| 1 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
|---|
| 2 | <!-- Generated by rfcdiff 1.38: rfcdiff --> |
|---|
| 3 | <!-- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional" > --> |
|---|
| 4 | <html> |
|---|
| 5 | <head> |
|---|
| 6 | <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> |
|---|
| 7 | <meta http-equiv="Content-Style-Type" content="text/css" /> |
|---|
| 8 | <title>Diff: draft-ietf-httpbis-p7-auth-19.txt - draft-ietf-httpbis-p7-auth-20.txt</title> |
|---|
| 9 | <style type="text/css"> |
|---|
| 10 | body { margin: 0.4ex; margin-right: auto; } |
|---|
| 11 | tr { } |
|---|
| 12 | td { white-space: pre; font-family: monospace; vertical-align: top; font-size: 0.86em;} |
|---|
| 13 | th { font-size: 0.86em; } |
|---|
| 14 | .small { font-size: 0.6em; font-style: italic; font-family: Verdana, Helvetica, sans-serif; } |
|---|
| 15 | .left { background-color: #EEE; } |
|---|
| 16 | .right { background-color: #FFF; } |
|---|
| 17 | .diff { background-color: #CCF; } |
|---|
| 18 | .lblock { background-color: #BFB; } |
|---|
| 19 | .rblock { background-color: #FF8; } |
|---|
| 20 | .insert { background-color: #8FF; } |
|---|
| 21 | .delete { background-color: #ACF; } |
|---|
| 22 | .void { background-color: #FFB; } |
|---|
| 23 | .cont { background-color: #EEE; } |
|---|
| 24 | .linebr { background-color: #AAA; } |
|---|
| 25 | .lineno { color: red; background-color: #FFF; font-size: 0.7em; text-align: right; padding: 0 2px; } |
|---|
| 26 | .elipsis{ background-color: #AAA; } |
|---|
| 27 | .left .cont { background-color: #DDD; } |
|---|
| 28 | .right .cont { background-color: #EEE; } |
|---|
| 29 | .lblock .cont { background-color: #9D9; } |
|---|
| 30 | .rblock .cont { background-color: #DD6; } |
|---|
| 31 | .insert .cont { background-color: #0DD; } |
|---|
| 32 | .delete .cont { background-color: #8AD; } |
|---|
| 33 | .stats, .stats td, .stats th { background-color: #EEE; padding: 2px 0; } |
|---|
| 34 | </style> |
|---|
| 35 | </head> |
|---|
| 36 | <body > |
|---|
| 37 | <table border="0" cellpadding="0" cellspacing="0"> |
|---|
| 38 | <tr bgcolor="orange"><th></th><th> draft-ietf-httpbis-p7-auth-19.txt </th><th> </th><th> draft-ietf-httpbis-p7-auth-20.txt </th><th></th></tr> |
|---|
| 39 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 40 | <tr><td class="lineno" valign="top"></td><td class="left">HTTPbis Working Group R. Fielding, Ed.</td><td> </td><td class="right">HTTPbis Working Group R. Fielding, Ed.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 41 | <tr><td class="lineno" valign="top"></td><td class="left">Internet-Draft Adobe</td><td> </td><td class="right">Internet-Draft Adobe</td><td class="lineno" valign="top"></td></tr> |
|---|
| 42 | <tr><td class="lineno" valign="top"></td><td class="left">Obsoletes: 2616 (if approved) Y. Lafon, Ed.</td><td> </td><td class="right">Obsoletes: 2616 (if approved) Y. Lafon, Ed.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 43 | <tr><td class="lineno" valign="top"></td><td class="left">Updates: 2617 (if approved) W3C</td><td> </td><td class="right">Updates: 2617 (if approved) W3C</td><td class="lineno" valign="top"></td></tr> |
|---|
| 44 | <tr><td class="lineno" valign="top"></td><td class="left">Intended status: Standards Track J. Reschke, Ed.</td><td> </td><td class="right">Intended status: Standards Track J. Reschke, Ed.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 45 | <tr><td><a name="diff0001" /></td></tr> |
|---|
| 46 | <tr><td class="lineno" valign="top"></td><td class="lblock">Expires: <span class="delete">September 13, 2012</span> greenbytes</td><td> </td><td class="rblock">Expires: <span class="insert">January 17, 2013</span> greenbytes</td><td class="lineno" valign="top"></td></tr> |
|---|
| 47 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">March 12,</span> 2012</td><td> </td><td class="rblock"> <span class="insert">July 16,</span> 2012</td><td class="lineno" valign="top"></td></tr> |
|---|
| 48 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 49 | <tr><td class="lineno" valign="top"></td><td class="left"> HTTP/1.1, part 7: Authentication</td><td> </td><td class="right"> HTTP/1.1, part 7: Authentication</td><td class="lineno" valign="top"></td></tr> |
|---|
| 50 | <tr><td><a name="diff0002" /></td></tr> |
|---|
| 51 | <tr><td class="lineno" valign="top"></td><td class="lblock"> draft-ietf-httpbis-p7-auth-<span class="delete">19</span></td><td> </td><td class="rblock"> draft-ietf-httpbis-p7-auth-<span class="insert">20</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 52 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 53 | <tr><td class="lineno" valign="top"></td><td class="left">Abstract</td><td> </td><td class="right">Abstract</td><td class="lineno" valign="top"></td></tr> |
|---|
| 54 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 55 | <tr><td class="lineno" valign="top"></td><td class="left"> The Hypertext Transfer Protocol (HTTP) is an application-level</td><td> </td><td class="right"> The Hypertext Transfer Protocol (HTTP) is an application-level</td><td class="lineno" valign="top"></td></tr> |
|---|
| 56 | <tr><td class="lineno" valign="top"></td><td class="left"> protocol for distributed, collaborative, hypermedia information</td><td> </td><td class="right"> protocol for distributed, collaborative, hypermedia information</td><td class="lineno" valign="top"></td></tr> |
|---|
| 57 | <tr><td class="lineno" valign="top"></td><td class="left"> systems. HTTP has been in use by the World Wide Web global</td><td> </td><td class="right"> systems. HTTP has been in use by the World Wide Web global</td><td class="lineno" valign="top"></td></tr> |
|---|
| 58 | <tr><td class="lineno" valign="top"></td><td class="left"> information initiative since 1990. This document is Part 7 of the</td><td> </td><td class="right"> information initiative since 1990. This document is Part 7 of the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 59 | <tr><td class="lineno" valign="top"></td><td class="left"> seven-part specification that defines the protocol referred to as</td><td> </td><td class="right"> seven-part specification that defines the protocol referred to as</td><td class="lineno" valign="top"></td></tr> |
|---|
| 60 | <tr><td class="lineno" valign="top"></td><td class="left"> "HTTP/1.1" and, taken together, obsoletes RFC 2616.</td><td> </td><td class="right"> "HTTP/1.1" and, taken together, obsoletes RFC 2616.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 61 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 62 | <tr><td class="lineno" valign="top"></td><td class="left"> Part 7 defines the HTTP Authentication framework.</td><td> </td><td class="right"> Part 7 defines the HTTP Authentication framework.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 63 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 64 | <tr><td class="lineno" valign="top"></td><td class="left">Editorial Note (To be removed by RFC Editor)</td><td> </td><td class="right">Editorial Note (To be removed by RFC Editor)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 65 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 66 | <tr><td><a name="diff0003" /></td></tr> |
|---|
| 67 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Discussion of this draft <span class="delete">should take</span> place on the HTTPBIS working</td><td> </td><td class="rblock"> Discussion of this draft <span class="insert">takes</span> place on the HTTPBIS working group</td><td class="lineno" valign="top"></td></tr> |
|---|
| 68 | <tr><td class="lineno" valign="top"></td><td class="lblock"> group mailing list (ietf-http-wg@w3.org), which is archived at</td><td> </td><td class="rblock"> mailing list (ietf-http-wg@w3.org), which is archived at</td><td class="lineno" valign="top"></td></tr> |
|---|
| 69 | <tr><td class="lineno" valign="top"></td><td class="left"> <http://lists.w3.org/Archives/Public/ietf-http-wg/>.</td><td> </td><td class="right"> <http://lists.w3.org/Archives/Public/ietf-http-wg/>.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 70 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 71 | <tr><td class="lineno" valign="top"></td><td class="left"> The current issues list is at</td><td> </td><td class="right"> The current issues list is at</td><td class="lineno" valign="top"></td></tr> |
|---|
| 72 | <tr><td class="lineno" valign="top"></td><td class="left"> <http://tools.ietf.org/wg/httpbis/trac/report/3> and related</td><td> </td><td class="right"> <http://tools.ietf.org/wg/httpbis/trac/report/3> and related</td><td class="lineno" valign="top"></td></tr> |
|---|
| 73 | <tr><td class="lineno" valign="top"></td><td class="left"> documents (including fancy diffs) can be found at</td><td> </td><td class="right"> documents (including fancy diffs) can be found at</td><td class="lineno" valign="top"></td></tr> |
|---|
| 74 | <tr><td class="lineno" valign="top"></td><td class="left"> <http://tools.ietf.org/wg/httpbis/>.</td><td> </td><td class="right"> <http://tools.ietf.org/wg/httpbis/>.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 75 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 76 | <tr><td><a name="diff0004" /></td></tr> |
|---|
| 77 | <tr><td class="lineno" valign="top"></td><td class="lblock"> The changes in this draft are summarized in Appendix <span class="delete">C.20</span>.</td><td> </td><td class="rblock"> The changes in this draft are summarized in Appendix <span class="insert">D.1</span>.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 78 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 79 | <tr><td class="lineno" valign="top"></td><td class="left">Status of This Memo</td><td> </td><td class="right">Status of This Memo</td><td class="lineno" valign="top"></td></tr> |
|---|
| 80 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 81 | <tr><td class="lineno" valign="top"></td><td class="left"> This Internet-Draft is submitted in full conformance with the</td><td> </td><td class="right"> This Internet-Draft is submitted in full conformance with the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 82 | <tr><td class="lineno" valign="top"></td><td class="left"> provisions of BCP 78 and BCP 79.</td><td> </td><td class="right"> provisions of BCP 78 and BCP 79.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 83 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 84 | <tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are working documents of the Internet Engineering</td><td> </td><td class="right"> Internet-Drafts are working documents of the Internet Engineering</td><td class="lineno" valign="top"></td></tr> |
|---|
| 85 | <tr><td class="lineno" valign="top"></td><td class="left"> Task Force (IETF). Note that other groups may also distribute</td><td> </td><td class="right"> Task Force (IETF). Note that other groups may also distribute</td><td class="lineno" valign="top"></td></tr> |
|---|
| 86 | <tr><td class="lineno" valign="top"></td><td class="left"> working documents as Internet-Drafts. The list of current Internet-</td><td> </td><td class="right"> working documents as Internet-Drafts. The list of current Internet-</td><td class="lineno" valign="top"></td></tr> |
|---|
| 87 | <tr><td class="lineno" valign="top"></td><td class="left"> Drafts is at http://datatracker.ietf.org/drafts/current/.</td><td> </td><td class="right"> Drafts is at http://datatracker.ietf.org/drafts/current/.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 88 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 89 | <tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are draft documents valid for a maximum of six months</td><td> </td><td class="right"> Internet-Drafts are draft documents valid for a maximum of six months</td><td class="lineno" valign="top"></td></tr> |
|---|
| 90 | <tr><td class="lineno" valign="top"></td><td class="left"> and may be updated, replaced, or obsoleted by other documents at any</td><td> </td><td class="right"> and may be updated, replaced, or obsoleted by other documents at any</td><td class="lineno" valign="top"></td></tr> |
|---|
| 91 | <tr><td class="lineno" valign="top"></td><td class="left"> time. It is inappropriate to use Internet-Drafts as reference</td><td> </td><td class="right"> time. It is inappropriate to use Internet-Drafts as reference</td><td class="lineno" valign="top"></td></tr> |
|---|
| 92 | <tr><td class="lineno" valign="top"></td><td class="left"> material or to cite them other than as "work in progress."</td><td> </td><td class="right"> material or to cite them other than as "work in progress."</td><td class="lineno" valign="top"></td></tr> |
|---|
| 93 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 94 | <tr><td><a name="diff0005" /></td></tr> |
|---|
| 95 | <tr><td class="lineno" valign="top"></td><td class="lblock"> This Internet-Draft will expire on <span class="delete">September 13, 2012</span>.</td><td> </td><td class="rblock"> This Internet-Draft will expire on <span class="insert">January 17, 2013</span>.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 96 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 97 | <tr><td class="lineno" valign="top"></td><td class="left">Copyright Notice</td><td> </td><td class="right">Copyright Notice</td><td class="lineno" valign="top"></td></tr> |
|---|
| 98 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 99 | <tr><td class="lineno" valign="top"></td><td class="left"> Copyright (c) 2012 IETF Trust and the persons identified as the</td><td> </td><td class="right"> Copyright (c) 2012 IETF Trust and the persons identified as the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 100 | <tr><td class="lineno" valign="top"></td><td class="left"> document authors. All rights reserved.</td><td> </td><td class="right"> document authors. All rights reserved.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 101 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 102 | <tr><td class="lineno" valign="top"></td><td class="left"> This document is subject to BCP 78 and the IETF Trust's Legal</td><td> </td><td class="right"> This document is subject to BCP 78 and the IETF Trust's Legal</td><td class="lineno" valign="top"></td></tr> |
