cont   { background-color: #EEE; } 
24    .linebr { background-color: #AAA; } 
25    .lineno { color: red; background-color: #FFF; font-size: 0.7em; text-align: right; padding: 0 2px; } 
26    .elipsis{ background-color: #AAA; } 
27    .left .cont { background-color: #DDD; } 
28    .right .cont { background-color: #EEE; } 
29    .lblock .cont { background-color: #9D9; } 
30    .rblock .cont { background-color: #DD6; } 
31    .insert .cont { background-color: #0DD; } 
32    .delete .cont { background-color: #8AD; } 
33    .stats, .stats td, .stats th { background-color: #EEE; padding: 2px 0; } 
34  </style> 
35</head> 
36<body > 
37  <table border="0" cellpadding="0" cellspacing="0"> 
38  <tr bgcolor="orange"><th></th><th>&nbsp;draft-ietf-httpbis-p7-auth-05.txt&nbsp;</th><th> </th><th>&nbsp;draft-ietf-httpbis-p7-auth-06.txt&nbsp;</th><th></th></tr> 
39      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
40      <tr><td><a name="diff0001" /></td></tr>
41      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Network</span> Working Group                                   R. Fielding, Ed.</td><td> </td><td class="rblock"><span class="insert">HTTPbis</span> Working Group                                   R. Fielding, Ed.</td><td class="lineno" valign="top"></td></tr>
42      <tr><td class="lineno" valign="top"></td><td class="left">Internet-Draft                                              Day Software</td><td> </td><td class="right">Internet-Draft                                              Day Software</td><td class="lineno" valign="top"></td></tr>
43      <tr><td class="lineno" valign="top"></td><td class="left">Obsoletes: 2616 (if approved)                                  J. Gettys</td><td> </td><td class="right">Obsoletes: 2616 (if approved)                                  J. Gettys</td><td class="lineno" valign="top"></td></tr>
44      <tr><td class="lineno" valign="top"></td><td class="left">Updates: 2617 (if approved)                         One Laptop per Child</td><td> </td><td class="right">Updates: 2617 (if approved)                         One Laptop per Child</td><td class="lineno" valign="top"></td></tr>
45      <tr><td class="lineno" valign="top"></td><td class="left">Intended status: Standards Track                                J. Mogul</td><td> </td><td class="right">Intended status: Standards Track                                J. Mogul</td><td class="lineno" valign="top"></td></tr>
46      <tr><td><a name="diff0002" /></td></tr>
47      <tr><td class="lineno" valign="top"></td><td class="lblock">Expires: <span class="delete">May 20, 2009      </span>                                           HP</td><td> </td><td class="rblock">Expires: <span class="insert">September 10, 2009</span>                                           HP</td><td class="lineno" valign="top"></td></tr>
48      <tr><td class="lineno" valign="top"></td><td class="left">                                                              H. Frystyk</td><td> </td><td class="right">                                                              H. Frystyk</td><td class="lineno" valign="top"></td></tr>
49      <tr><td class="lineno" valign="top"></td><td class="left">                                                               Microsoft</td><td> </td><td class="right">                                                               Microsoft</td><td class="lineno" valign="top"></td></tr>
50      <tr><td class="lineno" valign="top"></td><td class="left">                                                             L. Masinter</td><td> </td><td class="right">                                                             L. Masinter</td><td class="lineno" valign="top"></td></tr>
51      <tr><td class="lineno" valign="top"></td><td class="left">                                                           Adobe Systems</td><td> </td><td class="right">                                                           Adobe Systems</td><td class="lineno" valign="top"></td></tr>
52      <tr><td class="lineno" valign="top"></td><td class="left">                                                                P. Leach</td><td> </td><td class="right">                                                                P. Leach</td><td class="lineno" valign="top"></td></tr>
53      <tr><td class="lineno" valign="top"></td><td class="left">                                                               Microsoft</td><td> </td><td class="right">                                                               Microsoft</td><td class="lineno" valign="top"></td></tr>
54      <tr><td class="lineno" valign="top"></td><td class="left">                                                          T. Berners-Lee</td><td> </td><td class="right">                                                          T. Berners-Lee</td><td class="lineno" valign="top"></td></tr>
55      <tr><td class="lineno" valign="top"></td><td class="left">                                                                 W3C/MIT</td><td> </td><td class="right">                                                                 W3C/MIT</td><td class="lineno" valign="top"></td></tr>
56      <tr><td class="lineno" valign="top"></td><td class="left">                                                           Y. Lafon, Ed.</td><td> </td><td class="right">                                                           Y. Lafon, Ed.</td><td class="lineno" valign="top"></td></tr>
57      <tr><td class="lineno" valign="top"></td><td class="left">                                                                     W3C</td><td> </td><td class="right">                                                                     W3C</td><td class="lineno" valign="top"></td></tr>
58      <tr><td class="lineno" valign="top"></td><td class="left">                                                         J. Reschke, Ed.</td><td> </td><td class="right">                                                         J. Reschke, Ed.</td><td class="lineno" valign="top"></td></tr>
59      <tr><td class="lineno" valign="top"></td><td class="left">                                                              greenbytes</td><td> </td><td class="right">                                                              greenbytes</td><td class="lineno" valign="top"></td></tr>
60      <tr><td><a name="diff0003" /></td></tr>
61      <tr><td class="lineno" valign="top"></td><td class="lblock">                                                       <span class="delete">November 16, 2008</span></td><td> </td><td class="rblock">                                                       <span class="insert">    March 9, 2009</span></td><td class="lineno" valign="top"></td></tr>
62      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
63      <tr><td class="lineno" valign="top"></td><td class="left">                    HTTP/1.1, part 7: Authentication</td><td> </td><td class="right">                    HTTP/1.1, part 7: Authentication</td><td class="lineno" valign="top"></td></tr>
64      <tr><td><a name="diff0004" /></td></tr>
65      <tr><td class="lineno" valign="top"></td><td class="lblock">                     draft-ietf-httpbis-p7-auth-0<span class="delete">5</span></td><td> </td><td class="rblock">                     draft-ietf-httpbis-p7-auth-0<span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
66      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
67      <tr><td class="lineno" valign="top"></td><td class="left">Status of this Memo</td><td> </td><td class="right">Status of this Memo</td><td class="lineno" valign="top"></td></tr>
68      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
69      <tr><td><a name="diff0005" /></td></tr>
70      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">By submitting this Internet-Draft, each author represents that any</span></td><td> </td><td class="rblock">   <span class="insert">This Internet-Draft is submitted to IETF in full conformance with the</span></td><td class="lineno" valign="top"></td></tr>
71      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   applicable patent or other IPR claims</span> of <span class="delete">which he</span> or <span class="delete">she is aware</span></td><td> </td><td class="rblock"><span class="insert">   provisions</span> of <span class="insert">BCP 78 and BCP 79.  This document may contain material</span></td><td class="lineno" valign="top"></td></tr>
72      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   have been</span> or <span class="delete">will</span> be <span class="delete">disclosed,</span> and <span class="delete">any</span> of <span class="delete">which he or she becomes</span></td><td> </td><td class="rblock"><span class="insert">   from IETF Documents</span> or <span class="insert">IETF Contributions published</span> or <span class="insert">made publicly</span></td><td class="lineno" valign="top"></td></tr>
73      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   aware will</span> be <span class="delete">disclosed, in accordance with Section 6 of BCP 79.</span></td><td> </td><td class="rblock"><span class="insert">   available before November 10, 2008.  The person(s) controlling the</span></td><td class="lineno" valign="top"></td></tr>
74      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   copyright in some of this material may not have granted the IETF</span></td><td class="lineno" valign="top"></td></tr>
75      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Trust the right to allow modifications of such material outside the</span></td><td class="lineno" valign="top"></td></tr>
76      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   IETF Standards Process.  Without obtaining an adequate license from</span></td><td class="lineno" valign="top"></td></tr>
77      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   the person(s) controlling the copyright in such materials, this</span></td><td class="lineno" valign="top"></td></tr>
78      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   document may not</span> be <span class="insert">modified outside the IETF Standards Process,</span> and</td><td class="lineno" valign="top"></td></tr>
79      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock">   <span class="insert">derivative works</span> of <span class="insert">it may not</span> be <span class="insert">created outside the IETF Standards</span></td><td class="lineno" valign="top"></td></tr>
80      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Process, except to format it for publication as an RFC or to</span></td><td class="lineno" valign="top"></td></tr>
81      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   translate it into languages other than English.</span></td><td class="lineno" valign="top"></td></tr>
82      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
83      <tr><td class="lineno" valign="top"></td><td class="left">   Internet-Drafts are working documents of the Internet Engineering</td><td> </td><td class="right">   Internet-Drafts are working documents of the Internet Engineering</td><td class="lineno" valign="top"></td></tr>
84      <tr><td class="lineno" valign="top"></td><td class="left">   Task Force (IETF), its areas, and its working groups.  Note that</td><td> </td><td class="right">   Task Force (IETF), its areas, and its working groups.  Note that</td><td class="lineno" valign="top"></td></tr>
85      <tr><td class="lineno" valign="top"></td><td class="left">   other groups may also distribute working documents as Internet-</td><td> </td><td class="right">   other groups may also distribute working documents as Internet-</td><td class="lineno" valign="top"></td></tr>
86      <tr><td class="lineno" valign="top"></td><td class="left">   Drafts.</td><td> </td><td class="right">   Drafts.</td><td class="lineno" valign="top"></td></tr>
87      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
88      <tr><td class="lineno" valign="top"></td><td class="left">   Internet-Drafts are draft documents valid for a maximum of six months</td><td> </td><td class="right">   Internet-Drafts are draft documents valid for a maximum of six months</td><td class="lineno" valign="top"></td></tr>
89      <tr><td class="lineno" valign="top"></td><td class="left">   and may be updated, replaced, or obsoleted by other documents at any</td><td> </td><td class="right">   and may be updated, replaced, or obsoleted by other documents at any</td><td class="lineno" valign="top"></td></tr>
90      <tr><td class="lineno" valign="top"></td><td class="left">   time.  It is inappropriate to use Internet-Drafts as reference</td><td> </td><td class="right">   time.  It is inappropriate to use Internet-Drafts as reference</td><td class="lineno" valign="top"></td></tr>
91      <tr><td class="lineno" valign="top"></td><td class="left">   material or to cite them other than as "work in progress."</td><td> </td><td class="right">   material or to cite them other than as "work in progress."</td><td class="lineno" valign="top"></td></tr>
92      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
93      <tr bgcolor="gray" ><td></td><th><a name="part-l2" /><small>skipping to change at</small><em> page 1, line 42</em></th><th> </th><th><a name="part-r2" /><small>skipping to change at</small><em> page 2, line 4</em></th><td></td></tr>
94      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
95      <tr><td class="lineno" valign="top"></td><td class="left">   Internet-Drafts are working documents of the Internet Engineering</td><td> </td><td class="right">   Internet-Drafts are working documents of the Internet Engineering</td><td class="lineno" valign="top"></td></tr>
96      <tr><td class="lineno" valign="top"></td><td class="left">   Task Force (IETF), its areas, and its working groups.  Note that</td><td> </td><td class="right">   Task Force (IETF), its areas, and its working groups.  Note that</td><td class="lineno" valign="top"></td></tr>
97      <tr><td class="lineno" valign="top"></td><td class="left">   other groups may also distribute working documents as Internet-</td><td> </td><td class="right">   other groups may also distribute working documents as Internet-</td><td class="lineno" valign="top"></td></tr>
98      <tr><td class="lineno" valign="top"></td><td class="left">   Drafts.</td><td> </td><td class="right">   Drafts.</td><td class="lineno" valign="top"></td></tr>
99      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
100      <tr><td class="lineno" valign="top"></td><td class="left">   Internet-Drafts are draft documents valid for a maximum of six months</td><td> </td><td class="right">   Internet-Drafts are draft documents valid for a maximum of six months</td><td class="lineno" valign="top"></td></tr>
101      <tr><td class="lineno" valign="top"></td><td class="left">   and may be updated, replaced, or obsoleted by other documents at any</td><td> </td><td class="right">   and may be updated, replaced, or obsoleted by other documents at any</td><td class="lineno" valign="top"></td></tr>
102      <tr><td class="lineno" valign="top"></td><td class="left">   time.  It is inappropriate to use Internet-Drafts as reference</td><td> </td><td class="right">   time.  It is inappropriate to use Internet-Drafts as reference</td><td class="lineno" valign="top"></td></tr>
103      <tr><td class="lineno" valign="top"></td><td class="left">   material or to cite them other than as "work in progress."</td><td> </td><td class="right">   material or to cite them other than as "work in progress."</td><td class="lineno" valign="top"></td></tr>
104      <tr><td><a name="diff0006" /></td></tr>
105      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">                                                                         </span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
106      <tr><td class="lineno" valign="top"></td><td class="left">   The list of current Internet-Drafts can be accessed at</td><td> </td><td class="right">   The list of current Internet-Drafts can be accessed at</td><td class="lineno" valign="top"></td></tr>