|---|
| 103 | <tr><td class="lineno" valign="top"></td><td class="left"> Provisions Relating to IETF Documents</td><td> </td><td class="right"> Provisions Relating to IETF Documents</td><td class="lineno" valign="top"></td></tr> |
|---|
| 104 | <tr><td class="lineno" valign="top"></td><td class="left"> (http://trustee.ietf.org/license-info) in effect on the date of</td><td> </td><td class="right"> (http://trustee.ietf.org/license-info) in effect on the date of</td><td class="lineno" valign="top"></td></tr> |
|---|
| 105 | <tr><td class="lineno" valign="top"></td><td class="left"> publication of this document. Please review these documents</td><td> </td><td class="right"> publication of this document. Please review these documents</td><td class="lineno" valign="top"></td></tr> |
|---|
| 106 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 107 | <tr bgcolor="gray" ><td></td><th><a name="part-l2" /><small>skipping to change at</small><em> page 2, line 40</em></th><th> </th><th><a name="part-r2" /><small>skipping to change at</small><em> page 3, line 9</em></th><td></td></tr> |
|---|
| 108 | <tr><td class="lineno" valign="top"></td><td class="left"> the copyright in such materials, this document may not be modified</td><td> </td><td class="right"> the copyright in such materials, this document may not be modified</td><td class="lineno" valign="top"></td></tr> |
|---|
| 109 | <tr><td class="lineno" valign="top"></td><td class="left"> outside the IETF Standards Process, and derivative works of it may</td><td> </td><td class="right"> outside the IETF Standards Process, and derivative works of it may</td><td class="lineno" valign="top"></td></tr> |
|---|
| 110 | <tr><td class="lineno" valign="top"></td><td class="left"> not be created outside the IETF Standards Process, except to format</td><td> </td><td class="right"> not be created outside the IETF Standards Process, except to format</td><td class="lineno" valign="top"></td></tr> |
|---|
| 111 | <tr><td class="lineno" valign="top"></td><td class="left"> it for publication as an RFC or to translate it into languages other</td><td> </td><td class="right"> it for publication as an RFC or to translate it into languages other</td><td class="lineno" valign="top"></td></tr> |
|---|
| 112 | <tr><td class="lineno" valign="top"></td><td class="left"> than English.</td><td> </td><td class="right"> than English.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 113 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 114 | <tr><td class="lineno" valign="top"></td><td class="left">Table of Contents</td><td> </td><td class="right">Table of Contents</td><td class="lineno" valign="top"></td></tr> |
|---|
| 115 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 116 | <tr><td class="lineno" valign="top"></td><td class="left"> 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4</td><td> </td><td class="right"> 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4</td><td class="lineno" valign="top"></td></tr> |
|---|
| 117 | <tr><td class="lineno" valign="top"></td><td class="left"> 1.1. Conformance and Error Handling . . . . . . . . . . . . . . 4</td><td> </td><td class="right"> 1.1. Conformance and Error Handling . . . . . . . . . . . . . . 4</td><td class="lineno" valign="top"></td></tr> |
|---|
| 118 | <tr><td><a name="diff0006" /></td></tr> |
|---|
| 119 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 1.2. Syntax Notation . . . . . . . . . . . . . . . . . . . . . <span class="delete">4</span></td><td> </td><td class="rblock"> 1.2. Syntax Notation . . . . . . . . . . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr> |
|---|
| 120 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 1.2.1. Core Rules . . . . . . . . . . . . . . . . . . . . . .</span> 5</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 121 | <tr><td class="lineno" valign="top"></td><td class="left"> 2. Access Authentication Framework . . . . . . . . . . . . . . . 5</td><td> </td><td class="right"> 2. Access Authentication Framework . . . . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr> |
|---|
| 122 | <tr><td class="lineno" valign="top"></td><td class="left"> 2.1. Challenge and Response . . . . . . . . . . . . . . . . . . 5</td><td> </td><td class="right"> 2.1. Challenge and Response . . . . . . . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr> |
|---|
| 123 | <tr><td class="lineno" valign="top"></td><td class="left"> 2.2. Protection Space (Realm) . . . . . . . . . . . . . . . . . 7</td><td> </td><td class="right"> 2.2. Protection Space (Realm) . . . . . . . . . . . . . . . . . 7</td><td class="lineno" valign="top"></td></tr> |
|---|
| 124 | <tr><td><a name="diff0007" /></td></tr> |
|---|
| 125 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 2.3. Authentication Scheme Registry . . . . . . . . . . . . . . <span class="delete">7</span></td><td> </td><td class="rblock"> 2.3. Authentication Scheme Registry . . . . . . . . . . . . . . <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 126 | <tr><td class="lineno" valign="top"></td><td class="left"> 2.3.1. Considerations for New Authentication Schemes . . . . 8</td><td> </td><td class="right"> 2.3.1. Considerations for New Authentication Schemes . . . . 8</td><td class="lineno" valign="top"></td></tr> |
|---|
| 127 | <tr><td class="lineno" valign="top"></td><td class="left"> 3. Status Code Definitions . . . . . . . . . . . . . . . . . . . 9</td><td> </td><td class="right"> 3. Status Code Definitions . . . . . . . . . . . . . . . . . . . 9</td><td class="lineno" valign="top"></td></tr> |
|---|
| 128 | <tr><td class="lineno" valign="top"></td><td class="left"> 3.1. 401 Unauthorized . . . . . . . . . . . . . . . . . . . . . 9</td><td> </td><td class="right"> 3.1. 401 Unauthorized . . . . . . . . . . . . . . . . . . . . . 9</td><td class="lineno" valign="top"></td></tr> |
|---|
| 129 | <tr><td><a name="diff0008" /></td></tr> |
|---|
| 130 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 3.2. 407 Proxy Authentication Required . . . . . . . . . . . . <span class="delete"> 9</span></td><td> </td><td class="rblock"> 3.2. 407 Proxy Authentication Required . . . . . . . . . . . . <span class="insert">10</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 131 | <tr><td class="lineno" valign="top"></td><td class="left"> 4. Header Field Definitions . . . . . . . . . . . . . . . . . . . 10</td><td> </td><td class="right"> 4. Header Field Definitions . . . . . . . . . . . . . . . . . . . 10</td><td class="lineno" valign="top"></td></tr> |
|---|
| 132 | <tr><td class="lineno" valign="top"></td><td class="left"> 4.1. Authorization . . . . . . . . . . . . . . . . . . . . . . 10</td><td> </td><td class="right"> 4.1. Authorization . . . . . . . . . . . . . . . . . . . . . . 10</td><td class="lineno" valign="top"></td></tr> |
|---|
| 133 | <tr><td class="lineno" valign="top"></td><td class="left"> 4.2. Proxy-Authenticate . . . . . . . . . . . . . . . . . . . . 11</td><td> </td><td class="right"> 4.2. Proxy-Authenticate . . . . . . . . . . . . . . . . . . . . 11</td><td class="lineno" valign="top"></td></tr> |
|---|
| 134 | <tr><td class="lineno" valign="top"></td><td class="left"> 4.3. Proxy-Authorization . . . . . . . . . . . . . . . . . . . 11</td><td> </td><td class="right"> 4.3. Proxy-Authorization . . . . . . . . . . . . . . . . . . . 11</td><td class="lineno" valign="top"></td></tr> |
|---|
| 135 | <tr><td><a name="diff0009" /></td></tr> |
|---|
| 136 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 4.4. WWW-Authenticate . . . . . . . . . . . . . . . . . . . . . 1<span class="delete">1</span></td><td> </td><td class="rblock"> 4.4. WWW-Authenticate . . . . . . . . . . . . . . . . . . . . . 1<span class="insert">2</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 137 | <tr><td class="lineno" valign="top"></td><td class="left"> 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12</td><td> </td><td class="right"> 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12</td><td class="lineno" valign="top"></td></tr> |
|---|
| 138 | <tr><td><a name="diff0010" /></td></tr> |
|---|
| 139 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 5.1. <span class="delete">Authenticaton</span> Scheme Registry . . . . . . . . . . . . . . 12</td><td> </td><td class="rblock"> 5.1. <span class="insert">Authentication</span> Scheme Registry . . . . . . . . . . . . . . 12</td><td class="lineno" valign="top"></td></tr> |
|---|
| 140 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 5.2. Status Code Registration . . . . . . . . . . . . . . . . . <span class="delete">12</span></td><td> </td><td class="rblock"> 5.2. Status Code Registration . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 141 | <tr><td class="lineno" valign="top"></td><td class="left"> 5.3. Header Field Registration . . . . . . . . . . . . . . . . 13</td><td> </td><td class="right"> 5.3. Header Field Registration . . . . . . . . . . . . . . . . 13</td><td class="lineno" valign="top"></td></tr> |
|---|
| 142 | <tr><td class="lineno" valign="top"></td><td class="left"> 6. Security Considerations . . . . . . . . . . . . . . . . . . . 13</td><td> </td><td class="right"> 6. Security Considerations . . . . . . . . . . . . . . . . . . . 13</td><td class="lineno" valign="top"></td></tr> |
|---|
| 143 | <tr><td class="lineno" valign="top"></td><td class="left"> 6.1. Authentication Credentials and Idle Clients . . . . . . . 13</td><td> </td><td class="right"> 6.1. Authentication Credentials and Idle Clients . . . . . . . 13</td><td class="lineno" valign="top"></td></tr> |
|---|
| 144 | <tr><td><a name="diff0011" /></td></tr> |
|---|
| 145 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> 6.2. Protection Spaces . . . . . . . . . . . . . . . . . . . . 14</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 146 | <tr><td class="lineno" valign="top"></td><td class="left"> 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 14</td><td> </td><td class="right"> 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 14</td><td class="lineno" valign="top"></td></tr> |
|---|
| 147 | <tr><td><a name="diff0012" /></td></tr> |
|---|
| 148 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">14</span></td><td> </td><td class="rblock"> 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">15</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 149 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 8.1. Normative References . . . . . . . . . . . . . . . . . . . <span class="delete">14</span></td><td> </td><td class="rblock"> 8.1. Normative References . . . . . . . . . . . . . . . . . . . <span class="insert">15</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 150 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 8.2. Informative References . . . . . . . . . . . . . . . . . . <span class="delete">14</span></td><td> </td><td class="rblock"> 8.2. Informative References . . . . . . . . . . . . . . . . . . <span class="insert">15</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 151 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Appendix A. Changes from RFCs 2616 and 2617 . . . . . . . . . . . <span class="delete">15</span></td><td> </td><td class="rblock"> Appendix A. Changes from RFCs 2616 and 2617 . . . . . . . . . . . <span class="insert">16</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 152 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Appendix B. <span class="delete">Collected</span> ABNF . . . . . . . . . . . . . . . . . . . 16</td><td> </td><td class="rblock"> Appendix B. <span class="insert">Imported</span> ABNF . . . . . . . . . . . . . . . . . . . <span class="insert">.</span> 16</td><td class="lineno" valign="top"></td></tr> |
|---|
| 153 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Appendix C. <span class="delete">Change Log (to be removed by RFC Editor before</span></td><td> </td><td class="rblock"> Appendix C. <span class="insert">Collected ABNF</span> . . . . . . . . . . . . . . . . . . . 17</td><td class="lineno" valign="top"></td></tr> |
|---|
| 154 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> publication) . . . . . . . . . . . . . . . . . . . . 16</span></td><td> </td><td class="rblock"> <span class="insert">Appendix D. Change Log (to be removed by RFC Editor before</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 155 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.1. Since RFC 2616 . . . . . . . . . . . . . . . . . . . . . . 16</span></td><td> </td><td class="rblock"><span class="insert"> publication)</span> . . . . . . . . . . . . . . . . . . . . 17</td><td class="lineno" valign="top"></td></tr> |
|---|
| 156 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.2. Since draft-ietf-httpbis-p7-auth-00 . .</span> . . . . . . . . . <span class="delete">16</span></td><td> </td><td class="rblock"> <span class="insert">D.1.</span> Since <span class="insert">draft-ietf-httpbis-p7-auth-19</span> . . . . . . . . . . . 17</td><td class="lineno" valign="top"></td></tr> |
|---|
| 157 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.3. Since draft-ietf-httpbis-p7-auth-01 .</span> . . . . . . . . . . 17</td><td> </td><td class="rblock"> Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">18</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 158 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">C.4. Since draft-ietf-httpbis-p7-auth-02 . . . . . . . . . . . 17</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 159 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.5. Since draft-ietf-httpbis-p7-auth-03 . .</span> . . . . . . . . . <span class="delete">17</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 160 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.6. Since draft-ietf-httpbis-p7-auth-04</span> . . . . . . . . . . . 17</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 161 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">C.7.</span> Since <span class="delete">draft-ietf-httpbis-p7-auth-05</span> . . . . . . . . . . . 17</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 162 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">C.8. Since draft-ietf-httpbis-p7-auth-06 . . . . . . . . . . . 18</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 163 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.9. Since draft-ietf-httpbis-p7-auth-07 . . . . . . . . . . . 18</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 164 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.10. Since draft-ietf-httpbis-p7-auth-08 . . . . . . . . . . . 18</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 165 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.11. Since draft-ietf-httpbis-p7-auth-09 . . . . . . . . . . . 18</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 166 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.12. Since draft-ietf-httpbis-p7-auth-10 . . . . . . . . . . . 18</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 167 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.13. Since draft-ietf-httpbis-p7-auth-11 . . . . . . . . . . . 18</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 168 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.14. Since draft-ietf-httpbis-p7-auth-12 . . . . . . . . . . . 19</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 169 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.15. Since draft-ietf-httpbis-p7-auth-13 . . . . . . . . . . . 19</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 170 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.16. Since draft-ietf-httpbis-p7-auth-14 . . . . . . . . . . . 19</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 171 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.17. Since draft-ietf-httpbis-p7-auth-15 . . . . . . . . . . . 19</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 172 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.18. Since draft-ietf-httpbis-p7-auth-16 . . . . . . . . . . . 19</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 173 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.19. Since draft-ietf-httpbis-p7-auth-17 . . . . . . . . . . . 20</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 174 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> C.20. Since draft-ietf-httpbis-p7-auth-18 . . . . . . . . . . . 20</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 175 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">20</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 176 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 177 | <tr><td class="lineno" valign="top"></td><td class="left">1. Introduction</td><td> </td><td class="right">1. Introduction</td><td class="lineno" valign="top"></td></tr> |
|---|
| 178 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 179 | <tr><td class="lineno" valign="top"></td><td class="left"> This document defines HTTP/1.1 access control and authentication. It</td><td> </td><td class="right"> This document defines HTTP/1.1 access control and authentication. It</td><td class="lineno" valign="top"></td></tr> |
|---|
| 180 | <tr><td><a name="diff0013" /></td></tr> |
|---|
| 181 | <tr><td class="lineno" valign="top"></td><td class="lblock"> includes the relevant parts of RFC 2616 with only minor <span class="delete">changes,</span> plus</td><td> </td><td class="rblock"> includes the relevant parts of RFC 2616 with only minor <span class="insert">changes</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 182 | <tr><td class="lineno" valign="top"></td><td class="lblock"> the general framework for HTTP authentication, as previously defined</td><td> </td><td class="rblock"><span class="insert"> ([RFC2616]),</span> plus the general framework for HTTP authentication, as</td><td class="lineno" valign="top"></td></tr> |
|---|
| 183 | <tr><td class="lineno" valign="top"></td><td class="lblock"> in "HTTP Authentication: Basic and Digest Access Authentication"</td><td> </td><td class="rblock"> previously defined in "HTTP Authentication: Basic and Digest Access</td><td class="lineno" valign="top"></td></tr> |
|---|
| 184 | <tr><td class="lineno" valign="top"></td><td class="lblock"> ([RFC2617]).</td><td> </td><td class="rblock"> Authentication" ([RFC2617]).</td><td class="lineno" valign="top"></td></tr> |
|---|
| 185 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 186 | <tr><td class="lineno" valign="top"></td><td class="left"> HTTP provides several OPTIONAL challenge-response authentication</td><td> </td><td class="right"> HTTP provides several OPTIONAL challenge-response authentication</td><td class="lineno" valign="top"></td></tr> |
|---|
| 187 | <tr><td class="lineno" valign="top"></td><td class="left"> mechanisms which can be used by a server to challenge a client</td><td> </td><td class="right"> mechanisms which can be used by a server to challenge a client</td><td class="lineno" valign="top"></td></tr> |
|---|
| 188 | <tr><td class="lineno" valign="top"></td><td class="left"> request and by a client to provide authentication information. The</td><td> </td><td class="right"> request and by a client to provide authentication information. The</td><td class="lineno" valign="top"></td></tr> |
|---|
| 189 | <tr><td class="lineno" valign="top"></td><td class="left"> "basic" and "digest" authentication schemes continue to be specified</td><td> </td><td class="right"> "basic" and "digest" authentication schemes continue to be specified</td><td class="lineno" valign="top"></td></tr> |
|---|
| 190 | <tr><td class="lineno" valign="top"></td><td class="left"> in RFC 2617.</td><td> </td><td class="right"> in RFC 2617.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 191 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 192 | <tr><td class="lineno" valign="top"></td><td class="left">1.1. Conformance and Error Handling</td><td> </td><td class="right">1.1. Conformance and Error Handling</td><td class="lineno" valign="top"></td></tr> |
|---|
| 193 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 194 | <tr><td class="lineno" valign="top"></td><td class="left"> The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",</td><td> </td><td class="right"> The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",</td><td class="lineno" valign="top"></td></tr> |
|---|
| 195 | <tr><td class="lineno" valign="top"></td><td class="left"> "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this</td><td> </td><td class="right"> "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this</td><td class="lineno" valign="top"></td></tr> |
|---|
| 196 | <tr><td class="lineno" valign="top"></td><td class="left"> document are to be interpreted as described in [RFC2119].</td><td> </td><td class="right"> document are to be interpreted as described in [RFC2119].</td><td class="lineno" valign="top"></td></tr> |
|---|
| 197 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 198 | <tr><td><a name="diff0014" /></td></tr> |
|---|
| 199 | <tr><td class="lineno" valign="top"></td><td class="lblock"> This <span class="delete">document defines</span> conformance criteria <span class="delete">for several roles</span> in HTTP</td><td> </td><td class="rblock"> This <span class="insert">specification targets</span> conformance criteria <span class="insert">according to the role</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 200 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">communication, including Senders, Recipients, Clients, Servers, User-</span></td><td> </td><td class="rblock"><span class="insert"> of a participant</span> in HTTP <span class="insert">communication. Hence, HTTP requirements are</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 201 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Agents, Origin Servers, Intermediaries, Proxies and Gateways.</span> See</td><td> </td><td class="rblock"><span class="insert"> placed on senders, recipients, clients, servers, user agents,</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 202 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Section 2 of [Part1] for definitions of these terms.</td><td> </td><td class="rblock"><span class="insert"> intermediaries, origin servers, proxies, gateways, or caches,</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 203 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> depending on what behavior is being constrained by the requirement.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 204 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> See Section 2 of [Part1] for definitions of these terms.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 205 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr> |
|---|
| 206 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">The verb "generate" is used instead of "send" where a requirement</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 207 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> differentiates between creating a protocol element and merely</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 208 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> forwarding a received element downstream.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 209 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 210 | <tr><td class="lineno" valign="top"></td><td class="left"> An implementation is considered conformant if it complies with all of</td><td> </td><td class="right"> An implementation is considered conformant if it complies with all of</td><td class="lineno" valign="top"></td></tr> |
|---|
| 211 | <tr><td><a name="diff0015" /></td></tr> |
|---|
| 212 | <tr><td class="lineno" valign="top"></td><td class="lblock"> the requirements associated with <span class="delete">its role(s).</span> Note that SHOULD-level</td><td> </td><td class="rblock"> the requirements associated with <span class="insert">the roles it partakes in HTTP.</span> Note</td><td class="lineno" valign="top"></td></tr> |
|---|
| 213 | <tr><td class="lineno" valign="top"></td><td class="lblock"> requirements are relevant here, unless one of the documented</td><td> </td><td class="rblock"> that SHOULD-level requirements are relevant here, unless one of the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 214 | <tr><td class="lineno" valign="top"></td><td class="lblock"> exceptions is applicable.</td><td> </td><td class="rblock"> documented exceptions is applicable.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 215 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 216 | <tr><td class="lineno" valign="top"></td><td class="left"> This document also uses ABNF to define valid protocol elements</td><td> </td><td class="right"> This document also uses ABNF to define valid protocol elements</td><td class="lineno" valign="top"></td></tr> |
|---|
| 217 | <tr><td class="lineno" valign="top"></td><td class="left"> (Section 1.2). In addition to the prose requirements placed upon</td><td> </td><td class="right"> (Section 1.2). In addition to the prose requirements placed upon</td><td class="lineno" valign="top"></td></tr> |
|---|
| 218 | <tr><td><a name="diff0016" /></td></tr> |
|---|
| 219 | <tr><td class="lineno" valign="top"></td><td class="lblock"> them, <span class="delete">Senders</span> MUST NOT generate protocol elements that are <span class="delete">invalid.</span></td><td> </td><td class="rblock"> them, <span class="insert">senders</span> MUST NOT generate protocol elements that <span class="insert">do not match</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 220 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> the grammar defined by the ABNF rules for those protocol elements</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 221 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> that</span> are <span class="insert">applicable to the sender's role. If a received protocol</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 222 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> element is processed, the recipient MUST be able to parse any value</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 223 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> that would match the ABNF rules for that protocol element, excluding</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 224 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> only those rules not applicable to the recipient's role.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 225 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 226 | <tr><td><a name="diff0017" /></td></tr> |
|---|
| 227 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Unless noted otherwise, <span class="delete">Recipients</span> MAY <span class="delete">take steps</span> to recover a usable</td><td> </td><td class="rblock"> Unless noted otherwise, <span class="insert">a recipient</span> MAY <span class="insert">attempt</span> to recover a usable</td><td class="lineno" valign="top"></td></tr> |
|---|
| 228 | <tr><td class="lineno" valign="top"></td><td class="lblock"> protocol element from an invalid construct. <span class="delete">However,</span> HTTP does not</td><td> </td><td class="rblock"> protocol element from an invalid construct. HTTP does not define</td><td class="lineno" valign="top"></td></tr> |
|---|
| 229 | <tr><td class="lineno" valign="top"></td><td class="lblock"> define specific error handling <span class="delete">mechanisms,</span> except <span class="delete">in cases where it</span></td><td> </td><td class="rblock"> specific error handling <span class="insert">mechanisms</span> except <span class="insert">when they have a</span> direct</td><td class="lineno" valign="top"></td></tr> |
|---|
| 230 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> has</span> direct impact on <span class="delete">security. This is because</span> different <span class="delete">uses</span> of the</td><td> </td><td class="rblock"> impact on <span class="insert">security, since</span> different <span class="insert">applications</span> of the protocol</td><td class="lineno" valign="top"></td></tr> |
|---|
| 231 | <tr><td class="lineno" valign="top"></td><td class="lblock"> protocol require different error handling <span class="delete">strategies; for</span> example, a</td><td> </td><td class="rblock"> require different error handling <span class="insert">strategies. For</span> example, a Web</td><td class="lineno" valign="top"></td></tr> |