107      <tr><td class="lineno" valign="top"></td><td class="left">   http://www.ietf.org/ietf/1id-abstracts.txt.</td><td> </td><td class="right">   http://www.ietf.org/ietf/1id-abstracts.txt.</td><td class="lineno" valign="top"></td></tr>
108      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
109      <tr><td class="lineno" valign="top"></td><td class="left">   The list of Internet-Draft Shadow Directories can be accessed at</td><td> </td><td class="right">   The list of Internet-Draft Shadow Directories can be accessed at</td><td class="lineno" valign="top"></td></tr>
110      <tr><td class="lineno" valign="top"></td><td class="left">   http://www.ietf.org/shadow.html.</td><td> </td><td class="right">   http://www.ietf.org/shadow.html.</td><td class="lineno" valign="top"></td></tr>
111      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
112      <tr><td><a name="diff0007" /></td></tr>
113      <tr><td class="lineno" valign="top"></td><td class="lblock">   This Internet-Draft will expire on <span class="delete">May 20,</span> 2009.</td><td> </td><td class="rblock">   This Internet-Draft will expire on <span class="insert">September 10,</span> 2009.</td><td class="lineno" valign="top"></td></tr>
114      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock">                                                                         </td><td class="lineno" valign="top"></td></tr>
115      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">Copyright Notice</span></td><td class="lineno" valign="top"></td></tr>
116      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
117      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Copyright (c) 2009 IETF Trust and the persons identified as the</span></td><td class="lineno" valign="top"></td></tr>
118      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   document authors.  All rights reserved.</span></td><td class="lineno" valign="top"></td></tr>
119      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
120      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   This document is subject to BCP 78 and the IETF Trust's Legal</span></td><td class="lineno" valign="top"></td></tr>
121      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Provisions Relating to IETF Documents in effect on the date of</span></td><td class="lineno" valign="top"></td></tr>
122      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   publication of this document (http://trustee.ietf.org/license-info).</span></td><td class="lineno" valign="top"></td></tr>
123      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Please review these documents carefully, as they describe your rights</span></td><td class="lineno" valign="top"></td></tr>
124      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   and restrictions with respect to this document.</span></td><td class="lineno" valign="top"></td></tr>
125      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
126      <tr><td class="lineno" valign="top"></td><td class="left">Abstract</td><td> </td><td class="right">Abstract</td><td class="lineno" valign="top"></td></tr>
127      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
128      <tr><td class="lineno" valign="top"></td><td class="left">   The Hypertext Transfer Protocol (HTTP) is an application-level</td><td> </td><td class="right">   The Hypertext Transfer Protocol (HTTP) is an application-level</td><td class="lineno" valign="top"></td></tr>
129      <tr><td class="lineno" valign="top"></td><td class="left">   protocol for distributed, collaborative, hypermedia information</td><td> </td><td class="right">   protocol for distributed, collaborative, hypermedia information</td><td class="lineno" valign="top"></td></tr>
130      <tr><td class="lineno" valign="top"></td><td class="left">   systems.  HTTP has been in use by the World Wide Web global</td><td> </td><td class="right">   systems.  HTTP has been in use by the World Wide Web global</td><td class="lineno" valign="top"></td></tr>
131      <tr><td class="lineno" valign="top"></td><td class="left">   information initiative since 1990.  This document is Part 7 of the</td><td> </td><td class="right">   information initiative since 1990.  This document is Part 7 of the</td><td class="lineno" valign="top"></td></tr>
132      <tr><td class="lineno" valign="top"></td><td class="left">   seven-part specification that defines the protocol referred to as</td><td> </td><td class="right">   seven-part specification that defines the protocol referred to as</td><td class="lineno" valign="top"></td></tr>
133      <tr><td class="lineno" valign="top"></td><td class="left">   "HTTP/1.1" and, taken together, obsoletes RFC 2616.  Part 7 defines</td><td> </td><td class="right">   "HTTP/1.1" and, taken together, obsoletes RFC 2616.  Part 7 defines</td><td class="lineno" valign="top"></td></tr>
134      <tr><td class="lineno" valign="top"></td><td class="left">   HTTP Authentication.</td><td> </td><td class="right">   HTTP Authentication.</td><td class="lineno" valign="top"></td></tr>
135      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
136      <tr><td class="lineno" valign="top"></td><td class="left">Editorial Note (To be removed by RFC Editor)</td><td> </td><td class="right">Editorial Note (To be removed by RFC Editor)</td><td class="lineno" valign="top"></td></tr>
137      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
138      <tr><td class="lineno" valign="top"></td><td class="left">   Discussion of this draft should take place on the HTTPBIS working</td><td> </td><td class="right">   Discussion of this draft should take place on the HTTPBIS working</td><td class="lineno" valign="top"></td></tr>
139      <tr><td class="lineno" valign="top"></td><td class="left">   group mailing list (ietf-http-wg@w3.org).  The current issues list is</td><td> </td><td class="right">   group mailing list (ietf-http-wg@w3.org).  The current issues list is</td><td class="lineno" valign="top"></td></tr>
140      <tr><td class="lineno" valign="top"></td><td class="left">   at &lt;http://tools.ietf.org/wg/httpbis/trac/report/11&gt; and related</td><td> </td><td class="right">   at &lt;http://tools.ietf.org/wg/httpbis/trac/report/11&gt; and related</td><td class="lineno" valign="top"></td></tr>
141      <tr><td class="lineno" valign="top"></td><td class="left">   documents (including fancy diffs) can be found at</td><td> </td><td class="right">   documents (including fancy diffs) can be found at</td><td class="lineno" valign="top"></td></tr>
142      <tr><td class="lineno" valign="top"></td><td class="left">   &lt;http://tools.ietf.org/wg/httpbis/&gt;.</td><td> </td><td class="right">   &lt;http://tools.ietf.org/wg/httpbis/&gt;.</td><td class="lineno" valign="top"></td></tr>
143      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
144      <tr><td><a name="diff0008" /></td></tr>
145      <tr><td class="lineno" valign="top"></td><td class="lblock">   The changes in this draft are summarized in Appendix <span class="delete">B.6</span>.</td><td> </td><td class="rblock">   The changes in this draft are summarized in Appendix <span class="insert">C.7</span>.</td><td class="lineno" valign="top"></td></tr>
146      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
147      <tr><td class="lineno" valign="top"></td><td class="left">Table of Contents</td><td> </td><td class="right">Table of Contents</td><td class="lineno" valign="top"></td></tr>
148      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
149      <tr><td class="lineno" valign="top"></td><td class="left">   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4</td><td> </td><td class="right">   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4</td><td class="lineno" valign="top"></td></tr>
150      <tr><td class="lineno" valign="top"></td><td class="left">     1.1.  Requirements . . . . . . . . . . . . . . . . . . . . . . .  4</td><td> </td><td class="right">     1.1.  Requirements . . . . . . . . . . . . . . . . . . . . . . .  4</td><td class="lineno" valign="top"></td></tr>
151      <tr><td><a name="diff0009" /></td></tr>
152      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">2.  Notational Conventions and Generic Grammar</span> . . . . . . . . . .  4</td><td> </td><td class="rblock">     <span class="insert">1.2.  Syntax Notation  . . . . . . . . . . .</span> . . . . . . . . . .  4</td><td class="lineno" valign="top"></td></tr>
153      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">3.</span>  Status Code Definitions  . . . . . . . . . . . . . . . . . . .  5</td><td> </td><td class="rblock">       <span class="insert">1.2.1.  Core Rules . . . . . . . . . . . . . . . . . . . . . .  5</span></td><td class="lineno" valign="top"></td></tr>
154      <tr><td class="lineno" valign="top"></td><td class="lblock">     <span class="delete">3.1.</span>  401 Unauthorized . . . . . . . . . . . . . . . . . . . . .  5</td><td> </td><td class="rblock"><span class="insert">       1.2.2.  ABNF Rules defined in other Parts of the</span></td><td class="lineno" valign="top"></td></tr>
155      <tr><td class="lineno" valign="top"></td><td class="lblock">     <span class="delete">3.2.</span>  407 Proxy Authentication Required  . . . . . . . . . . . .  5</td><td> </td><td class="rblock"><span class="insert">               Specification  . . . . . . . . . . . . . . . . . . . .  5</span></td><td class="lineno" valign="top"></td></tr>
156      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">4.</span>  Header Field Definitions . . . . . . . . . . . . . . . . . . .  5</td><td> </td><td class="rblock"><span class="insert">   2.</span>  Status Code Definitions  . . . . . . . . . . . . . . . . . . .  5</td><td class="lineno" valign="top"></td></tr>
157      <tr><td class="lineno" valign="top"></td><td class="lblock">     <span class="delete">4.1.</span>  Authorization  . . . . . . . . . . . . . . . . . . . . . .  <span class="delete">5</span></td><td> </td><td class="rblock">     <span class="insert">2.1.</span>  401 Unauthorized . . . . . . . . . . . . . . . . . . . . .  5</td><td class="lineno" valign="top"></td></tr>
158      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">     4.2.</span>  Proxy-Authenticate . . . . . . . . . . . . . . . . . . . .  <span class="delete">6</span></td><td> </td><td class="rblock">     <span class="insert">2.2.</span>  407 Proxy Authentication Required  . . . . . . . . . . . .  5</td><td class="lineno" valign="top"></td></tr>
159      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">     4.3.</span>  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  7</td><td> </td><td class="rblock">   <span class="insert">3.</span>  Header Field Definitions . . . . . . . . . . . . . . . . . . .  5</td><td class="lineno" valign="top"></td></tr>
160      <tr><td class="lineno" valign="top"></td><td class="lblock">     <span class="delete">4.4.</span>  WWW-Authenticate . . . . . . . . . . . . . . . . . . . . .  7</td><td> </td><td class="rblock">     <span class="insert">3.1.</span>  Authorization  . . . . . . . . . . . . . . . . . . . . . .  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
161      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">5.</span>  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  <span class="delete">7</span></td><td> </td><td class="rblock"><span class="insert">     3.2.</span>  Proxy-Authenticate . . . . . . . . . . . . . . . . . . . .  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
162      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">     5.1.</span>  Message Header Registration  . . . . . . . . . . . . . . .  8</td><td> </td><td class="rblock"><span class="insert">     3.3.</span>  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  7</td><td class="lineno" valign="top"></td></tr>
163      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">6.</span>  Security Considerations  . . . . . . . . . . . . . . . . . . .  8</td><td> </td><td class="rblock">     <span class="insert">3.4.</span>  WWW-Authenticate . . . . . . . . . . . . . . . . . . . . .  7</td><td class="lineno" valign="top"></td></tr>
164      <tr><td class="lineno" valign="top"></td><td class="lblock">     <span class="delete">6.1.</span>  Authentication Credentials and Idle Clients  . . . . . . .  8</td><td> </td><td class="rblock">   <span class="insert">4.</span>  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
165      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">7.</span>  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . .  9</td><td> </td><td class="rblock"><span class="insert">     4.1.</span>  Message Header Registration  . . . . . . . . . . . . . . .  8</td><td class="lineno" valign="top"></td></tr>
166      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">8.</span>  References . . . . . . . . . . . . . . . . . . . . . . . . . .  9</td><td> </td><td class="rblock">   <span class="insert">5.</span>  Security Considerations  . . . . . . . . . . . . . . . . . . .  8</td><td class="lineno" valign="top"></td></tr>
167      <tr><td class="lineno" valign="top"></td><td class="lblock">     <span class="delete">8.1.</span>  Normative References . . . . . . . . . . . . . . . . . . .  9</td><td> </td><td class="rblock">     <span class="insert">5.1.</span>  Authentication Credentials and Idle Clients  . . . . . . .  8</td><td class="lineno" valign="top"></td></tr>
168      <tr><td class="lineno" valign="top"></td><td class="lblock">     <span class="delete">8.2.</span>  Informative References . . . . . . . . . . . . . . . . . .  <span class="delete">9</span></td><td> </td><td class="rblock">   <span class="insert">6.</span>  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . .  9</td><td class="lineno" valign="top"></td></tr>
169      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock">   <span class="insert">7.</span>  References . . . . . . . . . . . . . . . . . . . . . . . . . .  9</td><td class="lineno" valign="top"></td></tr>
170      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock">     <span class="insert">7.1.</span>  Normative References . . . . . . . . . . . . . . . . . . .  9</td><td class="lineno" valign="top"></td></tr>
171      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock">     <span class="insert">7.2.</span>  Informative References . . . . . . . . . . . . . . . . . . <span class="insert">10</span></td><td class="lineno" valign="top"></td></tr>
172      <tr><td class="lineno" valign="top"></td><td class="left">   Appendix A.  Compatibility with Previous Versions  . . . . . . . . 10</td><td> </td><td class="right">   Appendix A.  Compatibility with Previous Versions  . . . . . . . . 10</td><td class="lineno" valign="top"></td></tr>
173      <tr><td class="lineno" valign="top"></td><td class="left">     A.1.  Changes from RFC 2616  . . . . . . . . . . . . . . . . . . 10</td><td> </td><td class="right">     A.1.  Changes from RFC 2616  . . . . . . . . . . . . . . . . . . 10</td><td class="lineno" valign="top"></td></tr>
174      <tr><td><a name="diff0010" /></td></tr>
175      <tr><td class="lineno" valign="top"></td><td class="lblock">   Appendix B.  Change Log (to be removed by RFC Editor before</td><td> </td><td class="rblock">   Appendix B.  <span class="insert">Collected ABNF  . . . . . . . . . . . . . . . . . . . 10</span></td><td class="lineno" valign="top"></td></tr>
176      <tr><td class="lineno" valign="top"></td><td class="lblock">                publication)  . . . . . . . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert">   Appendix C.</span>  Change Log (to be removed by RFC Editor before</td><td class="lineno" valign="top"></td></tr>
177      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">     B.1.</span>  Since RFC2616  . . . . . . . . . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock">                publication)  . . . . . . . . . . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