|---|
| 232 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Web browser <span class="delete">may</span> wish to transparently recover from a response where</td><td> </td><td class="rblock"> browser <span class="insert">might</span> wish to transparently recover from a response where the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 233 | <tr><td class="lineno" valign="top"></td><td class="lblock"> the Location header field doesn't parse according to the ABNF,</td><td> </td><td class="rblock"> Location header field doesn't parse according to the ABNF, <span class="insert">whereas</span> a</td><td class="lineno" valign="top"></td></tr> |
|---|
| 234 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">whereby in</span> a systems control <span class="delete">protocol using HTTP, this type</span> of error</td><td> </td><td class="rblock"> systems control <span class="insert">client might consider any form</span> of error recovery to</td><td class="lineno" valign="top"></td></tr> |
|---|
| 235 | <tr><td class="lineno" valign="top"></td><td class="lblock"> recovery <span class="delete">could lead</span> to <span class="delete">dangerous consequences.</span></td><td> </td><td class="rblock"> <span class="insert">be dangerous.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 236 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 237 | <tr><td class="lineno" valign="top"></td><td class="left">1.2. Syntax Notation</td><td> </td><td class="right">1.2. Syntax Notation</td><td class="lineno" valign="top"></td></tr> |
|---|
| 238 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 239 | <tr><td class="lineno" valign="top"></td><td class="left"> This specification uses the Augmented Backus-Naur Form (ABNF)</td><td> </td><td class="right"> This specification uses the Augmented Backus-Naur Form (ABNF)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 240 | <tr><td class="lineno" valign="top"></td><td class="left"> notation of [RFC5234] with the list rule extension defined in Section</td><td> </td><td class="right"> notation of [RFC5234] with the list rule extension defined in Section</td><td class="lineno" valign="top"></td></tr> |
|---|
| 241 | <tr><td><a name="diff0018" /></td></tr> |
|---|
| 242 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 1.2 of [Part1]. Appendix B shows the collected ABNF with the list</td><td> </td><td class="rblock"> 1.2 of [Part1]. Appendix B <span class="insert">describes rules imported from other</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 243 | <tr><td class="lineno" valign="top"></td><td class="lblock"> rule expanded.</td><td> </td><td class="rblock"><span class="insert"> documents. Appendix C</span> shows the collected ABNF with the list rule</td><td class="lineno" valign="top"></td></tr> |
|---|
| 244 | <tr><td class="lineno" valign="top"></td><td class="lblock"> </td><td> </td><td class="rblock"> expanded.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 245 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">The following core rules are included by reference, as defined in</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 246 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> [RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 247 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote),</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 248 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> HEXDIG (hexadecimal 0-9/A-F/a-f), LF (line feed), OCTET (any 8-bit</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 249 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> sequence of data), SP (space), and VCHAR (any visible US-ASCII</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 250 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> character).</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 251 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 252 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">1.2.1. Core Rules</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 253 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 254 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> The core rules below are defined in [Part1]:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 255 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 256 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> BWS = <BWS, defined in [Part1], Section 3.2.1></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 257 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> OWS = <OWS, defined in [Part1], Section 3.2.1></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 258 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> quoted-string = <quoted-string, defined in [Part1], Section 3.2.4></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 259 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> token = <token, defined in [Part1], Section 3.2.4></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 260 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 261 | <tr><td class="lineno" valign="top"></td><td class="left">2. Access Authentication Framework</td><td> </td><td class="right">2. Access Authentication Framework</td><td class="lineno" valign="top"></td></tr> |
|---|
| 262 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 263 | <tr><td class="lineno" valign="top"></td><td class="left">2.1. Challenge and Response</td><td> </td><td class="right">2.1. Challenge and Response</td><td class="lineno" valign="top"></td></tr> |
|---|
| 264 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 265 | <tr><td class="lineno" valign="top"></td><td class="left"> HTTP provides a simple challenge-response authentication mechanism</td><td> </td><td class="right"> HTTP provides a simple challenge-response authentication mechanism</td><td class="lineno" valign="top"></td></tr> |
|---|
| 266 | <tr><td class="lineno" valign="top"></td><td class="left"> that can be used by a server to challenge a client request and by a</td><td> </td><td class="right"> that can be used by a server to challenge a client request and by a</td><td class="lineno" valign="top"></td></tr> |
|---|
| 267 | <tr><td class="lineno" valign="top"></td><td class="left"> client to provide authentication information. It uses an extensible,</td><td> </td><td class="right"> client to provide authentication information. It uses an extensible,</td><td class="lineno" valign="top"></td></tr> |
|---|
| 268 | <tr><td class="lineno" valign="top"></td><td class="left"> case-insensitive token to identify the authentication scheme,</td><td> </td><td class="right"> case-insensitive token to identify the authentication scheme,</td><td class="lineno" valign="top"></td></tr> |
|---|
| 269 | <tr><td class="lineno" valign="top"></td><td class="left"> followed by additional information necessary for achieving</td><td> </td><td class="right"> followed by additional information necessary for achieving</td><td class="lineno" valign="top"></td></tr> |
|---|
| 270 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 271 | <tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 6, line 24</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 6, line 20</em></th><td></td></tr> |
|---|
| 272 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 273 | <tr><td class="lineno" valign="top"></td><td class="left"> challenge = auth-scheme [ 1*SP ( b64token / #auth-param ) ]</td><td> </td><td class="right"> challenge = auth-scheme [ 1*SP ( b64token / #auth-param ) ]</td><td class="lineno" valign="top"></td></tr> |
|---|
| 274 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 275 | <tr><td class="lineno" valign="top"></td><td class="left"> Note: User agents will need to take special care in parsing the</td><td> </td><td class="right"> Note: User agents will need to take special care in parsing the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 276 | <tr><td class="lineno" valign="top"></td><td class="left"> WWW-Authenticate and Proxy-Authenticate header field values</td><td> </td><td class="right"> WWW-Authenticate and Proxy-Authenticate header field values</td><td class="lineno" valign="top"></td></tr> |
|---|
| 277 | <tr><td class="lineno" valign="top"></td><td class="left"> because they can contain more than one challenge, or if more than</td><td> </td><td class="right"> because they can contain more than one challenge, or if more than</td><td class="lineno" valign="top"></td></tr> |
|---|
| 278 | <tr><td class="lineno" valign="top"></td><td class="left"> one of each is provided, since the contents of a challenge can</td><td> </td><td class="right"> one of each is provided, since the contents of a challenge can</td><td class="lineno" valign="top"></td></tr> |
|---|
| 279 | <tr><td class="lineno" valign="top"></td><td class="left"> itself contain a comma-separated list of authentication</td><td> </td><td class="right"> itself contain a comma-separated list of authentication</td><td class="lineno" valign="top"></td></tr> |
|---|
| 280 | <tr><td class="lineno" valign="top"></td><td class="left"> parameters.</td><td> </td><td class="right"> parameters.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 281 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 282 | <tr><td><a name="diff0019" /></td></tr> |
|---|
| 283 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Note: Many <span class="delete">browser</span>s fail to parse challenges containing unknown</td><td> </td><td class="rblock"> Note: Many <span class="insert">client</span>s fail to parse challenges containing unknown</td><td class="lineno" valign="top"></td></tr> |
|---|
| 284 | <tr><td class="lineno" valign="top"></td><td class="left"> schemes. A workaround for this problem is to list well-supported</td><td> </td><td class="right"> schemes. A workaround for this problem is to list well-supported</td><td class="lineno" valign="top"></td></tr> |
|---|
| 285 | <tr><td class="lineno" valign="top"></td><td class="left"> schemes (such as "basic") first.</td><td> </td><td class="right"> schemes (such as "basic") first.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 286 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 287 | <tr><td class="lineno" valign="top"></td><td class="left"> A user agent that wishes to authenticate itself with an origin server</td><td> </td><td class="right"> A user agent that wishes to authenticate itself with an origin server</td><td class="lineno" valign="top"></td></tr> |
|---|
| 288 | <tr><td class="lineno" valign="top"></td><td class="left"> -- usually, but not necessarily, after receiving a 401 (Unauthorized)</td><td> </td><td class="right"> -- usually, but not necessarily, after receiving a 401 (Unauthorized)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 289 | <tr><td><a name="diff0020" /></td></tr> |
|---|
| 290 | <tr><td class="lineno" valign="top"></td><td class="lblock"> -- <span class="delete">MAY</span> do so by including an Authorization header field with the</td><td> </td><td class="rblock"> -- <span class="insert">can</span> do so by including an Authorization header field with the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 291 | <tr><td class="lineno" valign="top"></td><td class="left"> request.</td><td> </td><td class="right"> request.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 292 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 293 | <tr><td class="lineno" valign="top"></td><td class="left"> A client that wishes to authenticate itself with a proxy -- usually,</td><td> </td><td class="right"> A client that wishes to authenticate itself with a proxy -- usually,</td><td class="lineno" valign="top"></td></tr> |
|---|
| 294 | <tr><td class="lineno" valign="top"></td><td class="left"> but not necessarily, after receiving a 407 (Proxy Authentication</td><td> </td><td class="right"> but not necessarily, after receiving a 407 (Proxy Authentication</td><td class="lineno" valign="top"></td></tr> |
|---|
| 295 | <tr><td><a name="diff0021" /></td></tr> |
|---|
| 296 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Required) -- <span class="delete">MAY</span> do so by including a Proxy-Authorization header</td><td> </td><td class="rblock"> Required) -- <span class="insert">can</span> do so by including a Proxy-Authorization header</td><td class="lineno" valign="top"></td></tr> |
|---|
| 297 | <tr><td class="lineno" valign="top"></td><td class="left"> field with the request.</td><td> </td><td class="right"> field with the request.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 298 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 299 | <tr><td class="lineno" valign="top"></td><td class="left"> Both the Authorization field value and the Proxy-Authorization field</td><td> </td><td class="right"> Both the Authorization field value and the Proxy-Authorization field</td><td class="lineno" valign="top"></td></tr> |
|---|
| 300 | <tr><td><a name="diff0022" /></td></tr> |
|---|
| 301 | <tr><td class="lineno" valign="top"></td><td class="lblock"> value <span class="delete">consist of credentials containing</span> the <span class="delete">authentication</span></td><td> </td><td class="rblock"> value <span class="insert">contain</span> the <span class="insert">client's credentials</span> for the realm of the resource</td><td class="lineno" valign="top"></td></tr> |
|---|