178      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">     B.2.</span>  Since draft-ietf-httpbis-p7-auth-00  . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert">     C.1.</span>  Since RFC2616  . . . . . . . . . . . . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
179      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">     B.3.</span>  Since draft-ietf-httpbis-p7-auth-01  . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert">     C.2.</span>  Since draft-ietf-httpbis-p7-auth-00  . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
180      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">     B.4.</span>  Since draft-ietf-httpbis-p7-auth-02  . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert">     C.3.</span>  Since draft-ietf-httpbis-p7-auth-01  . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
181      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">     B.5.</span>  Since draft-ietf-httpbis-p7-auth-03  . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert">     C.4.</span>  Since draft-ietf-httpbis-p7-auth-02  . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
182      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">     B.6.</span>  Since draft-ietf-httpbis-p7-auth-04  . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock"><span class="insert">     C.5.</span>  Since draft-ietf-httpbis-p7-auth-03  . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
183      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Index</span>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">11</span></td><td> </td><td class="rblock"><span class="insert">     C.6.</span>  Since draft-ietf-httpbis-p7-auth-04  . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
184      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Authors' Addresses</span> . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">11</span></td><td> </td><td class="rblock"><span class="insert">     C.7.  Since draft-ietf-httpbis-p7-auth-05</span>  . . . . . . . . . . . <span class="insert">12</span></td><td class="lineno" valign="top"></td></tr>
185      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Intellectual Property and Copyright Statements</span> . . . . . . . . . . <span class="delete">15</span></td><td> </td><td class="rblock"><span class="insert">   Index</span>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">12</span></td><td class="lineno" valign="top"></td></tr>
186      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Authors' Addresses .</span> . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr>
187      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
188      <tr><td class="lineno" valign="top"></td><td class="left">1.  Introduction</td><td> </td><td class="right">1.  Introduction</td><td class="lineno" valign="top"></td></tr>
189      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
190      <tr><td class="lineno" valign="top"></td><td class="left">   This document defines HTTP/1.1 access control and authentication.</td><td> </td><td class="right">   This document defines HTTP/1.1 access control and authentication.</td><td class="lineno" valign="top"></td></tr>
191      <tr><td class="lineno" valign="top"></td><td class="left">   Right now it includes the extracted relevant sections of RFC 2616</td><td> </td><td class="right">   Right now it includes the extracted relevant sections of RFC 2616</td><td class="lineno" valign="top"></td></tr>
192      <tr><td class="lineno" valign="top"></td><td class="left">   with only minor changes.  The intention is to move the general</td><td> </td><td class="right">   with only minor changes.  The intention is to move the general</td><td class="lineno" valign="top"></td></tr>
193      <tr><td class="lineno" valign="top"></td><td class="left">   framework for HTTP authentication here, as currently specified in</td><td> </td><td class="right">   framework for HTTP authentication here, as currently specified in</td><td class="lineno" valign="top"></td></tr>
194      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC2617], and allow the individual authentication mechanisms to be</td><td> </td><td class="right">   [RFC2617], and allow the individual authentication mechanisms to be</td><td class="lineno" valign="top"></td></tr>
195      <tr><td class="lineno" valign="top"></td><td class="left">   defined elsewhere.  This introduction will be rewritten when that</td><td> </td><td class="right">   defined elsewhere.  This introduction will be rewritten when that</td><td class="lineno" valign="top"></td></tr>
196      <tr><td class="lineno" valign="top"></td><td class="left">   occurs.</td><td> </td><td class="right">   occurs.</td><td class="lineno" valign="top"></td></tr>
197      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
198      <tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 4, line 39</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 4, line 39</em></th><td></td></tr>
199      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
200      <tr><td class="lineno" valign="top"></td><td class="left">   An implementation is not compliant if it fails to satisfy one or more</td><td> </td><td class="right">   An implementation is not compliant if it fails to satisfy one or more</td><td class="lineno" valign="top"></td></tr>
201      <tr><td class="lineno" valign="top"></td><td class="left">   of the MUST or REQUIRED level requirements for the protocols it</td><td> </td><td class="right">   of the MUST or REQUIRED level requirements for the protocols it</td><td class="lineno" valign="top"></td></tr>
202      <tr><td class="lineno" valign="top"></td><td class="left">   implements.  An implementation that satisfies all the MUST or</td><td> </td><td class="right">   implements.  An implementation that satisfies all the MUST or</td><td class="lineno" valign="top"></td></tr>
203      <tr><td class="lineno" valign="top"></td><td class="left">   REQUIRED level and all the SHOULD level requirements for its</td><td> </td><td class="right">   REQUIRED level and all the SHOULD level requirements for its</td><td class="lineno" valign="top"></td></tr>
204      <tr><td class="lineno" valign="top"></td><td class="left">   protocols is said to be "unconditionally compliant"; one that</td><td> </td><td class="right">   protocols is said to be "unconditionally compliant"; one that</td><td class="lineno" valign="top"></td></tr>
205      <tr><td class="lineno" valign="top"></td><td class="left">   satisfies all the MUST level requirements but not all the SHOULD</td><td> </td><td class="right">   satisfies all the MUST level requirements but not all the SHOULD</td><td class="lineno" valign="top"></td></tr>
206      <tr><td class="lineno" valign="top"></td><td class="left">   level requirements for its protocols is said to be "conditionally</td><td> </td><td class="right">   level requirements for its protocols is said to be "conditionally</td><td class="lineno" valign="top"></td></tr>
207      <tr><td class="lineno" valign="top"></td><td class="left">   compliant."</td><td> </td><td class="right">   compliant."</td><td class="lineno" valign="top"></td></tr>
208      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
209      <tr><td><a name="diff0011" /></td></tr>
210      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">2.  Notational Conventions and Generic Grammar</span></td><td> </td><td class="rblock"><span class="insert">1.2.  Syntax Notation</span></td><td class="lineno" valign="top"></td></tr>
211      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
212      <tr><td><a name="diff0012" /></td></tr>
213      <tr><td class="lineno" valign="top"></td><td class="lblock">   This specification uses the ABNF syntax defined in Section <span class="delete">2.1</span> of</td><td> </td><td class="rblock">   This specification uses the ABNF syntax defined in Section <span class="insert">1.2</span> of</td><td class="lineno" valign="top"></td></tr>
214      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">[Part1].</span></td><td> </td><td class="rblock">   <span class="insert">[Part1] (which extends the syntax defined in [RFC5234] with a list</span></td><td class="lineno" valign="top"></td></tr>
215      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   rule).  Appendix B shows the collected ABNF, with the list rule</span></td><td class="lineno" valign="top"></td></tr>
216      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   expanded.</span></td><td class="lineno" valign="top"></td></tr>
217      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
218      <tr><td><a name="diff0013" /></td></tr>
219      <tr><td class="lineno" valign="top"></td><td class="lblock">   The <span class="delete">ABNF</span> rules <span class="delete">below</span> are defined in <span class="delete">other specifications:</span></td><td> </td><td class="rblock">   The <span class="insert">following core</span> rules are <span class="insert">included by reference, as</span> defined in</td><td class="lineno" valign="top"></td></tr>
220      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock">   <span class="insert">[RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF</span></td><td class="lineno" valign="top"></td></tr>
221      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote),</span></td><td class="lineno" valign="top"></td></tr>
222      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   HEXDIG (hexadecimal 0-9/A-F/a-f), LF (line feed), OCTET (any 8-bit</span></td><td class="lineno" valign="top"></td></tr>
223      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   sequence of data), SP (space), VCHAR (any visible USASCII character),</span></td><td class="lineno" valign="top"></td></tr>
224      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   and WSP (whitespace).</span></td><td class="lineno" valign="top"></td></tr>
225      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
226      <tr><td><a name="diff0014" /></td></tr>
227      <tr><td class="lineno" valign="top"></td><td class="lblock">     OWS           = &lt;OWS, defined in [Part1], Section <span class="delete">2.2&gt;</span></td><td> </td><td class="rblock"><span class="insert">1.2.1.  Core Rules</span></td><td class="lineno" valign="top"></td></tr>
228      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
229      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   The core rules below are defined in Section 1.2.2 of [Part1]:</span></td><td class="lineno" valign="top"></td></tr>
230      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock">                                                                         </td><td class="lineno" valign="top"></td></tr>
231      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock">     OWS         = &lt;OWS, defined in [Part1], Section <span class="insert">1.2.2&gt;</span></td><td class="lineno" valign="top"></td></tr>
232      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
233      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">1.2.2.  ABNF Rules defined in other Parts of the Specification</span></td><td class="lineno" valign="top"></td></tr>
234      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
235      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   The ABNF rules below are defined in other specifications:</span></td><td class="lineno" valign="top"></td></tr>
236      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
237      <tr><td class="lineno" valign="top"></td><td class="left">     challenge   = &lt;challenge, defined in [RFC2617], Section 1.2&gt;</td><td> </td><td class="right">     challenge   = &lt;challenge, defined in [RFC2617], Section 1.2&gt;</td><td class="lineno" valign="top"></td></tr>
238      <tr><td class="lineno" valign="top"></td><td class="left">     credentials = &lt;credentials, defined in [RFC2617], Section 1.2&gt;</td><td> </td><td class="right">     credentials = &lt;credentials, defined in [RFC2617], Section 1.2&gt;</td><td class="lineno" valign="top"></td></tr>
239      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
240      <tr><td><a name="diff0015" /></td></tr>
241      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>.  Status Code Definitions</td><td> </td><td class="rblock"><span class="insert">2</span>.  Status Code Definitions</td><td class="lineno" valign="top"></td></tr>
242      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
243      <tr><td><a name="diff0016" /></td></tr>
244      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>.1.  401 Unauthorized</td><td> </td><td class="rblock"><span class="insert">2</span>.1.  401 Unauthorized</td><td class="lineno" valign="top"></td></tr>
245      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
246      <tr><td class="lineno" valign="top"></td><td class="left">   The request requires user authentication.  The response MUST include</td><td> </td><td class="right">   The request requires user authentication.  The response MUST include</td><td class="lineno" valign="top"></td></tr>
247      <tr><td><a name="diff0017" /></td></tr>
248      <tr><td class="lineno" valign="top"></td><td class="lblock">   a WWW-Authenticate header field (Section <span class="delete">4</span>.4) containing a challenge</td><td> </td><td class="rblock">   a WWW-Authenticate header field (Section <span class="insert">3</span>.4) containing a challenge</td><td class="lineno" valign="top"></td></tr>
249      <tr><td class="lineno" valign="top"></td><td class="left">   applicable to the requested resource.  The client MAY repeat the</td><td> </td><td class="right">   applicable to the requested resource.  The client MAY repeat the</td><td class="lineno" valign="top"></td></tr>
250      <tr><td><a name="diff0018" /></td></tr>
251      <tr><td class="lineno" valign="top"></td><td class="lblock">   request with a suitable Authorization header field (Section <span class="delete">4</span>.1).  If</td><td> </td><td class="rblock">   request with a suitable Authorization header field (Section <span class="insert">3</span>.1).  If</td><td class="lineno" valign="top"></td></tr>
252      <tr><td class="lineno" valign="top"></td><td class="left">   the request already included Authorization credentials, then the 401</td><td> </td><td class="right">   the request already included Authorization credentials, then the 401</td><td class="lineno" valign="top"></td></tr>
253      <tr><td class="lineno" valign="top"></td><td class="left">   response indicates that authorization has been refused for those</td><td> </td><td class="right">   response indicates that authorization has been refused for those</td><td class="lineno" valign="top"></td></tr>
254      <tr><td class="lineno" valign="top"></td><td class="left">   credentials.  If the 401 response contains the same challenge as the</td><td> </td><td class="right">   credentials.  If the 401 response contains the same challenge as the</td><td class="lineno" valign="top"></td></tr>
255      <tr><td class="lineno" valign="top"></td><td class="left">   prior response, and the user agent has already attempted</td><td> </td><td class="right">   prior response, and the user agent has already attempted</td><td class="lineno" valign="top"></td></tr>
256      <tr><td class="lineno" valign="top"></td><td class="left">   authentication at least once, then the user SHOULD be presented the</td><td> </td><td class="right">   authentication at least once, then the user SHOULD be presented the</td><td class="lineno" valign="top"></td></tr>
257      <tr><td class="lineno" valign="top"></td><td class="left">   entity that was given in the response, since that entity might</td><td> </td><td class="right">   entity that was given in the response, since that entity might</td><td class="lineno" valign="top"></td></tr>
258      <tr><td class="lineno" valign="top"></td><td class="left">   include relevant diagnostic information.  HTTP access authentication</td><td> </td><td class="right">   include relevant diagnostic information.  HTTP access authentication</td><td class="lineno" valign="top"></td></tr>