| 302 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> information of the client</span> for the realm of the resource being</td><td> </td><td class="rblock"> being <span class="insert">requested, based upon a challenge received from the server</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 303 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">requested. The</span> user agent <span class="delete">MUST choose</span> to <span class="delete">use one of</span> the <span class="delete">challenges</span></td><td> </td><td class="rblock"><span class="insert"> (possibly at some point in the past). When creating their values,</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 304 | <tr><td class="lineno" valign="top"></td><td class="lblock"> with the <span class="delete">strongest</span> auth-scheme it <span class="delete">understands and request</span> credentials</td><td> </td><td class="rblock"><span class="insert"> the</span> user agent <span class="insert">ought</span> to <span class="insert">do so by selecting</span> the <span class="insert">challenge</span> with <span class="insert">what it</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 305 | <tr><td class="lineno" valign="top"></td><td class="lblock"> from the user <span class="delete">based upon that challenge.</span></td><td> </td><td class="rblock"><span class="insert"> considers to be</span> the <span class="insert">most secure</span> auth-scheme <span class="insert">that</span> it <span class="insert">understands,</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 306 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> obtaining</span> credentials from the user <span class="insert">as appropriate.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 307 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 308 | <tr><td class="lineno" valign="top"></td><td class="left"> credentials = auth-scheme [ 1*SP ( b64token / #auth-param ) ]</td><td> </td><td class="right"> credentials = auth-scheme [ 1*SP ( b64token / #auth-param ) ]</td><td class="lineno" valign="top"></td></tr> |
|---|
| 309 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 310 | <tr><td><a name="diff0023" /></td></tr> |
|---|
| 311 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">If</span> the origin server <span class="delete">does not wish to accept the credentials sent</span></td><td> </td><td class="rblock"> <span class="insert">Upon a request for a protected resource that omits credentials,</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 312 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> with a request, it</span> SHOULD return a 401 (Unauthorized) response. <span class="delete">The</span></td><td> </td><td class="rblock"><span class="insert"> contains invalid credentials (e.g., a bad password) or partial</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 313 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> response</span> MUST include a WWW-Authenticate header field containing at</td><td> </td><td class="rblock"><span class="insert"> credentials (e.g., when</span> the <span class="insert">authentication scheme requires more than</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 314 | <tr><td class="lineno" valign="top"></td><td class="lblock"> least one (possibly new) challenge applicable to the requested</td><td> </td><td class="rblock"><span class="insert"> one round trip), an</span> origin server SHOULD return a 401 (Unauthorized)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 315 | <tr><td class="lineno" valign="top"></td><td class="lblock"> resource.</td><td> </td><td class="rblock"> response. <span class="insert">Such responses</span> MUST include a WWW-Authenticate header</td><td class="lineno" valign="top"></td></tr> |
|---|
| 316 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> field containing at least one (possibly new) challenge applicable to</td><td class="lineno" valign="top"></td></tr> |
|---|
| 317 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> the requested resource.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 318 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 319 | <tr><td><a name="diff0024" /></td></tr> |
|---|
| 320 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">If</span> a <span class="delete">proxy does not accept the</span> credentials <span class="delete">sent with</span> a <span class="delete">request, it</span></td><td> </td><td class="rblock"> <span class="insert">Likewise, upon</span> a <span class="insert">request that requires authentication by proxies that</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 321 | <tr><td class="lineno" valign="top"></td><td class="lblock"> SHOULD return a 407 (Proxy Authentication <span class="delete">Required). The response</span></td><td> </td><td class="rblock"><span class="insert"> omit</span> credentials <span class="insert">or contain invalid or partial credentials,</span> a <span class="insert">proxy</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 322 | <tr><td class="lineno" valign="top"></td><td class="lblock"> MUST include a Proxy-Authenticate header field containing a (possibly</td><td> </td><td class="rblock"> SHOULD return a 407 (Proxy Authentication <span class="insert">Required) response. Such</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 323 | <tr><td class="lineno" valign="top"></td><td class="lblock"> new) challenge applicable to the <span class="delete">proxy for</span> the <span class="delete">requested resource.</span></td><td> </td><td class="rblock"><span class="insert"> responses</span> MUST include a Proxy-Authenticate header field containing a</td><td class="lineno" valign="top"></td></tr> |
|---|
| 324 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> (possibly new) challenge applicable to the <span class="insert">proxy.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 325 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 326 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> A server receiving credentials that are valid, but not adequate to</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 327 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> gain access, ought to respond with</span> the <span class="insert">403 (Forbidden) status code</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 328 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> (Section 4.6.3 of [Part2]).</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 329 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 330 | <tr><td class="lineno" valign="top"></td><td class="left"> The HTTP protocol does not restrict applications to this simple</td><td> </td><td class="right"> The HTTP protocol does not restrict applications to this simple</td><td class="lineno" valign="top"></td></tr> |
|---|
| 331 | <tr><td class="lineno" valign="top"></td><td class="left"> challenge-response mechanism for access authentication. Additional</td><td> </td><td class="right"> challenge-response mechanism for access authentication. Additional</td><td class="lineno" valign="top"></td></tr> |
|---|
| 332 | <tr><td class="lineno" valign="top"></td><td class="left"> mechanisms MAY be used, such as encryption at the transport level or</td><td> </td><td class="right"> mechanisms MAY be used, such as encryption at the transport level or</td><td class="lineno" valign="top"></td></tr> |
|---|
| 333 | <tr><td class="lineno" valign="top"></td><td class="left"> via message encapsulation, and with additional header fields</td><td> </td><td class="right"> via message encapsulation, and with additional header fields</td><td class="lineno" valign="top"></td></tr> |
|---|
| 334 | <tr><td class="lineno" valign="top"></td><td class="left"> specifying authentication information. However, such additional</td><td> </td><td class="right"> specifying authentication information. However, such additional</td><td class="lineno" valign="top"></td></tr> |
|---|
| 335 | <tr><td class="lineno" valign="top"></td><td class="left"> mechanisms are not defined by this specification.</td><td> </td><td class="right"> mechanisms are not defined by this specification.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 336 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 337 | <tr><td><a name="diff0025" /></td></tr> |
|---|
| 338 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Proxies MUST forward the WWW-Authenticate and Authorization <span class="delete">headers</span></td><td> </td><td class="rblock"> Proxies MUST forward the WWW-Authenticate and Authorization <span class="insert">header</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 339 | <tr><td class="lineno" valign="top"></td><td class="lblock"> unmodified and follow the rules found in Section 4.1.</td><td> </td><td class="rblock"><span class="insert"> fields</span> unmodified and follow the rules found in Section 4.1.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 340 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 341 | <tr><td class="lineno" valign="top"></td><td class="left">2.2. Protection Space (Realm)</td><td> </td><td class="right">2.2. Protection Space (Realm)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 342 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 343 | <tr><td class="lineno" valign="top"></td><td class="left"> The authentication parameter realm is reserved for use by</td><td> </td><td class="right"> The authentication parameter realm is reserved for use by</td><td class="lineno" valign="top"></td></tr> |
|---|
| 344 | <tr><td class="lineno" valign="top"></td><td class="left"> authentication schemes that wish to indicate the scope of protection.</td><td> </td><td class="right"> authentication schemes that wish to indicate the scope of protection.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 345 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 346 | <tr><td class="lineno" valign="top"></td><td class="left"> A protection space is defined by the canonical root URI (the scheme</td><td> </td><td class="right"> A protection space is defined by the canonical root URI (the scheme</td><td class="lineno" valign="top"></td></tr> |
|---|
| 347 | <tr><td class="lineno" valign="top"></td><td class="left"> and authority components of the effective request URI; see Section</td><td> </td><td class="right"> and authority components of the effective request URI; see Section</td><td class="lineno" valign="top"></td></tr> |
|---|
| 348 | <tr><td class="lineno" valign="top"></td><td class="left"> 5.5 of [Part1]) of the server being accessed, in combination with the</td><td> </td><td class="right"> 5.5 of [Part1]) of the server being accessed, in combination with the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 349 | <tr><td class="lineno" valign="top"></td><td class="left"> realm value if present. These realms allow the protected resources</td><td> </td><td class="right"> realm value if present. These realms allow the protected resources</td><td class="lineno" valign="top"></td></tr> |
|---|
| 350 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 351 | <tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 8, line 31</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 8, line 36</em></th><td></td></tr> |
|---|
| 352 | <tr><td class="lineno" valign="top"></td><td class="left"> There are certain aspects of the HTTP Authentication Framework that</td><td> </td><td class="right"> There are certain aspects of the HTTP Authentication Framework that</td><td class="lineno" valign="top"></td></tr> |
|---|
| 353 | <tr><td class="lineno" valign="top"></td><td class="left"> put constraints on how new authentication schemes can work:</td><td> </td><td class="right"> put constraints on how new authentication schemes can work:</td><td class="lineno" valign="top"></td></tr> |
|---|
| 354 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 355 | <tr><td class="lineno" valign="top"></td><td class="left"> o HTTP authentication is presumed to be stateless: all of the</td><td> </td><td class="right"> o HTTP authentication is presumed to be stateless: all of the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 356 | <tr><td class="lineno" valign="top"></td><td class="left"> information necessary to authenticate a request MUST be provided</td><td> </td><td class="right"> information necessary to authenticate a request MUST be provided</td><td class="lineno" valign="top"></td></tr> |
|---|
| 357 | <tr><td class="lineno" valign="top"></td><td class="left"> in the request, rather than be dependent on the server remembering</td><td> </td><td class="right"> in the request, rather than be dependent on the server remembering</td><td class="lineno" valign="top"></td></tr> |
|---|
| 358 | <tr><td class="lineno" valign="top"></td><td class="left"> prior requests. Authentication based on, or bound to, the</td><td> </td><td class="right"> prior requests. Authentication based on, or bound to, the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 359 | <tr><td class="lineno" valign="top"></td><td class="left"> underlying connection is outside the scope of this specification</td><td> </td><td class="right"> underlying connection is outside the scope of this specification</td><td class="lineno" valign="top"></td></tr> |
|---|
| 360 | <tr><td class="lineno" valign="top"></td><td class="left"> and inherently flawed unless steps are taken to ensure that the</td><td> </td><td class="right"> and inherently flawed unless steps are taken to ensure that the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 361 | <tr><td class="lineno" valign="top"></td><td class="left"> connection cannot be used by any party other than the</td><td> </td><td class="right"> connection cannot be used by any party other than the</td><td class="lineno" valign="top"></td></tr> |
|---|
| 362 | <tr><td><a name="diff0026" /></td></tr> |
|---|
| 363 | <tr><td class="lineno" valign="top"></td><td class="lblock"> authenticated user (see Section 2.<span class="delete">3</span> of [Part1]).</td><td> </td><td class="rblock"> authenticated user (see Section 2.<span class="insert">4</span> of [Part1]).</td><td class="lineno" valign="top"></td></tr> |
|---|
| 364 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 365 | <tr><td class="lineno" valign="top"></td><td class="left"> o The authentication parameter "realm" is reserved for defining</td><td> </td><td class="right"> o The authentication parameter "realm" is reserved for defining</td><td class="lineno" valign="top"></td></tr> |
|---|
| 366 | <tr><td class="lineno" valign="top"></td><td class="left"> Protection Spaces as defined in Section 2.2. New schemes MUST NOT</td><td> </td><td class="right"> Protection Spaces as defined in Section 2.2. New schemes MUST NOT</td><td class="lineno" valign="top"></td></tr> |
|---|