259      <tr><td class="lineno" valign="top"></td><td class="left">   is explained in "HTTP Authentication: Basic and Digest Access</td><td> </td><td class="right">   is explained in "HTTP Authentication: Basic and Digest Access</td><td class="lineno" valign="top"></td></tr>
260      <tr><td class="lineno" valign="top"></td><td class="left">   Authentication" [RFC2617].</td><td> </td><td class="right">   Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
261      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
262      <tr><td><a name="diff0019" /></td></tr>
263      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">3</span>.2.  407 Proxy Authentication Required</td><td> </td><td class="rblock"><span class="insert">2</span>.2.  407 Proxy Authentication Required</td><td class="lineno" valign="top"></td></tr>
264      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
265      <tr><td class="lineno" valign="top"></td><td class="left">   This code is similar to 401 (Unauthorized), but indicates that the</td><td> </td><td class="right">   This code is similar to 401 (Unauthorized), but indicates that the</td><td class="lineno" valign="top"></td></tr>
266      <tr><td class="lineno" valign="top"></td><td class="left">   client must first authenticate itself with the proxy.  The proxy MUST</td><td> </td><td class="right">   client must first authenticate itself with the proxy.  The proxy MUST</td><td class="lineno" valign="top"></td></tr>
267      <tr><td><a name="diff0020" /></td></tr>
268      <tr><td class="lineno" valign="top"></td><td class="lblock">   return a Proxy-Authenticate header field (Section <span class="delete">4</span>.2) containing a</td><td> </td><td class="rblock">   return a Proxy-Authenticate header field (Section <span class="insert">3</span>.2) containing a</td><td class="lineno" valign="top"></td></tr>
269      <tr><td class="lineno" valign="top"></td><td class="left">   challenge applicable to the proxy for the requested resource.  The</td><td> </td><td class="right">   challenge applicable to the proxy for the requested resource.  The</td><td class="lineno" valign="top"></td></tr>
270      <tr><td class="lineno" valign="top"></td><td class="left">   client MAY repeat the request with a suitable Proxy-Authorization</td><td> </td><td class="right">   client MAY repeat the request with a suitable Proxy-Authorization</td><td class="lineno" valign="top"></td></tr>
271      <tr><td><a name="diff0021" /></td></tr>
272      <tr><td class="lineno" valign="top"></td><td class="lblock">   header field (Section <span class="delete">4</span>.3).  HTTP access authentication is explained</td><td> </td><td class="rblock">   header field (Section <span class="insert">3</span>.3).  HTTP access authentication is explained</td><td class="lineno" valign="top"></td></tr>
273      <tr><td class="lineno" valign="top"></td><td class="left">   in "HTTP Authentication: Basic and Digest Access Authentication"</td><td> </td><td class="right">   in "HTTP Authentication: Basic and Digest Access Authentication"</td><td class="lineno" valign="top"></td></tr>
274      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC2617].</td><td> </td><td class="right">   [RFC2617].</td><td class="lineno" valign="top"></td></tr>
275      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
276      <tr><td><a name="diff0022" /></td></tr>
277      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>.  Header Field Definitions</td><td> </td><td class="rblock"><span class="insert">3</span>.  Header Field Definitions</td><td class="lineno" valign="top"></td></tr>
278      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
279      <tr><td class="lineno" valign="top"></td><td class="left">   This section defines the syntax and semantics of HTTP/1.1 header</td><td> </td><td class="right">   This section defines the syntax and semantics of HTTP/1.1 header</td><td class="lineno" valign="top"></td></tr>
280      <tr><td class="lineno" valign="top"></td><td class="left">   fields related to authentication.</td><td> </td><td class="right">   fields related to authentication.</td><td class="lineno" valign="top"></td></tr>
281      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
282      <tr><td><a name="diff0023" /></td></tr>
283      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>.1.  Authorization</td><td> </td><td class="rblock"><span class="insert">3</span>.1.  Authorization</td><td class="lineno" valign="top"></td></tr>
284      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
285      <tr><td class="lineno" valign="top"></td><td class="left">   A user agent that wishes to authenticate itself with a server--</td><td> </td><td class="right">   A user agent that wishes to authenticate itself with a server--</td><td class="lineno" valign="top"></td></tr>
286      <tr><td class="lineno" valign="top"></td><td class="left">   usually, but not necessarily, after receiving a 401 response--does so</td><td> </td><td class="right">   usually, but not necessarily, after receiving a 401 response--does so</td><td class="lineno" valign="top"></td></tr>
287      <tr><td class="lineno" valign="top"></td><td class="left">   by including an Authorization request-header field with the request.</td><td> </td><td class="right">   by including an Authorization request-header field with the request.</td><td class="lineno" valign="top"></td></tr>
288      <tr><td class="lineno" valign="top"></td><td class="left">   The field "Authorization" consists of credentials containing the</td><td> </td><td class="right">   The field "Authorization" consists of credentials containing the</td><td class="lineno" valign="top"></td></tr>
289      <tr><td class="lineno" valign="top"></td><td class="left">   authentication information of the user agent for the realm of the</td><td> </td><td class="right">   authentication information of the user agent for the realm of the</td><td class="lineno" valign="top"></td></tr>
290      <tr><td class="lineno" valign="top"></td><td class="left">   resource being requested.</td><td> </td><td class="right">   resource being requested.</td><td class="lineno" valign="top"></td></tr>
291      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
292      <tr><td class="lineno" valign="top"></td><td class="left">     Authorization   = "Authorization" ":" OWS Authorization-v</td><td> </td><td class="right">     Authorization   = "Authorization" ":" OWS Authorization-v</td><td class="lineno" valign="top"></td></tr>
293      <tr><td class="lineno" valign="top"></td><td class="left">     Authorization-v = credentials</td><td> </td><td class="right">     Authorization-v = credentials</td><td class="lineno" valign="top"></td></tr>
294      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
295      <tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 6, line 4</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 6, line 18</em></th><td></td></tr>
296      <tr><td class="lineno" valign="top"></td><td class="left">   usually, but not necessarily, after receiving a 401 response--does so</td><td> </td><td class="right">   usually, but not necessarily, after receiving a 401 response--does so</td><td class="lineno" valign="top"></td></tr>
297      <tr><td class="lineno" valign="top"></td><td class="left">   by including an Authorization request-header field with the request.</td><td> </td><td class="right">   by including an Authorization request-header field with the request.</td><td class="lineno" valign="top"></td></tr>
298      <tr><td class="lineno" valign="top"></td><td class="left">   The field "Authorization" consists of credentials containing the</td><td> </td><td class="right">   The field "Authorization" consists of credentials containing the</td><td class="lineno" valign="top"></td></tr>
299      <tr><td class="lineno" valign="top"></td><td class="left">   authentication information of the user agent for the realm of the</td><td> </td><td class="right">   authentication information of the user agent for the realm of the</td><td class="lineno" valign="top"></td></tr>
300      <tr><td class="lineno" valign="top"></td><td class="left">   resource being requested.</td><td> </td><td class="right">   resource being requested.</td><td class="lineno" valign="top"></td></tr>
301      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
302      <tr><td class="lineno" valign="top"></td><td class="left">     Authorization   = "Authorization" ":" OWS Authorization-v</td><td> </td><td class="right">     Authorization   = "Authorization" ":" OWS Authorization-v</td><td class="lineno" valign="top"></td></tr>
303      <tr><td class="lineno" valign="top"></td><td class="left">     Authorization-v = credentials</td><td> </td><td class="right">     Authorization-v = credentials</td><td class="lineno" valign="top"></td></tr>
304      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
305      <tr><td class="lineno" valign="top"></td><td class="left">   HTTP access authentication is described in "HTTP Authentication:</td><td> </td><td class="right">   HTTP access authentication is described in "HTTP Authentication:</td><td class="lineno" valign="top"></td></tr>
306      <tr><td><a name="diff0024" /></td></tr>
307      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">                                                                         </span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
308      <tr><td class="lineno" valign="top"></td><td class="left">   Basic and Digest Access Authentication" [RFC2617].  If a request is</td><td> </td><td class="right">   Basic and Digest Access Authentication" [RFC2617].  If a request is</td><td class="lineno" valign="top"></td></tr>
309      <tr><td class="lineno" valign="top"></td><td class="left">   authenticated and a realm specified, the same credentials SHOULD be</td><td> </td><td class="right">   authenticated and a realm specified, the same credentials SHOULD be</td><td class="lineno" valign="top"></td></tr>
310      <tr><td class="lineno" valign="top"></td><td class="left">   valid for all other requests within this realm (assuming that the</td><td> </td><td class="right">   valid for all other requests within this realm (assuming that the</td><td class="lineno" valign="top"></td></tr>
311      <tr><td class="lineno" valign="top"></td><td class="left">   authentication scheme itself does not require otherwise, such as</td><td> </td><td class="right">   authentication scheme itself does not require otherwise, such as</td><td class="lineno" valign="top"></td></tr>
312      <tr><td class="lineno" valign="top"></td><td class="left">   credentials that vary according to a challenge value or using</td><td> </td><td class="right">   credentials that vary according to a challenge value or using</td><td class="lineno" valign="top"></td></tr>
313      <tr><td class="lineno" valign="top"></td><td class="left">   synchronized clocks).</td><td> </td><td class="right">   synchronized clocks).</td><td class="lineno" valign="top"></td></tr>
314      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
315      <tr><td><a name="diff0025" /></td></tr>
316      <tr><td class="lineno" valign="top"></td><td class="lblock">   When a shared cache (see Section <span class="delete">9</span> of [Part6]) receives a request</td><td> </td><td class="rblock">   When a shared cache (see Section <span class="insert">1.2</span> of [Part6]) receives a request</td><td class="lineno" valign="top"></td></tr>
317      <tr><td class="lineno" valign="top"></td><td class="left">   containing an Authorization field, it MUST NOT return the</td><td> </td><td class="right">   containing an Authorization field, it MUST NOT return the</td><td class="lineno" valign="top"></td></tr>
318      <tr><td class="lineno" valign="top"></td><td class="left">   corresponding response as a reply to any other request, unless one of</td><td> </td><td class="right">   corresponding response as a reply to any other request, unless one of</td><td class="lineno" valign="top"></td></tr>
319      <tr><td class="lineno" valign="top"></td><td class="left">   the following specific exceptions holds:</td><td> </td><td class="right">   the following specific exceptions holds:</td><td class="lineno" valign="top"></td></tr>
320      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
321      <tr><td class="lineno" valign="top"></td><td class="left">   1.  If the response includes the "s-maxage" cache-control directive,</td><td> </td><td class="right">   1.  If the response includes the "s-maxage" cache-control directive,</td><td class="lineno" valign="top"></td></tr>
322      <tr><td class="lineno" valign="top"></td><td class="left">       the cache MAY use that response in replying to a subsequent</td><td> </td><td class="right">       the cache MAY use that response in replying to a subsequent</td><td class="lineno" valign="top"></td></tr>
323      <tr><td class="lineno" valign="top"></td><td class="left">       request.  But (if the specified maximum age has passed) a proxy</td><td> </td><td class="right">       request.  But (if the specified maximum age has passed) a proxy</td><td class="lineno" valign="top"></td></tr>
324      <tr><td class="lineno" valign="top"></td><td class="left">       cache MUST first revalidate it with the origin server, using the</td><td> </td><td class="right">       cache MUST first revalidate it with the origin server, using the</td><td class="lineno" valign="top"></td></tr>
325      <tr><td class="lineno" valign="top"></td><td class="left">       request-headers from the new request to allow the origin server</td><td> </td><td class="right">       request-headers from the new request to allow the origin server</td><td class="lineno" valign="top"></td></tr>
326      <tr><td class="lineno" valign="top"></td><td class="left">       to authenticate the new request.  (This is the defined behavior</td><td> </td><td class="right">       to authenticate the new request.  (This is the defined behavior</td><td class="lineno" valign="top"></td></tr>
327      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
328      <tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 6, line 36</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 7, line 5</em></th><td></td></tr>
329      <tr><td class="lineno" valign="top"></td><td class="left">   2.  If the response includes the "must-revalidate" cache-control</td><td> </td><td class="right">   2.  If the response includes the "must-revalidate" cache-control</td><td class="lineno" valign="top"></td></tr>
330      <tr><td class="lineno" valign="top"></td><td class="left">       directive, the cache MAY use that response in replying to a</td><td> </td><td class="right">       directive, the cache MAY use that response in replying to a</td><td class="lineno" valign="top"></td></tr>
331      <tr><td class="lineno" valign="top"></td><td class="left">       subsequent request.  But if the response is stale, all caches</td><td> </td><td class="right">       subsequent request.  But if the response is stale, all caches</td><td class="lineno" valign="top"></td></tr>
332      <tr><td class="lineno" valign="top"></td><td class="left">       MUST first revalidate it with the origin server, using the</td><td> </td><td class="right">       MUST first revalidate it with the origin server, using the</td><td class="lineno" valign="top"></td></tr>
333      <tr><td class="lineno" valign="top"></td><td class="left">       request-headers from the new request to allow the origin server</td><td> </td><td class="right">       request-headers from the new request to allow the origin server</td><td class="lineno" valign="top"></td></tr>
334      <tr><td class="lineno" valign="top"></td><td class="left">       to authenticate the new request.</td><td> </td><td class="right">       to authenticate the new request.</td><td class="lineno" valign="top"></td></tr>
335      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
336      <tr><td class="lineno" valign="top"></td><td class="left">   3.  If the response includes the "public" cache-control directive, it</td><td> </td><td class="right">   3.  If the response includes the "public" cache-control directive, it</td><td class="lineno" valign="top"></td></tr>
337      <tr><td class="lineno" valign="top"></td><td class="left">       MAY be returned in reply to any subsequent request.</td><td> </td><td class="right">       MAY be returned in reply to any subsequent request.</td><td class="lineno" valign="top"></td></tr>
338      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
339      <tr><td><a name="diff0026" /></td></tr>
340      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>.2.  Proxy-Authenticate</td><td> </td><td class="rblock"><span class="insert">3</span>.2.  Proxy-Authenticate</td><td class="lineno" valign="top"></td></tr>
341      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
342      <tr><td class="lineno" valign="top"></td><td class="left">   The response-header field "Proxy-Authenticate" MUST be included as</td><td> </td><td class="right">   The response-header field "Proxy-Authenticate" MUST be included as</td><td class="lineno" valign="top"></td></tr>
343      <tr><td class="lineno" valign="top"></td><td class="left">   part of a 407 (Proxy Authentication Required) response.  The field</td><td> </td><td class="right">   part of a 407 (Proxy Authentication Required) response.  The field</td><td class="lineno" valign="top"></td></tr>
344      <tr><td class="lineno" valign="top"></td><td class="left">   value consists of a challenge that indicates the authentication</td><td> </td><td class="right">   value consists of a challenge that indicates the authentication</td><td class="lineno" valign="top"></td></tr>
345      <tr><td><a name="diff0027" /></td></tr>
346      <tr><td class="lineno" valign="top"></td><td class="lblock">   scheme and parameters applicable to the proxy for this <span class="delete">Request-URI.</span></td><td> </td><td class="rblock">   scheme and parameters applicable to the proxy for this <span class="insert">request-</span></td><td class="lineno" valign="top"></td></tr>
347      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   target.</span></td><td class="lineno" valign="top"></td></tr>
348      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
349      <tr><td class="lineno" valign="top"></td><td class="left">     Proxy-Authenticate   = "Proxy-Authenticate" ":" OWS</td><td> </td><td class="right">     Proxy-Authenticate   = "Proxy-Authenticate" ":" OWS</td><td class="lineno" valign="top"></td></tr>
350      <tr><td class="lineno" valign="top"></td><td class="left">                            Proxy-Authenticate-v</td><td> </td><td class="right">                            Proxy-Authenticate-v</td><td class="lineno" valign="top"></td></tr>
351      <tr><td class="lineno" valign="top"></td><td class="left">     Proxy-Authenticate-v = 1#challenge</td><td> </td><td class="right">     Proxy-Authenticate-v = 1#challenge</td><td class="lineno" valign="top"></td></tr>
352      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
353      <tr><td class="lineno" valign="top"></td><td class="left">   The HTTP access authentication process is described in "HTTP</td><td> </td><td class="right">   The HTTP access authentication process is described in "HTTP</td><td class="lineno" valign="top"></td></tr>
354      <tr><td class="lineno" valign="top"></td><td class="left">   Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td> </td><td class="right">   Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
355      <tr><td class="lineno" valign="top"></td><td class="left">   Unlike WWW-Authenticate, the Proxy-Authenticate header field applies</td><td> </td><td class="right">   Unlike WWW-Authenticate, the Proxy-Authenticate header field applies</td><td class="lineno" valign="top"></td></tr>
356      <tr><td class="lineno" valign="top"></td><td class="left">   only to the current connection and SHOULD NOT be passed on to</td><td> </td><td class="right">   only to the current connection and SHOULD NOT be passed on to</td><td class="lineno" valign="top"></td></tr>
357      <tr><td class="lineno" valign="top"></td><td class="left">   downstream clients.  However, an intermediate proxy might need to</td><td> </td><td class="right">   downstream clients.  However, an intermediate proxy might need to</td><td class="lineno" valign="top"></td></tr>
358      <tr><td class="lineno" valign="top"></td><td class="left">   obtain its own credentials by requesting them from the downstream</td><td> </td><td class="right">   obtain its own credentials by requesting them from the downstream</td><td class="lineno" valign="top"></td></tr>
359      <tr><td class="lineno" valign="top"></td><td class="left">   client, which in some circumstances will appear as if the proxy is</td><td> </td><td class="right">   client, which in some circumstances will appear as if the proxy is</td><td class="lineno" valign="top"></td></tr>
360      <tr><td class="lineno" valign="top"></td><td class="left">   forwarding the Proxy-Authenticate header field.</td><td> </td><td class="right">   forwarding the Proxy-Authenticate header field.</td><td class="lineno" valign="top"></td></tr>
361      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
362      <tr><td><a name="diff0028" /></td></tr>
363      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>.3.  Proxy-Authorization</td><td> </td><td class="rblock"><span class="insert">3</span>.3.  Proxy-Authorization</td><td class="lineno" valign="top"></td></tr>
364      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
365      <tr><td class="lineno" valign="top"></td><td class="left">   The request-header field "Proxy-Authorization" allows the client to</td><td> </td><td class="right">   The request-header field "Proxy-Authorization" allows the client to</td><td class="lineno" valign="top"></td></tr>
366      <tr><td class="lineno" valign="top"></td><td class="left">   identify itself (or its user) to a proxy which requires</td><td> </td><td class="right">   identify itself (or its user) to a proxy which requires</td><td class="lineno" valign="top"></td></tr>
367      <tr><td class="lineno" valign="top"></td><td class="left">   authentication.  The Proxy-Authorization field value consists of</td><td> </td><td class="right">   authentication.  The Proxy-Authorization field value consists of</td><td class="lineno" valign="top"></td></tr>
368      <tr><td class="lineno" valign="top"></td><td class="left">   credentials containing the authentication information of the user</td><td> </td><td class="right">   credentials containing the authentication information of the user</td><td class="lineno" valign="top"></td></tr>
369      <tr><td class="lineno" valign="top"></td><td class="left">   agent for the proxy and/or realm of the resource being requested.</td><td> </td><td class="right">   agent for the proxy and/or realm of the resource being requested.</td><td class="lineno" valign="top"></td></tr>
370      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
371      <tr><td class="lineno" valign="top"></td><td class="left">     Proxy-Authorization   = "Proxy-Authorization" ":" OWS</td><td> </td><td class="right">     Proxy-Authorization   = "Proxy-Authorization" ":" OWS</td><td class="lineno" valign="top"></td></tr>
372      <tr><td class="lineno" valign="top"></td><td class="left">                             Proxy-Authorization-v</td><td> </td><td class="right">                             Proxy-Authorization-v</td><td class="lineno" valign="top"></td></tr>
373      <tr><td class="lineno" valign="top"></td><td class="left">     Proxy-Authorization-v = credentials</td><td> </td><td class="right">     Proxy-Authorization-v = credentials</td><td class="lineno" valign="top"></td></tr>
374      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
375      <tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 7, line 30</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 7, line 49</em></th><td></td></tr>
376      <tr><td class="lineno" valign="top"></td><td class="left">   Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td> </td><td class="right">   Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
377      <tr><td class="lineno" valign="top"></td><td class="left">   Unlike Authorization, the Proxy-Authorization header field applies</td><td> </td><td class="right">   Unlike Authorization, the Proxy-Authorization header field applies</td><td class="lineno" valign="top"></td></tr>
378      <tr><td class="lineno" valign="top"></td><td class="left">   only to the next outbound proxy that demanded authentication using</td><td> </td><td class="right">   only to the next outbound proxy that demanded authentication using</td><td class="lineno" valign="top"></td></tr>
379      <tr><td class="lineno" valign="top"></td><td class="left">   the Proxy-Authenticate field.  When multiple proxies are used in a</td><td> </td><td class="right">   the Proxy-Authenticate field.  When multiple proxies are used in a</td><td class="lineno" valign="top"></td></tr>
380      <tr><td class="lineno" valign="top"></td><td class="left">   chain, the Proxy-Authorization header field is consumed by the first</td><td> </td><td class="right">   chain, the Proxy-Authorization header field is consumed by the first</td><td class="lineno" valign="top"></td></tr>
381      <tr><td class="lineno" valign="top"></td><td class="left">   outbound proxy that was expecting to receive credentials.  A proxy</td><td> </td><td class="right">   outbound proxy that was expecting to receive credentials.  A proxy</td><td class="lineno" valign="top"></td></tr>
382      <tr><td class="lineno" valign="top"></td><td class="left">   MAY relay the credentials from the client request to the next proxy</td><td> </td><td class="right">   MAY relay the credentials from the client request to the next proxy</td><td class="lineno" valign="top"></td></tr>
383      <tr><td class="lineno" valign="top"></td><td class="left">   if that is the mechanism by which the proxies cooperatively</td><td> </td><td class="right">   if that is the mechanism by which the proxies cooperatively</td><td class="lineno" valign="top"></td></tr>
384      <tr><td class="lineno" valign="top"></td><td class="left">   authenticate a given request.</td><td> </td><td class="right">   authenticate a given request.</td><td class="lineno" valign="top"></td></tr>
385      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
386      <tr><td><a name="diff0029" /></td></tr>
387      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">4</span>.4.  WWW-Authenticate</td><td> </td><td class="rblock"><span class="insert">3</span>.4.  WWW-Authenticate</td><td class="lineno" valign="top"></td></tr>
388      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
389      <tr><td class="lineno" valign="top"></td><td class="left">   The WWW-Authenticate response-header field MUST be included in 401</td><td> </td><td class="right">   The WWW-Authenticate response-header field MUST be included in 401</td><td class="lineno" valign="top"></td></tr>
390      <tr><td class="lineno" valign="top"></td><td class="left">   (Unauthorized) response messages.  The field value consists of at</td><td> </td><td class="right">   (Unauthorized) response messages.  The field value consists of at</td><td class="lineno" valign="top"></td></tr>
391      <tr><td class="lineno" valign="top"></td><td class="left">   least one challenge that indicates the authentication scheme(s) and</td><td> </td><td class="right">   least one challenge that indicates the authentication scheme(s) and</td><td class="lineno" valign="top"></td></tr>
392      <tr><td><a name="diff0030" /></td></tr>
393      <tr><td class="lineno" valign="top"></td><td class="lblock">   parameters applicable to the <span class="delete">Request-URI</span>.</td><td> </td><td class="rblock">   parameters applicable to the <span class="insert">request-target</span>.</td><td class="lineno" valign="top"></td></tr>
394      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
395      <tr><td class="lineno" valign="top"></td><td class="left">     WWW-Authenticate   = "WWW-Authenticate" ":" OWS WWW-Authenticate-v</td><td> </td><td class="right">     WWW-Authenticate   = "WWW-Authenticate" ":" OWS WWW-Authenticate-v</td><td class="lineno" valign="top"></td></tr>
396      <tr><td class="lineno" valign="top"></td><td class="left">     WWW-Authenticate-v = 1#challenge</td><td> </td><td class="right">     WWW-Authenticate-v = 1#challenge</td><td class="lineno" valign="top"></td></tr>
397      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
398      <tr><td class="lineno" valign="top"></td><td class="left">   The HTTP access authentication process is described in "HTTP</td><td> </td><td class="right">   The HTTP access authentication process is described in "HTTP</td><td class="lineno" valign="top"></td></tr>
399      <tr><td class="lineno" valign="top"></td><td class="left">   Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td> </td><td class="right">   Authentication: Basic and Digest Access Authentication" [RFC2617].</td><td class="lineno" valign="top"></td></tr>
400      <tr><td class="lineno" valign="top"></td><td class="left">   User agents are advised to take special care in parsing the WWW-</td><td> </td><td class="right">   User agents are advised to take special care in parsing the WWW-</td><td class="lineno" valign="top"></td></tr>
401      <tr><td class="lineno" valign="top"></td><td class="left">   Authenticate field value as it might contain more than one challenge,</td><td> </td><td class="right">   Authenticate field value as it might contain more than one challenge,</td><td class="lineno" valign="top"></td></tr>
402      <tr><td class="lineno" valign="top"></td><td class="left">   or if more than one WWW-Authenticate header field is provided, the</td><td> </td><td class="right">   or if more than one WWW-Authenticate header field is provided, the</td><td class="lineno" valign="top"></td></tr>
403      <tr><td class="lineno" valign="top"></td><td class="left">   contents of a challenge itself can contain a comma-separated list of</td><td> </td><td class="right">   contents of a challenge itself can contain a comma-separated list of</td><td class="lineno" valign="top"></td></tr>
404      <tr><td class="lineno" valign="top"></td><td class="left">   authentication parameters.</td><td> </td><td class="right">   authentication parameters.</td><td class="lineno" valign="top"></td></tr>
405      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
406      <tr><td><a name="diff0031" /></td></tr>
407      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">5</span>.  IANA Considerations</td><td> </td><td class="rblock"><span class="insert">4</span>.  IANA Considerations</td><td class="lineno" valign="top"></td></tr>
408      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
409      <tr><td><a name="diff0032" /></td></tr>
410      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">5</span>.1.  Message Header Registration</td><td> </td><td class="rblock"><span class="insert">4</span>.1.  Message Header Registration</td><td class="lineno" valign="top"></td></tr>
411      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
412      <tr><td class="lineno" valign="top"></td><td class="left">   The Message Header Registry located at &lt;http://www.iana.org/</td><td> </td><td class="right">   The Message Header Registry located at &lt;http://www.iana.org/</td><td class="lineno" valign="top"></td></tr>
413      <tr><td class="lineno" valign="top"></td><td class="left">   assignments/message-headers/message-header-index.html&gt; should be</td><td> </td><td class="right">   assignments/message-headers/message-header-index.html&gt; should be</td><td class="lineno" valign="top"></td></tr>
414      <tr><td class="lineno" valign="top"></td><td class="left">   updated with the permanent registrations below (see [RFC3864]):</td><td> </td><td class="right">   updated with the permanent registrations below (see [RFC3864]):</td><td class="lineno" valign="top"></td></tr>