| 367 | <tr><td class="lineno" valign="top"></td><td class="left"> use it in a way incompatible with that definition.</td><td> </td><td class="right"> use it in a way incompatible with that definition.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 368 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 369 | <tr><td class="lineno" valign="top"></td><td class="left"> o The "b64token" notation was introduced for compatibility with</td><td> </td><td class="right"> o The "b64token" notation was introduced for compatibility with</td><td class="lineno" valign="top"></td></tr> |
|---|
| 370 | <tr><td class="lineno" valign="top"></td><td class="left"> existing authentication schemes and can only be used once per</td><td> </td><td class="right"> existing authentication schemes and can only be used once per</td><td class="lineno" valign="top"></td></tr> |
|---|
| 371 | <tr><td class="lineno" valign="top"></td><td class="left"> challenge/credentials. New schemes thus ought to use the "auth-</td><td> </td><td class="right"> challenge/credentials. New schemes thus ought to use the "auth-</td><td class="lineno" valign="top"></td></tr> |
|---|
| 372 | <tr><td class="lineno" valign="top"></td><td class="left"> param" syntax instead, because otherwise future extensions will be</td><td> </td><td class="right"> param" syntax instead, because otherwise future extensions will be</td><td class="lineno" valign="top"></td></tr> |
|---|
| 373 | <tr><td class="lineno" valign="top"></td><td class="left"> impossible.</td><td> </td><td class="right"> impossible.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 374 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 375 | <tr><td class="lineno" valign="top"></td><td class="left"> o The parsing of challenges and credentials is defined by this</td><td> </td><td class="right"> o The parsing of challenges and credentials is defined by this</td><td class="lineno" valign="top"></td></tr> |
|---|
| 376 | <tr><td class="lineno" valign="top"></td><td class="left"> specification, and cannot be modified by new authentication</td><td> </td><td class="right"> specification, and cannot be modified by new authentication</td><td class="lineno" valign="top"></td></tr> |
|---|
| 377 | <tr><td class="lineno" valign="top"></td><td class="left"> schemes. When the auth-param syntax is used, all parameters ought</td><td> </td><td class="right"> schemes. When the auth-param syntax is used, all parameters ought</td><td class="lineno" valign="top"></td></tr> |
|---|
| 378 | <tr><td class="lineno" valign="top"></td><td class="left"> to support both token and quoted-string syntax, and syntactical</td><td> </td><td class="right"> to support both token and quoted-string syntax, and syntactical</td><td class="lineno" valign="top"></td></tr> |
|---|
| 379 | <tr><td class="lineno" valign="top"></td><td class="left"> constraints ought to be defined on the field value after parsing</td><td> </td><td class="right"> constraints ought to be defined on the field value after parsing</td><td class="lineno" valign="top"></td></tr> |
|---|
| 380 | <tr><td class="lineno" valign="top"></td><td class="left"> (i.e., quoted-string processing). This is necessary so that</td><td> </td><td class="right"> (i.e., quoted-string processing). This is necessary so that</td><td class="lineno" valign="top"></td></tr> |
|---|
| 381 | <tr><td class="lineno" valign="top"></td><td class="left"> recipients can use a generic parser that applies to all</td><td> </td><td class="right"> recipients can use a generic parser that applies to all</td><td class="lineno" valign="top"></td></tr> |
|---|
| 382 | <tr><td class="lineno" valign="top"></td><td class="left"> authentication schemes.</td><td> </td><td class="right"> authentication schemes.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 383 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 384 | <tr><td><a name="diff0027" /></td></tr> |
|---|
| 385 | <tr><td class="lineno" valign="top"></td><td class="lblock"> Note: <span class="delete">t</span>he fact that the value syntax for the "realm" parameter is</td><td> </td><td class="rblock"> Note: <span class="insert">T</span>he fact that the value syntax for the "realm" parameter is</td><td class="lineno" valign="top"></td></tr> |
|---|
| 386 | <tr><td class="lineno" valign="top"></td><td class="left"> restricted to quoted-string was a bad design choice not to be</td><td> </td><td class="right"> restricted to quoted-string was a bad design choice not to be</td><td class="lineno" valign="top"></td></tr> |
|---|
| 387 | <tr><td class="lineno" valign="top"></td><td class="left"> repeated for new parameters.</td><td> </td><td class="right"> repeated for new parameters.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 388 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 389 | <tr><td class="lineno" valign="top"></td><td class="left"> o Definitions of new schemes ought to define the treatment of</td><td> </td><td class="right"> o Definitions of new schemes ought to define the treatment of</td><td class="lineno" valign="top"></td></tr> |
|---|
| 390 | <tr><td class="lineno" valign="top"></td><td class="left"> unknown extension parameters. In general, a "must-ignore" rule is</td><td> </td><td class="right"> unknown extension parameters. In general, a "must-ignore" rule is</td><td class="lineno" valign="top"></td></tr> |
|---|
| 391 | <tr><td class="lineno" valign="top"></td><td class="left"> preferable over "must-understand", because otherwise it will be</td><td> </td><td class="right"> preferable over "must-understand", because otherwise it will be</td><td class="lineno" valign="top"></td></tr> |
|---|
| 392 | <tr><td class="lineno" valign="top"></td><td class="left"> hard to introduce new parameters in the presence of legacy</td><td> </td><td class="right"> hard to introduce new parameters in the presence of legacy</td><td class="lineno" valign="top"></td></tr> |
|---|
| 393 | <tr><td class="lineno" valign="top"></td><td class="left"> recipients. Furthermore, it's good to describe the policy for</td><td> </td><td class="right"> recipients. Furthermore, it's good to describe the policy for</td><td class="lineno" valign="top"></td></tr> |
|---|
| 394 | <tr><td class="lineno" valign="top"></td><td class="left"> defining new parameters (such as "update the specification", or</td><td> </td><td class="right"> defining new parameters (such as "update the specification", or</td><td class="lineno" valign="top"></td></tr> |
|---|
| 395 | <tr><td class="lineno" valign="top"></td><td class="left"> "use this registry").</td><td> </td><td class="right"> "use this registry").</td><td class="lineno" valign="top"></td></tr> |
|---|
| 396 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 397 | <tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 9, line 25</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 9, line 30</em></th><td></td></tr> |
|---|
| 398 | <tr><td class="lineno" valign="top"></td><td class="left"> o Authentication schemes need to document whether they are usable in</td><td> </td><td class="right"> o Authentication schemes need to document whether they are usable in</td><td class="lineno" valign="top"></td></tr> |
|---|
| 399 | <tr><td class="lineno" valign="top"></td><td class="left"> origin-server authentication (i.e., using WWW-Authenticate),</td><td> </td><td class="right"> origin-server authentication (i.e., using WWW-Authenticate),</td><td class="lineno" valign="top"></td></tr> |
|---|
| 400 | <tr><td class="lineno" valign="top"></td><td class="left"> and/or proxy authentication (i.e., using Proxy-Authenticate).</td><td> </td><td class="right"> and/or proxy authentication (i.e., using Proxy-Authenticate).</td><td class="lineno" valign="top"></td></tr> |
|---|
| 401 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 402 | <tr><td class="lineno" valign="top"></td><td class="left"> o The credentials carried in an Authorization header field are</td><td> </td><td class="right"> o The credentials carried in an Authorization header field are</td><td class="lineno" valign="top"></td></tr> |
|---|
| 403 | <tr><td class="lineno" valign="top"></td><td class="left"> specific to the User Agent, and therefore have the same effect on</td><td> </td><td class="right"> specific to the User Agent, and therefore have the same effect on</td><td class="lineno" valign="top"></td></tr> |
|---|
| 404 | <tr><td class="lineno" valign="top"></td><td class="left"> HTTP caches as the "private" Cache-Control response directive,</td><td> </td><td class="right"> HTTP caches as the "private" Cache-Control response directive,</td><td class="lineno" valign="top"></td></tr> |
|---|
| 405 | <tr><td class="lineno" valign="top"></td><td class="left"> within the scope of the request they appear in.</td><td> </td><td class="right"> within the scope of the request they appear in.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 406 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 407 | <tr><td class="lineno" valign="top"></td><td class="left"> Therefore, new authentication schemes which choose not to carry</td><td> </td><td class="right"> Therefore, new authentication schemes which choose not to carry</td><td class="lineno" valign="top"></td></tr> |
|---|
| 408 | <tr><td><a name="diff0028" /></td></tr> |
|---|
| 409 | <tr><td class="lineno" valign="top"></td><td class="lblock"> credentials in the Authorization header (e.g., using a newly</td><td> </td><td class="rblock"> credentials in the Authorization header <span class="insert">field</span> (e.g., using a newly</td><td class="lineno" valign="top"></td></tr> |
|---|
| 410 | <tr><td class="lineno" valign="top"></td><td class="lblock"> defined <span class="delete">header)</span> will need to explicitly disallow caching, by</td><td> </td><td class="rblock"> defined <span class="insert">header field)</span> will need to explicitly disallow caching, by</td><td class="lineno" valign="top"></td></tr> |
|---|
| 411 | <tr><td class="lineno" valign="top"></td><td class="left"> mandating the use of either Cache-Control request directives</td><td> </td><td class="right"> mandating the use of either Cache-Control request directives</td><td class="lineno" valign="top"></td></tr> |
|---|
| 412 | <tr><td class="lineno" valign="top"></td><td class="left"> (e.g., "no-store") or response directives (e.g., "private").</td><td> </td><td class="right"> (e.g., "no-store") or response directives (e.g., "private").</td><td class="lineno" valign="top"></td></tr> |
|---|
| 413 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 414 | <tr><td class="lineno" valign="top"></td><td class="left">3. Status Code Definitions</td><td> </td><td class="right">3. Status Code Definitions</td><td class="lineno" valign="top"></td></tr> |
|---|
| 415 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 416 | <tr><td class="lineno" valign="top"></td><td class="left">3.1. 401 Unauthorized</td><td> </td><td class="right">3.1. 401 Unauthorized</td><td class="lineno" valign="top"></td></tr> |
|---|
| 417 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 418 | <tr><td class="lineno" valign="top"></td><td class="left"> The request requires user authentication. The response MUST include</td><td> </td><td class="right"> The request requires user authentication. The response MUST include</td><td class="lineno" valign="top"></td></tr> |
|---|
| 419 | <tr><td class="lineno" valign="top"></td><td class="left"> a WWW-Authenticate header field (Section 4.4) containing a challenge</td><td> </td><td class="right"> a WWW-Authenticate header field (Section 4.4) containing a challenge</td><td class="lineno" valign="top"></td></tr> |
|---|
| 420 | <tr><td class="lineno" valign="top"></td><td class="left"> applicable to the target resource. The client MAY repeat the request</td><td> </td><td class="right"> applicable to the target resource. The client MAY repeat the request</td><td class="lineno" valign="top"></td></tr> |
|---|
| 421 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 422 | <tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 11, line 7</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 11, line 12</em></th><td></td></tr> |
|---|
| 423 | <tr><td class="lineno" valign="top"></td><td class="left"> subsequent request. But if the response is stale, all caches</td><td> </td><td class="right"> subsequent request. But if the response is stale, all caches</td><td class="lineno" valign="top"></td></tr> |
|---|
| 424 | <tr><td class="lineno" valign="top"></td><td class="left"> MUST first revalidate it with the origin server, using the header</td><td> </td><td class="right"> MUST first revalidate it with the origin server, using the header</td><td class="lineno" valign="top"></td></tr> |
|---|
| 425 | <tr><td class="lineno" valign="top"></td><td class="left"> fields from the new request to allow the origin server to</td><td> </td><td class="right"> fields from the new request to allow the origin server to</td><td class="lineno" valign="top"></td></tr> |
|---|
| 426 | <tr><td class="lineno" valign="top"></td><td class="left"> authenticate the new request.</td><td> </td><td class="right"> authenticate the new request.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 427 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 428 | <tr><td class="lineno" valign="top"></td><td class="left"> 3. If the response includes the "public" cache-control directive, it</td><td> </td><td class="right"> 3. If the response includes the "public" cache-control directive, it</td><td class="lineno" valign="top"></td></tr> |
|---|
| 429 | <tr><td class="lineno" valign="top"></td><td class="left"> MAY be returned in reply to any subsequent request.</td><td> </td><td class="right"> MAY be returned in reply to any subsequent request.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 430 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 431 | <tr><td class="lineno" valign="top"></td><td class="left">4.2. Proxy-Authenticate</td><td> </td><td class="right">4.2. Proxy-Authenticate</td><td class="lineno" valign="top"></td></tr> |
|---|
| 432 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 433 | <tr><td><a name="diff0029" /></td></tr> |
|---|