415      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
416      <tr><td class="lineno" valign="top"></td><td class="left">   +---------------------+----------+----------+-------------+</td><td> </td><td class="right">   +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
417      <tr><td class="lineno" valign="top"></td><td class="left">   | Header Field Name   | Protocol | Status   | Reference   |</td><td> </td><td class="right">   | Header Field Name   | Protocol | Status   | Reference   |</td><td class="lineno" valign="top"></td></tr>
418      <tr><td class="lineno" valign="top"></td><td class="left">   +---------------------+----------+----------+-------------+</td><td> </td><td class="right">   +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
419      <tr><td><a name="diff0033" /></td></tr>
420      <tr><td class="lineno" valign="top"></td><td class="lblock">   | Authorization       | http     | standard | Section <span class="delete">4.1</span> |</td><td> </td><td class="rblock">   | Authorization       | http     | standard | Section <span class="insert">3.1</span> |</td><td class="lineno" valign="top"></td></tr>
421      <tr><td class="lineno" valign="top"></td><td class="lblock">   | Proxy-Authenticate  | http     | standard | Section <span class="delete">4.2</span> |</td><td> </td><td class="rblock">   | Proxy-Authenticate  | http     | standard | Section <span class="insert">3.2</span> |</td><td class="lineno" valign="top"></td></tr>
422      <tr><td class="lineno" valign="top"></td><td class="lblock">   | Proxy-Authorization | http     | standard | Section <span class="delete">4.3</span> |</td><td> </td><td class="rblock">   | Proxy-Authorization | http     | standard | Section <span class="insert">3.3</span> |</td><td class="lineno" valign="top"></td></tr>
423      <tr><td class="lineno" valign="top"></td><td class="lblock">   | WWW-Authenticate    | http     | standard | Section <span class="delete">4.4</span> |</td><td> </td><td class="rblock">   | WWW-Authenticate    | http     | standard | Section <span class="insert">3.4</span> |</td><td class="lineno" valign="top"></td></tr>
424      <tr><td class="lineno" valign="top"></td><td class="left">   +---------------------+----------+----------+-------------+</td><td> </td><td class="right">   +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
425      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
426      <tr><td class="lineno" valign="top"></td><td class="left">   The change controller is: "IETF (iesg@ietf.org) - Internet</td><td> </td><td class="right">   The change controller is: "IETF (iesg@ietf.org) - Internet</td><td class="lineno" valign="top"></td></tr>
427      <tr><td class="lineno" valign="top"></td><td class="left">   Engineering Task Force".</td><td> </td><td class="right">   Engineering Task Force".</td><td class="lineno" valign="top"></td></tr>
428      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
429      <tr><td><a name="diff0034" /></td></tr>
430      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">6</span>.  Security Considerations</td><td> </td><td class="rblock"><span class="insert">5</span>.  Security Considerations</td><td class="lineno" valign="top"></td></tr>
431      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
432      <tr><td class="lineno" valign="top"></td><td class="left">   This section is meant to inform application developers, information</td><td> </td><td class="right">   This section is meant to inform application developers, information</td><td class="lineno" valign="top"></td></tr>
433      <tr><td class="lineno" valign="top"></td><td class="left">   providers, and users of the security limitations in HTTP/1.1 as</td><td> </td><td class="right">   providers, and users of the security limitations in HTTP/1.1 as</td><td class="lineno" valign="top"></td></tr>
434      <tr><td class="lineno" valign="top"></td><td class="left">   described by this document.  The discussion does not include</td><td> </td><td class="right">   described by this document.  The discussion does not include</td><td class="lineno" valign="top"></td></tr>
435      <tr><td class="lineno" valign="top"></td><td class="left">   definitive solutions to the problems revealed, though it does make</td><td> </td><td class="right">   definitive solutions to the problems revealed, though it does make</td><td class="lineno" valign="top"></td></tr>
436      <tr><td class="lineno" valign="top"></td><td class="left">   some suggestions for reducing security risks.</td><td> </td><td class="right">   some suggestions for reducing security risks.</td><td class="lineno" valign="top"></td></tr>
437      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
438      <tr><td><a name="diff0035" /></td></tr>
439      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">6</span>.1.  Authentication Credentials and Idle Clients</td><td> </td><td class="rblock"><span class="insert">5</span>.1.  Authentication Credentials and Idle Clients</td><td class="lineno" valign="top"></td></tr>
440      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
441      <tr><td class="lineno" valign="top"></td><td class="left">   Existing HTTP clients and user agents typically retain authentication</td><td> </td><td class="right">   Existing HTTP clients and user agents typically retain authentication</td><td class="lineno" valign="top"></td></tr>
442      <tr><td class="lineno" valign="top"></td><td class="left">   information indefinitely.  HTTP/1.1 does not provide a method for a</td><td> </td><td class="right">   information indefinitely.  HTTP/1.1 does not provide a method for a</td><td class="lineno" valign="top"></td></tr>
443      <tr><td class="lineno" valign="top"></td><td class="left">   server to direct clients to discard these cached credentials.  This</td><td> </td><td class="right">   server to direct clients to discard these cached credentials.  This</td><td class="lineno" valign="top"></td></tr>
444      <tr><td class="lineno" valign="top"></td><td class="left">   is a significant defect that requires further extensions to HTTP.</td><td> </td><td class="right">   is a significant defect that requires further extensions to HTTP.</td><td class="lineno" valign="top"></td></tr>
445      <tr><td class="lineno" valign="top"></td><td class="left">   Circumstances under which credential caching can interfere with the</td><td> </td><td class="right">   Circumstances under which credential caching can interfere with the</td><td class="lineno" valign="top"></td></tr>
446      <tr><td class="lineno" valign="top"></td><td class="left">   application's security model include but are not limited to:</td><td> </td><td class="right">   application's security model include but are not limited to:</td><td class="lineno" valign="top"></td></tr>
447      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
448      <tr><td class="lineno" valign="top"></td><td class="left">   o  Clients which have been idle for an extended period following</td><td> </td><td class="right">   o  Clients which have been idle for an extended period following</td><td class="lineno" valign="top"></td></tr>
449      <tr><td class="lineno" valign="top"></td><td class="left">      which the server might wish to cause the client to reprompt the</td><td> </td><td class="right">      which the server might wish to cause the client to reprompt the</td><td class="lineno" valign="top"></td></tr>
450      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
451      <tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 9, line 9</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 9, line 26</em></th><td></td></tr>
452      <tr><td class="lineno" valign="top"></td><td class="left">      for the client to retain the credentials.</td><td> </td><td class="right">      for the client to retain the credentials.</td><td class="lineno" valign="top"></td></tr>
453      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
454      <tr><td class="lineno" valign="top"></td><td class="left">   This is currently under separate study.  There are a number of work-</td><td> </td><td class="right">   This is currently under separate study.  There are a number of work-</td><td class="lineno" valign="top"></td></tr>
455      <tr><td class="lineno" valign="top"></td><td class="left">   arounds to parts of this problem, and we encourage the use of</td><td> </td><td class="right">   arounds to parts of this problem, and we encourage the use of</td><td class="lineno" valign="top"></td></tr>
456      <tr><td class="lineno" valign="top"></td><td class="left">   password protection in screen savers, idle time-outs, and other</td><td> </td><td class="right">   password protection in screen savers, idle time-outs, and other</td><td class="lineno" valign="top"></td></tr>
457      <tr><td class="lineno" valign="top"></td><td class="left">   methods which mitigate the security problems inherent in this</td><td> </td><td class="right">   methods which mitigate the security problems inherent in this</td><td class="lineno" valign="top"></td></tr>
458      <tr><td class="lineno" valign="top"></td><td class="left">   problem.  In particular, user agents which cache credentials are</td><td> </td><td class="right">   problem.  In particular, user agents which cache credentials are</td><td class="lineno" valign="top"></td></tr>
459      <tr><td class="lineno" valign="top"></td><td class="left">   encouraged to provide a readily accessible mechanism for discarding</td><td> </td><td class="right">   encouraged to provide a readily accessible mechanism for discarding</td><td class="lineno" valign="top"></td></tr>
460      <tr><td class="lineno" valign="top"></td><td class="left">   cached credentials under user control.</td><td> </td><td class="right">   cached credentials under user control.</td><td class="lineno" valign="top"></td></tr>
461      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
462      <tr><td><a name="diff0036" /></td></tr>
463      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">7</span>.  Acknowledgments</td><td> </td><td class="rblock"><span class="insert">6</span>.  Acknowledgments</td><td class="lineno" valign="top"></td></tr>
464      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
465      <tr><td class="lineno" valign="top"></td><td class="left">   [[anchor2: TBD.]]</td><td> </td><td class="right">   [[anchor2: TBD.]]</td><td class="lineno" valign="top"></td></tr>
466      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
467      <tr><td><a name="diff0037" /></td></tr>
468      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">8</span>.  References</td><td> </td><td class="rblock"><span class="insert">7</span>.  References</td><td class="lineno" valign="top"></td></tr>
469      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
470      <tr><td><a name="diff0038" /></td></tr>
471      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">8</span>.1.  Normative References</td><td> </td><td class="rblock"><span class="insert">7</span>.1.  Normative References</td><td class="lineno" valign="top"></td></tr>
472      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
473      <tr><td class="lineno" valign="top"></td><td class="left">   [Part1]    Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</td><td> </td><td class="right">   [Part1]    Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</td><td class="lineno" valign="top"></td></tr>
474      <tr><td class="lineno" valign="top"></td><td class="left">              Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</td><td> </td><td class="right">              Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</td><td class="lineno" valign="top"></td></tr>
475      <tr><td class="lineno" valign="top"></td><td class="left">              and J. Reschke, Ed., "HTTP/1.1, part 1: URIs, Connections,</td><td> </td><td class="right">              and J. Reschke, Ed., "HTTP/1.1, part 1: URIs, Connections,</td><td class="lineno" valign="top"></td></tr>
476      <tr><td><a name="diff0039" /></td></tr>
477      <tr><td class="lineno" valign="top"></td><td class="lblock">              and Message Parsing", <span class="delete">draft-ietf-httpbis-p1-messaging-05</span></td><td> </td><td class="rblock">              and Message Parsing", <span class="insert">draft-ietf-httpbis-p1-messaging-06</span></td><td class="lineno" valign="top"></td></tr>
478      <tr><td class="lineno" valign="top"></td><td class="lblock">              (work in progress), <span class="delete">November 2008.</span></td><td> </td><td class="rblock">              (work in progress), <span class="insert">March 2009.</span></td><td class="lineno" valign="top"></td></tr>
479      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
480      <tr><td class="lineno" valign="top"></td><td class="left">   [Part6]    Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</td><td> </td><td class="right">   [Part6]    Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,</td><td class="lineno" valign="top"></td></tr>
481      <tr><td class="lineno" valign="top"></td><td class="left">              Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</td><td> </td><td class="right">              Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,</td><td class="lineno" valign="top"></td></tr>
482      <tr><td class="lineno" valign="top"></td><td class="left">              and J. Reschke, Ed., "HTTP/1.1, part 6: Caching",</td><td> </td><td class="right">              and J. Reschke, Ed., "HTTP/1.1, part 6: Caching",</td><td class="lineno" valign="top"></td></tr>
483      <tr><td><a name="diff0040" /></td></tr>
484      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">draft-ietf-httpbis-p6-cache-05</span> (work in progress),</td><td> </td><td class="rblock">              <span class="insert">draft-ietf-httpbis-p6-cache-06</span> (work in progress),</td><td class="lineno" valign="top"></td></tr>
485      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">November 2008.</span></td><td> </td><td class="rblock">              <span class="insert">March 2009.</span></td><td class="lineno" valign="top"></td></tr>
486      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
487      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate</td><td> </td><td class="right">   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate</td><td class="lineno" valign="top"></td></tr>
488      <tr><td class="lineno" valign="top"></td><td class="left">              Requirement Levels", BCP 14, RFC 2119, March 1997.</td><td> </td><td class="right">              Requirement Levels", BCP 14, RFC 2119, March 1997.</td><td class="lineno" valign="top"></td></tr>
489      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
490      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC2617]  Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,</td><td> </td><td class="right">   [RFC2617]  Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,</td><td class="lineno" valign="top"></td></tr>
491      <tr><td class="lineno" valign="top"></td><td class="left">              Leach, P., Luotonen, A., and L. Stewart, "HTTP</td><td> </td><td class="right">              Leach, P., Luotonen, A., and L. Stewart, "HTTP</td><td class="lineno" valign="top"></td></tr>
492      <tr><td class="lineno" valign="top"></td><td class="left">              Authentication: Basic and Digest Access Authentication",</td><td> </td><td class="right">              Authentication: Basic and Digest Access Authentication",</td><td class="lineno" valign="top"></td></tr>
493      <tr><td class="lineno" valign="top"></td><td class="left">              RFC 2617, June 1999.</td><td> </td><td class="right">              RFC 2617, June 1999.</td><td class="lineno" valign="top"></td></tr>
494      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
495      <tr><td><a name="diff0041" /></td></tr>