| 434 | <tr><td class="lineno" valign="top"></td><td class="lblock"> The "Proxy-Authenticate" header field consists of <span class="delete">a</span> challenge that</td><td> </td><td class="rblock"> The "Proxy-Authenticate" header field consists of <span class="insert">at least one</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 435 | <tr><td class="lineno" valign="top"></td><td class="lblock"> indicates the authentication <span class="delete">scheme</span> and parameters applicable to the</td><td> </td><td class="rblock"> challenge that indicates the authentication <span class="insert">scheme(s)</span> and parameters</td><td class="lineno" valign="top"></td></tr> |
|---|
| 436 | <tr><td class="lineno" valign="top"></td><td class="lblock"> proxy for this effective request URI (Section 5.5 of [Part1]). It</td><td> </td><td class="rblock"> applicable to the proxy for this effective request URI (Section 5.5</td><td class="lineno" valign="top"></td></tr> |
|---|
| 437 | <tr><td class="lineno" valign="top"></td><td class="lblock"> MUST be included as part of a 407 (Proxy Authentication Required)</td><td> </td><td class="rblock"> of [Part1]). It MUST be included as part of a 407 (Proxy</td><td class="lineno" valign="top"></td></tr> |
|---|
| 438 | <tr><td class="lineno" valign="top"></td><td class="lblock"> response.</td><td> </td><td class="rblock"> Authentication Required) response.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 439 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 440 | <tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate = 1#challenge</td><td> </td><td class="right"> Proxy-Authenticate = 1#challenge</td><td class="lineno" valign="top"></td></tr> |
|---|
| 441 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 442 | <tr><td class="lineno" valign="top"></td><td class="left"> Unlike WWW-Authenticate, the Proxy-Authenticate header field applies</td><td> </td><td class="right"> Unlike WWW-Authenticate, the Proxy-Authenticate header field applies</td><td class="lineno" valign="top"></td></tr> |
|---|
| 443 | <tr><td><a name="diff0030" /></td></tr> |
|---|
| 444 | <tr><td class="lineno" valign="top"></td><td class="lblock"> only to the current <span class="delete">connection</span> and SHOULD NOT <span class="delete">be passed on</span> to</td><td> </td><td class="rblock"> only to the current <span class="insert">connection,</span> and <span class="insert">intermediaries</span> SHOULD NOT <span class="insert">forward</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 445 | <tr><td class="lineno" valign="top"></td><td class="lblock"> downstream clients. However, an intermediate proxy might need to</td><td> </td><td class="rblock"><span class="insert"> it</span> to downstream clients. However, an intermediate proxy might need</td><td class="lineno" valign="top"></td></tr> |
|---|
| 446 | <tr><td class="lineno" valign="top"></td><td class="lblock"> obtain its own credentials by requesting them from the downstream</td><td> </td><td class="rblock"> to obtain its own credentials by requesting them from the downstream</td><td class="lineno" valign="top"></td></tr> |
|---|
| 447 | <tr><td class="lineno" valign="top"></td><td class="left"> client, which in some circumstances will appear as if the proxy is</td><td> </td><td class="right"> client, which in some circumstances will appear as if the proxy is</td><td class="lineno" valign="top"></td></tr> |
|---|
| 448 | <tr><td class="lineno" valign="top"></td><td class="left"> forwarding the Proxy-Authenticate header field.</td><td> </td><td class="right"> forwarding the Proxy-Authenticate header field.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 449 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 450 | <tr><td class="lineno" valign="top"></td><td class="left"> Note that the parsing considerations for WWW-Authenticate apply to</td><td> </td><td class="right"> Note that the parsing considerations for WWW-Authenticate apply to</td><td class="lineno" valign="top"></td></tr> |
|---|
| 451 | <tr><td class="lineno" valign="top"></td><td class="left"> this header field as well; see Section 4.4 for details.</td><td> </td><td class="right"> this header field as well; see Section 4.4 for details.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 452 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 453 | <tr><td class="lineno" valign="top"></td><td class="left">4.3. Proxy-Authorization</td><td> </td><td class="right">4.3. Proxy-Authorization</td><td class="lineno" valign="top"></td></tr> |
|---|
| 454 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 455 | <tr><td class="lineno" valign="top"></td><td class="left"> The "Proxy-Authorization" header field allows the client to identify</td><td> </td><td class="right"> The "Proxy-Authorization" header field allows the client to identify</td><td class="lineno" valign="top"></td></tr> |
|---|
| 456 | <tr><td class="lineno" valign="top"></td><td class="left"> itself (or its user) to a proxy which requires authentication. Its</td><td> </td><td class="right"> itself (or its user) to a proxy which requires authentication. Its</td><td class="lineno" valign="top"></td></tr> |
|---|
| 457 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 458 | <tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 12, line 32</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 12, line 42</em></th><td></td></tr> |
|---|
| 459 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 460 | <tr><td class="lineno" valign="top"></td><td class="left"> Note: The challenge grammar production uses the list syntax as</td><td> </td><td class="right"> Note: The challenge grammar production uses the list syntax as</td><td class="lineno" valign="top"></td></tr> |
|---|
| 461 | <tr><td class="lineno" valign="top"></td><td class="left"> well. Therefore, a sequence of comma, whitespace, and comma can</td><td> </td><td class="right"> well. Therefore, a sequence of comma, whitespace, and comma can</td><td class="lineno" valign="top"></td></tr> |
|---|
| 462 | <tr><td class="lineno" valign="top"></td><td class="left"> be considered both as applying to the preceding challenge, or to</td><td> </td><td class="right"> be considered both as applying to the preceding challenge, or to</td><td class="lineno" valign="top"></td></tr> |
|---|
| 463 | <tr><td class="lineno" valign="top"></td><td class="left"> be an empty entry in the list of challenges. In practice, this</td><td> </td><td class="right"> be an empty entry in the list of challenges. In practice, this</td><td class="lineno" valign="top"></td></tr> |
|---|
| 464 | <tr><td class="lineno" valign="top"></td><td class="left"> ambiguity does not affect the semantics of the header field value</td><td> </td><td class="right"> ambiguity does not affect the semantics of the header field value</td><td class="lineno" valign="top"></td></tr> |
|---|
| 465 | <tr><td class="lineno" valign="top"></td><td class="left"> and thus is harmless.</td><td> </td><td class="right"> and thus is harmless.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 466 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 467 | <tr><td class="lineno" valign="top"></td><td class="left">5. IANA Considerations</td><td> </td><td class="right">5. IANA Considerations</td><td class="lineno" valign="top"></td></tr> |
|---|
| 468 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 469 | <tr><td><a name="diff0031" /></td></tr> |
|---|
| 470 | <tr><td class="lineno" valign="top"></td><td class="lblock">5.1. Authenticaton Scheme Registry</td><td> </td><td class="rblock">5.1. Authenticat<span class="insert">i</span>on Scheme Registry</td><td class="lineno" valign="top"></td></tr> |
|---|
| 471 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 472 | <tr><td class="lineno" valign="top"></td><td class="left"> The registration procedure for HTTP Authentication Schemes is defined</td><td> </td><td class="right"> The registration procedure for HTTP Authentication Schemes is defined</td><td class="lineno" valign="top"></td></tr> |
|---|
| 473 | <tr><td class="lineno" valign="top"></td><td class="left"> by Section 2.3 of this document.</td><td> </td><td class="right"> by Section 2.3 of this document.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 474 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 475 | <tr><td class="lineno" valign="top"></td><td class="left"> The HTTP Method Authentication Scheme shall be created at</td><td> </td><td class="right"> The HTTP Method Authentication Scheme shall be created at</td><td class="lineno" valign="top"></td></tr> |
|---|
| 476 | <tr><td class="lineno" valign="top"></td><td class="left"> <http://www.iana.org/assignments/http-authschemes>.</td><td> </td><td class="right"> <http://www.iana.org/assignments/http-authschemes>.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 477 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 478 | <tr><td class="lineno" valign="top"></td><td class="left">5.2. Status Code Registration</td><td> </td><td class="right">5.2. Status Code Registration</td><td class="lineno" valign="top"></td></tr> |
|---|
| 479 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 480 | <tr><td class="lineno" valign="top"></td><td class="left"> The HTTP Status Code Registry located at</td><td> </td><td class="right"> The HTTP Status Code Registry located at</td><td class="lineno" valign="top"></td></tr> |
|---|
| 481 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 482 | <tr bgcolor="gray" ><td></td><th><a name="part-l8" /><small>skipping to change at</small><em> page 14, line 8</em></th><th> </th><th><a name="part-r8" /><small>skipping to change at</small><em> page 14, line 22</em></th><td></td></tr> |
|---|
| 483 | <tr><td class="lineno" valign="top"></td><td class="left"> for the client to retain the credentials.</td><td> </td><td class="right"> for the client to retain the credentials.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 484 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 485 | <tr><td class="lineno" valign="top"></td><td class="left"> This is currently under separate study. There are a number of work-</td><td> </td><td class="right"> This is currently under separate study. There are a number of work-</td><td class="lineno" valign="top"></td></tr> |
|---|
| 486 | <tr><td class="lineno" valign="top"></td><td class="left"> arounds to parts of this problem, and we encourage the use of</td><td> </td><td class="right"> arounds to parts of this problem, and we encourage the use of</td><td class="lineno" valign="top"></td></tr> |
|---|
| 487 | <tr><td class="lineno" valign="top"></td><td class="left"> password protection in screen savers, idle time-outs, and other</td><td> </td><td class="right"> password protection in screen savers, idle time-outs, and other</td><td class="lineno" valign="top"></td></tr> |
|---|
| 488 | <tr><td class="lineno" valign="top"></td><td class="left"> methods which mitigate the security problems inherent in this</td><td> </td><td class="right"> methods which mitigate the security problems inherent in this</td><td class="lineno" valign="top"></td></tr> |
|---|
| 489 | <tr><td class="lineno" valign="top"></td><td class="left"> problem. In particular, user agents which cache credentials are</td><td> </td><td class="right"> problem. In particular, user agents which cache credentials are</td><td class="lineno" valign="top"></td></tr> |
|---|
| 490 | <tr><td class="lineno" valign="top"></td><td class="left"> encouraged to provide a readily accessible mechanism for discarding</td><td> </td><td class="right"> encouraged to provide a readily accessible mechanism for discarding</td><td class="lineno" valign="top"></td></tr> |
|---|
| 491 | <tr><td class="lineno" valign="top"></td><td class="left"> cached credentials under user control.</td><td> </td><td class="right"> cached credentials under user control.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 492 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 493 | <tr><td><a name="diff0032" /></td></tr> |
|---|
| 494 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">6.2. Protection Spaces</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 495 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 496 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Authentication schemes that solely rely on the "realm" mechanism for</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 497 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> establishing a protection space will expose credentials to all</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 498 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> resources on a server. Clients that have successfully made</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 499 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> authenticated requests with a resource can use the same</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 500 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> authentication credentials for other resources on the same server.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 501 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> This makes it possible for a different resource to harvest</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 502 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> authentication credentials for other resources.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 503 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 504 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> This is of particular concern when a server hosts resources for</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 505 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> multiple parties under the same canonical root URI (Section 2.2).</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 506 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Possible mitigation strategies include restricting direct access to</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 507 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> authentication credentials (i.e., not making the content of the</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 508 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Authorization request header field available), and separating</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 509 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> protection spaces by using a different host name for each party.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 510 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr> |