496      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">8.2.</span>  Informative References</td><td> </td><td class="rblock">   <span class="insert">[RFC5234]  Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax</span></td><td class="lineno" valign="top"></td></tr>
497      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">              Specifications: ABNF", STD 68, RFC 5234, January 2008.</span></td><td class="lineno" valign="top"></td></tr>
498      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
499      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">7.2.</span>  Informative References</td><td class="lineno" valign="top"></td></tr>
500      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
501      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,</td><td> </td><td class="right">   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,</td><td class="lineno" valign="top"></td></tr>
502      <tr><td class="lineno" valign="top"></td><td class="left">              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext</td><td> </td><td class="right">              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext</td><td class="lineno" valign="top"></td></tr>
503      <tr><td class="lineno" valign="top"></td><td class="left">              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.</td><td> </td><td class="right">              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.</td><td class="lineno" valign="top"></td></tr>
504      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
505      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC3864]  Klyne, G., Nottingham, M., and J. Mogul, "Registration</td><td> </td><td class="right">   [RFC3864]  Klyne, G., Nottingham, M., and J. Mogul, "Registration</td><td class="lineno" valign="top"></td></tr>
506      <tr><td class="lineno" valign="top"></td><td class="left">              Procedures for Message Header Fields", BCP 90, RFC 3864,</td><td> </td><td class="right">              Procedures for Message Header Fields", BCP 90, RFC 3864,</td><td class="lineno" valign="top"></td></tr>
507      <tr><td class="lineno" valign="top"></td><td class="left">              September 2004.</td><td> </td><td class="right">              September 2004.</td><td class="lineno" valign="top"></td></tr>
508      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
509      <tr><td class="lineno" valign="top"></td><td class="left">Appendix A.  Compatibility with Previous Versions</td><td> </td><td class="right">Appendix A.  Compatibility with Previous Versions</td><td class="lineno" valign="top"></td></tr>
510      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
511      <tr><td class="lineno" valign="top"></td><td class="left">A.1.  Changes from RFC 2616</td><td> </td><td class="right">A.1.  Changes from RFC 2616</td><td class="lineno" valign="top"></td></tr>
512      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
513      <tr><td><a name="diff0042" /></td></tr>
514      <tr><td class="lineno" valign="top"></td><td class="lblock">Appendix B.  C<span class="delete">hange Log (to be removed by RFC Editor before publication)</span></td><td> </td><td class="rblock">Appendix B.  C<span class="insert">ollected ABNF</span></td><td class="lineno" valign="top"></td></tr>
515      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
516      <tr><td><a name="diff0043" /></td></tr>
517      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B.1.</span>  Since RFC2616</td><td> </td><td class="rblock">   <span class="insert">Authorization = "Authorization:" OWS Authorization-v</span></td><td class="lineno" valign="top"></td></tr>
518      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Authorization-v = credentials</span></td><td class="lineno" valign="top"></td></tr>
519      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
520      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   OWS = &lt;OWS, defined in [Part1], Section 1.2.2&gt;</span></td><td class="lineno" valign="top"></td></tr>
521      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
522      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Proxy-Authenticate = "Proxy-Authenticate:" OWS Proxy-Authenticate-v</span></td><td class="lineno" valign="top"></td></tr>
523      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Proxy-Authenticate-v = *( "," OWS ) challenge *( OWS "," [ OWS</span></td><td class="lineno" valign="top"></td></tr>
524      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">    challenge ] )</span></td><td class="lineno" valign="top"></td></tr>
525      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Proxy-Authorization = "Proxy-Authorization:" OWS</span></td><td class="lineno" valign="top"></td></tr>
526      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">    Proxy-Authorization-v</span></td><td class="lineno" valign="top"></td></tr>
527      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Proxy-Authorization-v = credentials</span></td><td class="lineno" valign="top"></td></tr>
528      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
529      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   WWW-Authenticate = "WWW-Authenticate:" OWS WWW-Authenticate-v</span></td><td class="lineno" valign="top"></td></tr>
530      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   WWW-Authenticate-v = *( "," OWS ) challenge *( OWS "," [ OWS</span></td><td class="lineno" valign="top"></td></tr>
531      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">    challenge ] )</span></td><td class="lineno" valign="top"></td></tr>
532      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
533      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   challenge = &lt;challenge, defined in [RFC2617], Section 1.2&gt;</span></td><td class="lineno" valign="top"></td></tr>
534      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   credentials = &lt;credentials, defined in [RFC2617], Section 1.2&gt;</span></td><td class="lineno" valign="top"></td></tr>
535      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   ABNF diagnostics:</span></td><td class="lineno" valign="top"></td></tr>
536      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
537      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   ; Authorization defined but not used</span></td><td class="lineno" valign="top"></td></tr>
538      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   ; Proxy-Authenticate defined but not used</span></td><td class="lineno" valign="top"></td></tr>
539      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   ; Proxy-Authorization defined but not used</span></td><td class="lineno" valign="top"></td></tr>
540      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   ; WWW-Authenticate defined but not used</span></td><td class="lineno" valign="top"></td></tr>
541      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
542      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">Appendix C.  Change Log (to be removed by RFC Editor before publication)</span></td><td class="lineno" valign="top"></td></tr>
543      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
544      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">C.1.</span>  Since RFC2616</td><td class="lineno" valign="top"></td></tr>
545      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
546      <tr><td class="lineno" valign="top"></td><td class="left">   Extracted relevant partitions from [RFC2616].</td><td> </td><td class="right">   Extracted relevant partitions from [RFC2616].</td><td class="lineno" valign="top"></td></tr>
547      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
548      <tr><td><a name="diff0044" /></td></tr>
549      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B</span>.2.  Since draft-ietf-httpbis-p7-auth-00</td><td> </td><td class="rblock"><span class="insert">C</span>.2.  Since draft-ietf-httpbis-p7-auth-00</td><td class="lineno" valign="top"></td></tr>
550      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
551      <tr><td class="lineno" valign="top"></td><td class="left">   Closed issues:</td><td> </td><td class="right">   Closed issues:</td><td class="lineno" valign="top"></td></tr>
552      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
553      <tr><td class="lineno" valign="top"></td><td class="left">   o  &lt;http://tools.ietf.org/wg/httpbis/trac/ticket/35&gt;: "Normative and</td><td> </td><td class="right">   o  &lt;http://tools.ietf.org/wg/httpbis/trac/ticket/35&gt;: "Normative and</td><td class="lineno" valign="top"></td></tr>
554      <tr><td class="lineno" valign="top"></td><td class="left">      Informative references"</td><td> </td><td class="right">      Informative references"</td><td class="lineno" valign="top"></td></tr>
555      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
556      <tr><td><a name="diff0045" /></td></tr>
557      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B</span>.3.  Since draft-ietf-httpbis-p7-auth-01</td><td> </td><td class="rblock"><span class="insert">C</span>.3.  Since draft-ietf-httpbis-p7-auth-01</td><td class="lineno" valign="top"></td></tr>
558      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
559      <tr><td class="lineno" valign="top"></td><td class="left">   Ongoing work on ABNF conversion</td><td> </td><td class="right">   Ongoing work on ABNF conversion</td><td class="lineno" valign="top"></td></tr>
560      <tr><td class="lineno" valign="top"></td><td class="left">   (&lt;http://tools.ietf.org/wg/httpbis/trac/ticket/36&gt;):</td><td> </td><td class="right">   (&lt;http://tools.ietf.org/wg/httpbis/trac/ticket/36&gt;):</td><td class="lineno" valign="top"></td></tr>
561      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
562      <tr><td class="lineno" valign="top"></td><td class="left">   o  Explicitly import BNF rules for "challenge" and "credentials" from</td><td> </td><td class="right">   o  Explicitly import BNF rules for "challenge" and "credentials" from</td><td class="lineno" valign="top"></td></tr>
563      <tr><td class="lineno" valign="top"></td><td class="left">      RFC2617.</td><td> </td><td class="right">      RFC2617.</td><td class="lineno" valign="top"></td></tr>
564      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
565      <tr><td class="lineno" valign="top"></td><td class="left">   o  Add explicit references to BNF syntax and rules imported from</td><td> </td><td class="right">   o  Add explicit references to BNF syntax and rules imported from</td><td class="lineno" valign="top"></td></tr>
566      <tr><td class="lineno" valign="top"></td><td class="left">      other parts of the specification.</td><td> </td><td class="right">      other parts of the specification.</td><td class="lineno" valign="top"></td></tr>
567      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
568      <tr><td><a name="diff0046" /></td></tr>
569      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B</span>.4.  Since draft-ietf-httpbis-p7-auth-02</td><td> </td><td class="rblock"><span class="insert">C</span>.4.  Since draft-ietf-httpbis-p7-auth-02</td><td class="lineno" valign="top"></td></tr>
570      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
571      <tr><td class="lineno" valign="top"></td><td class="left">   Ongoing work on IANA Message Header Registration</td><td> </td><td class="right">   Ongoing work on IANA Message Header Registration</td><td class="lineno" valign="top"></td></tr>
572      <tr><td class="lineno" valign="top"></td><td class="left">   (&lt;http://tools.ietf.org/wg/httpbis/trac/ticket/40&gt;):</td><td> </td><td class="right">   (&lt;http://tools.ietf.org/wg/httpbis/trac/ticket/40&gt;):</td><td class="lineno" valign="top"></td></tr>
573      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
574      <tr><td class="lineno" valign="top"></td><td class="left">   o  Reference RFC 3984, and update header registrations for headers</td><td> </td><td class="right">   o  Reference RFC 3984, and update header registrations for headers</td><td class="lineno" valign="top"></td></tr>
575      <tr><td class="lineno" valign="top"></td><td class="left">      defined in this document.</td><td> </td><td class="right">      defined in this document.</td><td class="lineno" valign="top"></td></tr>
576      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
577      <tr><td><a name="diff0047" /></td></tr>
578      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B</span>.5.  Since draft-ietf-httpbis-p7-auth-03</td><td> </td><td class="rblock"><span class="insert">C</span>.5.  Since draft-ietf-httpbis-p7-auth-03</td><td class="lineno" valign="top"></td></tr>
579      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
580      <tr><td><a name="diff0048" /></td></tr>
581      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">B</span>.6.  Since draft-ietf-httpbis-p7-auth-04</td><td> </td><td class="rblock"><span class="insert">C</span>.6.  Since draft-ietf-httpbis-p7-auth-04</td><td class="lineno" valign="top"></td></tr>
582      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
583      <tr><td class="lineno" valign="top"></td><td class="left">   Ongoing work on ABNF conversion</td><td> </td><td class="right">   Ongoing work on ABNF conversion</td><td class="lineno" valign="top"></td></tr>
584      <tr><td class="lineno" valign="top"></td><td class="left">   (&lt;http://tools.ietf.org/wg/httpbis/trac/ticket/36&gt;):</td><td> </td><td class="right">   (&lt;http://tools.ietf.org/wg/httpbis/trac/ticket/36&gt;):</td><td class="lineno" valign="top"></td></tr>
585      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
586      <tr><td class="lineno" valign="top"></td><td class="left">   o  Use "/" instead of "|" for alternatives.</td><td> </td><td class="right">   o  Use "/" instead of "|" for alternatives.</td><td class="lineno" valign="top"></td></tr>
587      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
588      <tr><td class="lineno" valign="top"></td><td class="left">   o  Introduce new ABNF rules for "bad" whitespace ("BWS"), optional</td><td> </td><td class="right">   o  Introduce new ABNF rules for "bad" whitespace ("BWS"), optional</td><td class="lineno" valign="top"></td></tr>
589      <tr><td class="lineno" valign="top"></td><td class="left">      whitespace ("OWS") and required whitespace ("RWS").</td><td> </td><td class="right">      whitespace ("OWS") and required whitespace ("RWS").</td><td class="lineno" valign="top"></td></tr>
590      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
591      <tr><td class="lineno" valign="top"></td><td class="left">   o  Rewrite ABNFs to spell out whitespace rules, factor out header</td><td> </td><td class="right">   o  Rewrite ABNFs to spell out whitespace rules, factor out header</td><td class="lineno" valign="top"></td></tr>
592      <tr><td class="lineno" valign="top"></td><td class="left">      value format definitions.</td><td> </td><td class="right">      value format definitions.</td><td class="lineno" valign="top"></td></tr>
593      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
594      <tr><td><a name="diff0049" /></td></tr>
595      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">C.7.  Since draft-ietf-httpbis-p7-auth-05</span></td><td class="lineno" valign="top"></td></tr>
596      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
597      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Final work on ABNF conversion</span></td><td class="lineno" valign="top"></td></tr>
598      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   (&lt;http://tools.ietf.org/wg/httpbis/trac/ticket/36&gt;):</span></td><td class="lineno" valign="top"></td></tr>
599      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
600      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   o  Add appendix containing collected and expanded ABNF, reorganize</span></td><td class="lineno" valign="top"></td></tr>
601      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">      ABNF introduction.</span></td><td class="lineno" valign="top"></td></tr>
602      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock">                                                                         </td><td class="lineno" valign="top"></td></tr>
603      <tr><td class="lineno" valign="top"></td><td class="left">Index</td><td> </td><td class="right">Index</td><td class="lineno" valign="top"></td></tr>
604      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
605      <tr><td class="lineno" valign="top"></td><td class="left">   4</td><td> </td><td class="right">   4</td><td class="lineno" valign="top"></td></tr>
606      <tr><td class="lineno" valign="top"></td><td class="left">      401 Unauthorized (status code)  5</td><td> </td><td class="right">      401 Unauthorized (status code)  5</td><td class="lineno" valign="top"></td></tr>
607      <tr><td class="lineno" valign="top"></td><td class="left">      407 Proxy Authentication Required (status code)  5</td><td> </td><td class="right">      407 Proxy Authentication Required (status code)  5</td><td class="lineno" valign="top"></td></tr>
608      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
609      <tr><td class="lineno" valign="top"></td><td class="left">   A</td><td> </td><td class="right">   A</td><td class="lineno" valign="top"></td></tr>
610      <tr><td><a name="diff0050" /></td></tr>
611      <tr><td class="lineno" valign="top"></td><td class="lblock">      Authorization header  <span class="delete">5</span></td><td> </td><td class="rblock">      Authorization header  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
612      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
613      <tr><td class="lineno" valign="top"></td><td class="left">   G</td><td> </td><td class="right">   G</td><td class="lineno" valign="top"></td></tr>
614      <tr><td class="lineno" valign="top"></td><td class="left">      Grammar</td><td> </td><td class="right">      Grammar</td><td class="lineno" valign="top"></td></tr>
615      <tr><td><a name="diff0051" /></td></tr>
616      <tr><td class="lineno" valign="top"></td><td class="lblock">         Authorization  <span class="delete">5</span></td><td> </td><td class="rblock">         Authorization  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
617      <tr><td class="lineno" valign="top"></td><td class="lblock">         Authorization-v  <span class="delete">5</span></td><td> </td><td class="rblock">         Authorization-v  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
618      <tr><td class="lineno" valign="top"></td><td class="lblock">         challenge  <span class="delete">4</span></td><td> </td><td class="rblock">         challenge  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
619      <tr><td class="lineno" valign="top"></td><td class="lblock">         credentials  <span class="delete">4</span></td><td> </td><td class="rblock">         credentials  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
620      <tr><td class="lineno" valign="top"></td><td class="lblock">         Proxy-Authenticate  <span class="delete">6</span></td><td> </td><td class="rblock">         Proxy-Authenticate  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
621      <tr><td class="lineno" valign="top"></td><td class="lblock">         Proxy-Authenticate-v  <span class="delete">6</span></td><td> </td><td class="rblock">         Proxy-Authenticate-v  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
622      <tr><td class="lineno" valign="top"></td><td class="left">         Proxy-Authorization  7</td><td> </td><td class="right">         Proxy-Authorization  7</td><td class="lineno" valign="top"></td></tr>
623      <tr><td class="lineno" valign="top"></td><td class="left">         Proxy-Authorization-v  7</td><td> </td><td class="right">         Proxy-Authorization-v  7</td><td class="lineno" valign="top"></td></tr>
624      <tr><td><a name="diff0052" /></td></tr>
625      <tr><td class="lineno" valign="top"></td><td class="lblock">         WWW-Authenticate  <span class="delete">7</span></td><td> </td><td class="rblock">         WWW-Authenticate  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
626      <tr><td class="lineno" valign="top"></td><td class="lblock">         WWW-Authenticate-v  <span class="delete">7</span></td><td> </td><td class="rblock">         WWW-Authenticate-v  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
627      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
628      <tr><td class="lineno" valign="top"></td><td class="left">   H</td><td> </td><td class="right">   H</td><td class="lineno" valign="top"></td></tr>
629      <tr><td class="lineno" valign="top"></td><td class="left">      Headers</td><td> </td><td class="right">      Headers</td><td class="lineno" valign="top"></td></tr>
630      <tr><td><a name="diff0053" /></td></tr>
631      <tr><td class="lineno" valign="top"></td><td class="lblock">         Authorization  <span class="delete">5</span></td><td> </td><td class="rblock">         Authorization  6</td><td class="lineno" valign="top"></td></tr>
632      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">         Proxy-Authenticate</span>  6</td><td> </td><td class="rblock">         <span class="insert">Proxy-Authenticate  7</span></td><td class="lineno" valign="top"></td></tr>
633      <tr><td class="lineno" valign="top"></td><td class="left">         Proxy-Authorization  7</td><td> </td><td class="right">         Proxy-Authorization  7</td><td class="lineno" valign="top"></td></tr>
634      <tr><td class="lineno" valign="top"></td><td class="left">         WWW-Authenticate  7</td><td> </td><td class="right">         WWW-Authenticate  7</td><td class="lineno" valign="top"></td></tr>
635      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
636      <tr><td class="lineno" valign="top"></td><td class="left">   P</td><td> </td><td class="right">   P</td><td class="lineno" valign="top"></td></tr>
637      <tr><td><a name="diff0054" /></td></tr>
638      <tr><td class="lineno" valign="top"></td><td class="lblock">      Proxy-Authenticate header  <span class="delete">6</span></td><td> </td><td class="rblock">      Proxy-Authenticate header  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
639      <tr><td class="lineno" valign="top"></td><td class="left">      Proxy-Authorization header  7</td><td> </td><td class="right">      Proxy-Authorization header  7</td><td class="lineno" valign="top"></td></tr>
640      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
641      <tr><td class="lineno" valign="top"></td><td class="left">   S</td><td> </td><td class="right">   S</td><td class="lineno" valign="top"></td></tr>
642      <tr><td class="lineno" valign="top"></td><td class="left">      Status Codes</td><td> </td><td class="right">      Status Codes</td><td class="lineno" valign="top"></td></tr>
643      <tr><td class="lineno" valign="top"></td><td class="left">         401 Unauthorized  5</td><td> </td><td class="right">         401 Unauthorized  5</td><td class="lineno" valign="top"></td></tr>
644      <tr><td class="lineno" valign="top"></td><td class="left">         407 Proxy Authentication Required  5</td><td> </td><td class="right">         407 Proxy Authentication Required  5</td><td class="lineno" valign="top"></td></tr>
645      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
646      <tr><td class="lineno" valign="top"></td><td class="left">   W</td><td> </td><td class="right">   W</td><td class="lineno" valign="top"></td></tr>
647      <tr><td class="lineno" valign="top"></td><td class="left">      WWW-Authenticate header  7</td><td> </td><td class="right">      WWW-Authenticate header  7</td><td class="lineno" valign="top"></td></tr>
648      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
649      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
650      <tr bgcolor="gray" ><td></td><th><a name="part-l8" /><small>skipping to change at</small><em> page 15, line 4</em></th><th> </th><th><a name="part-r8" /><small>skipping to change at</small><em> line 634</em></th><td></td></tr>
651      <tr><td class="lineno" valign="top"></td><td class="left">   Julian F. Reschke (editor)</td><td> </td><td class="right">   Julian F. Reschke (editor)</td><td class="lineno" valign="top"></td></tr>
652      <tr><td class="lineno" valign="top"></td><td class="left">   greenbytes GmbH</td><td> </td><td class="right">   greenbytes GmbH</td><td class="lineno" valign="top"></td></tr>
653      <tr><td class="lineno" valign="top"></td><td class="left">   Hafenweg 16</td><td> </td><td class="right">   Hafenweg 16</td><td class="lineno" valign="top"></td></tr>
654      <tr><td class="lineno" valign="top"></td><td class="left">   Muenster, NW  48155</td><td> </td><td class="right">   Muenster, NW  48155</td><td class="lineno" valign="top"></td></tr>
655      <tr><td class="lineno" valign="top"></td><td class="left">   Germany</td><td> </td><td class="right">   Germany</td><td class="lineno" valign="top"></td></tr>
656      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
657      <tr><td class="lineno" valign="top"></td><td class="left">   Phone: +49 251 2807760</td><td> </td><td class="right">   Phone: +49 251 2807760</td><td class="lineno" valign="top"></td></tr>
658      <tr><td class="lineno" valign="top"></td><td class="left">   Fax:   +49 251 2807761</td><td> </td><td class="right">   Fax:   +49 251 2807761</td><td class="lineno" valign="top"></td></tr>
659      <tr><td class="lineno" valign="top"></td><td class="left">   Email: julian.reschke@greenbytes.de</td><td> </td><td class="right">   Email: julian.reschke@greenbytes.de</td><td class="lineno" valign="top"></td></tr>
660      <tr><td class="lineno" valign="top"></td><td class="left">   URI:   http://greenbytes.de/tech/webdav/</td><td> </td><td class="right">   URI:   http://greenbytes.de/tech/webdav/</td><td class="lineno" valign="top"></td></tr>
661      <tr><td><a name="diff0055" /></td></tr>
662      <tr><td class="lineno" valign="top"></td><td class="lblock">                                                                         </td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
663      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Full Copyright Statement</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
664      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
665      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Copyright (C) The IETF Trust (2008).</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
666      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
667      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   This document is subject to the rights, licenses and restrictions</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
668      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   contained in BCP 78, and except as set forth therein, the authors</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
669      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   retain all their rights.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
670      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
671      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   This document and the information contained herein are provided on an</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
672      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
673      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
674      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
675      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
676      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
677      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
678      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
679      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Intellectual Property</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
680      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
681      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   The IETF takes no position regarding the validity or scope of any</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
682      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Intellectual Property Rights or other rights that might be claimed to</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
683      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   pertain to the implementation or use of the technology described in</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
684      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   this document or the extent to which any license under such rights</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
685      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   might or might not be available; nor does it represent that it has</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
686      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   made any independent effort to identify any such rights.  Information</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
687      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   on the procedures with respect to rights in RFC documents can be</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
688      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   found in BCP 78 and BCP 79.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
689      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
690      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Copies of IPR disclosures made to the IETF Secretariat and any</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
691      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   assurances of licenses to be made available, or the result of an</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
692      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   attempt made to obtain a general license or permission for the use of</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
693      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   such proprietary rights by implementers or users of this</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
694      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   specification can be obtained from the IETF on-line IPR repository at</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
695      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   http://www.ietf.org/ipr.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
696      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
697      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   The IETF invites any interested party to bring to its attention any</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
698      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   copyrights, patents or patent applications, or other proprietary</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
699      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   rights that may cover technology that may be required to implement</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
700      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   this standard.  Please address the information to the IETF at</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
701      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   ietf-ipr@ietf.org.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
702
703     <tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr>
704     <tr bgcolor="gray"><th colspan="5" align="center"><a name="end">&nbsp;End of changes. 55 change blocks.&nbsp;</a></th></tr>
705     <tr class="stats"><td></td><th><i>95 lines changed or deleted</i></th><th><i> </i></th><th><i>170 lines changed or added</i></th><td></td></tr>
706     <tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.35. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr>
707   </table>
708   </body>
709   </html>
Note: See TracBrowser for help on using the repository browser.