|---|
| 511 | <tr><td class="lineno" valign="top"></td><td class="left">7. Acknowledgments</td><td> </td><td class="right">7. Acknowledgments</td><td class="lineno" valign="top"></td></tr> |
|---|
| 512 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 513 | <tr><td class="lineno" valign="top"></td><td class="left"> This specification takes over the definition of the HTTP</td><td> </td><td class="right"> This specification takes over the definition of the HTTP</td><td class="lineno" valign="top"></td></tr> |
|---|
| 514 | <tr><td class="lineno" valign="top"></td><td class="left"> Authentication Framework, previously defined in RFC 2617. We thank</td><td> </td><td class="right"> Authentication Framework, previously defined in RFC 2617. We thank</td><td class="lineno" valign="top"></td></tr> |
|---|
| 515 | <tr><td class="lineno" valign="top"></td><td class="left"> John Franks, Phillip M. Hallam-Baker, Jeffery L. Hostetler, Scott D.</td><td> </td><td class="right"> John Franks, Phillip M. Hallam-Baker, Jeffery L. Hostetler, Scott D.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 516 | <tr><td class="lineno" valign="top"></td><td class="left"> Lawrence, Paul J. Leach, Ari Luotonen, and Lawrence C. Stewart for</td><td> </td><td class="right"> Lawrence, Paul J. Leach, Ari Luotonen, and Lawrence C. Stewart for</td><td class="lineno" valign="top"></td></tr> |
|---|
| 517 | <tr><td class="lineno" valign="top"></td><td class="left"> their work on that specification. See Section 6 of [RFC2617] for</td><td> </td><td class="right"> their work on that specification. See Section 6 of [RFC2617] for</td><td class="lineno" valign="top"></td></tr> |
|---|
| 518 | <tr><td class="lineno" valign="top"></td><td class="left"> further acknowledgements.</td><td> </td><td class="right"> further acknowledgements.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 519 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 520 | <tr><td class="lineno" valign="top"></td><td class="left"> See Section 9 of [Part1] for the Acknowledgments related to this</td><td> </td><td class="right"> See Section 9 of [Part1] for the Acknowledgments related to this</td><td class="lineno" valign="top"></td></tr> |
|---|
| 521 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 522 | <tr bgcolor="gray" ><td></td><th><a name="part-l9" /><small>skipping to change at</small><em> page 14, line 21</em></th><th> </th><th><a name="part-r9" /><small>skipping to change at</small><em> page 15, line 4</em></th><td></td></tr> |
|---|
| 523 | <tr><td class="lineno" valign="top"></td><td class="left"> Authentication Framework, previously defined in RFC 2617. We thank</td><td> </td><td class="right"> Authentication Framework, previously defined in RFC 2617. We thank</td><td class="lineno" valign="top"></td></tr> |
|---|
| 524 | <tr><td class="lineno" valign="top"></td><td class="left"> John Franks, Phillip M. Hallam-Baker, Jeffery L. Hostetler, Scott D.</td><td> </td><td class="right"> John Franks, Phillip M. Hallam-Baker, Jeffery L. Hostetler, Scott D.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 525 | <tr><td class="lineno" valign="top"></td><td class="left"> Lawrence, Paul J. Leach, Ari Luotonen, and Lawrence C. Stewart for</td><td> </td><td class="right"> Lawrence, Paul J. Leach, Ari Luotonen, and Lawrence C. Stewart for</td><td class="lineno" valign="top"></td></tr> |
|---|
| 526 | <tr><td class="lineno" valign="top"></td><td class="left"> their work on that specification. See Section 6 of [RFC2617] for</td><td> </td><td class="right"> their work on that specification. See Section 6 of [RFC2617] for</td><td class="lineno" valign="top"></td></tr> |
|---|
| 527 | <tr><td class="lineno" valign="top"></td><td class="left"> further acknowledgements.</td><td> </td><td class="right"> further acknowledgements.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 528 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 529 | <tr><td class="lineno" valign="top"></td><td class="left"> See Section 9 of [Part1] for the Acknowledgments related to this</td><td> </td><td class="right"> See Section 9 of [Part1] for the Acknowledgments related to this</td><td class="lineno" valign="top"></td></tr> |
|---|
| 530 | <tr><td class="lineno" valign="top"></td><td class="left"> document revision.</td><td> </td><td class="right"> document revision.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 531 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 532 | <tr><td class="lineno" valign="top"></td><td class="left">8. References</td><td> </td><td class="right">8. References</td><td class="lineno" valign="top"></td></tr> |
|---|
| 533 | <tr><td><a name="diff0033" /></td></tr> |
|---|
| 534 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> </span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 535 | <tr><td class="lineno" valign="top"></td><td class="left">8.1. Normative References</td><td> </td><td class="right">8.1. Normative References</td><td class="lineno" valign="top"></td></tr> |
|---|
| 536 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 537 | <tr><td class="lineno" valign="top"></td><td class="left"> [Part1] Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,</td><td> </td><td class="right"> [Part1] Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,</td><td class="lineno" valign="top"></td></tr> |
|---|
| 538 | <tr><td><a name="diff0034" /></td></tr> |
|---|
| 539 | <tr><td class="lineno" valign="top"></td><td class="lblock"> "HTTP/1.1, part 1: <span class="delete">URIs, Connections, and</span> Message</td><td> </td><td class="rblock"> "HTTP/1.1, part 1: Message <span class="insert">Routing and Syntax"",</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 540 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">Parsing", draft-ietf-httpbis-p1-messaging-19</span> (work in</td><td> </td><td class="rblock"><span class="insert"> draft-ietf-httpbis-p1-messaging-20 (work in progress),</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 541 | <tr><td class="lineno" valign="top"></td><td class="lblock"> progress), <span class="delete">March</span> 2012.</td><td> </td><td class="rblock"><span class="insert"> July 2012.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 542 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 543 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> [Part2] Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 544 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> "HTTP/1.1, part 2: Semantics and Payloads",</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 545 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> draft-ietf-httpbis-p2-semantics-20</span> (work in progress),</td><td class="lineno" valign="top"></td></tr> |
|---|
| 546 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">July</span> 2012.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 547 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 548 | <tr><td class="lineno" valign="top"></td><td class="left"> [Part6] Fielding, R., Ed., Lafon, Y., Ed., Nottingham, M., Ed.,</td><td> </td><td class="right"> [Part6] Fielding, R., Ed., Lafon, Y., Ed., Nottingham, M., Ed.,</td><td class="lineno" valign="top"></td></tr> |
|---|
| 549 | <tr><td class="lineno" valign="top"></td><td class="left"> and J. Reschke, Ed., "HTTP/1.1, part 6: Caching",</td><td> </td><td class="right"> and J. Reschke, Ed., "HTTP/1.1, part 6: Caching",</td><td class="lineno" valign="top"></td></tr> |
|---|
| 550 | <tr><td><a name="diff0035" /></td></tr> |
|---|
| 551 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">draft-ietf-httpbis-p6-cache-19</span> (work in progress),</td><td> </td><td class="rblock"> <span class="insert">draft-ietf-httpbis-p6-cache-20</span> (work in progress),</td><td class="lineno" valign="top"></td></tr> |
|---|
| 552 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">March</span> 2012.</td><td> </td><td class="rblock"> <span class="insert">July</span> 2012.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 553 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 554 | <tr><td class="lineno" valign="top"></td><td class="left"> [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate</td><td> </td><td class="right"> [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate</td><td class="lineno" valign="top"></td></tr> |
|---|
| 555 | <tr><td class="lineno" valign="top"></td><td class="left"> Requirement Levels", BCP 14, RFC 2119, March 1997.</td><td> </td><td class="right"> Requirement Levels", BCP 14, RFC 2119, March 1997.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 556 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 557 | <tr><td class="lineno" valign="top"></td><td class="left"> [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax</td><td> </td><td class="right"> [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax</td><td class="lineno" valign="top"></td></tr> |
|---|
| 558 | <tr><td class="lineno" valign="top"></td><td class="left"> Specifications: ABNF", STD 68, RFC 5234, January 2008.</td><td> </td><td class="right"> Specifications: ABNF", STD 68, RFC 5234, January 2008.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 559 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 560 | <tr><td class="lineno" valign="top"></td><td class="left">8.2. Informative References</td><td> </td><td class="right">8.2. Informative References</td><td class="lineno" valign="top"></td></tr> |
|---|
| 561 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 562 | <tr><td class="lineno" valign="top"></td><td class="left"> [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,</td><td> </td><td class="right"> [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,</td><td class="lineno" valign="top"></td></tr> |
|---|
| 563 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 564 | <tr bgcolor="gray" ><td></td><th><a name="part-l10" /><small>skipping to change at</small><em> page 15, line 28</em></th><th> </th><th><a name="part-r10" /><small>skipping to change at</small><em> page 16, line 15</em></th><td></td></tr> |
|---|
| 565 | <tr><td class="lineno" valign="top"></td><td class="left">Appendix A. Changes from RFCs 2616 and 2617</td><td> </td><td class="right">Appendix A. Changes from RFCs 2616 and 2617</td><td class="lineno" valign="top"></td></tr> |
|---|
| 566 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 567 | <tr><td class="lineno" valign="top"></td><td class="left"> The "realm" parameter isn't required anymore in general;</td><td> </td><td class="right"> The "realm" parameter isn't required anymore in general;</td><td class="lineno" valign="top"></td></tr> |
|---|
| 568 | <tr><td class="lineno" valign="top"></td><td class="left"> consequently, the ABNF allows challenges without any auth parameters.</td><td> </td><td class="right"> consequently, the ABNF allows challenges without any auth parameters.</td><td class="lineno" valign="top"></td></tr> |
|---|
| 569 | <tr><td class="lineno" valign="top"></td><td class="left"> (Section 2)</td><td> </td><td class="right"> (Section 2)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 570 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 571 | <tr><td class="lineno" valign="top"></td><td class="left"> The "b64token" alternative to auth-param lists has been added for</td><td> </td><td class="right"> The "b64token" alternative to auth-param lists has been added for</td><td class="lineno" valign="top"></td></tr> |
|---|
| 572 | <tr><td class="lineno" valign="top"></td><td class="left"> consistency with legacy authentication schemes such as "Basic".</td><td> </td><td class="right"> consistency with legacy authentication schemes such as "Basic".</td><td class="lineno" valign="top"></td></tr> |
|---|
| 573 | <tr><td class="lineno" valign="top"></td><td class="left"> (Section 2)</td><td> </td><td class="right"> (Section 2)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 574 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 575 | <tr><td><a name="diff0036" /></td></tr> |
|---|
| 576 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">Introduce Authentication Scheme Registry. (Section 2.3)</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 577 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr> |
|---|
| 578 | <tr><td class="lineno" valign="top"></td><td class="left"> Change ABNF productions for header fields to only define the field</td><td> </td><td class="right"> Change ABNF productions for header fields to only define the field</td><td class="lineno" valign="top"></td></tr> |
|---|
| 579 | <tr><td class="lineno" valign="top"></td><td class="left"> value. (Section 4)</td><td> </td><td class="right"> value. (Section 4)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 580 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 581 | <tr><td><a name="diff0037" /></td></tr> |
|---|
| 582 | <tr><td class="lineno" valign="top"></td><td class="lblock">Appendix B. Collected ABNF</td><td> </td><td class="rblock">Appendix B. <span class="insert">Imported ABNF</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 583 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 584 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> The following core rules are included by reference, as defined in</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 585 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Appendix B.1 of [RFC5234]: ALPHA (letters), CR (carriage return),</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 586 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> CRLF (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 587 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> quote), HEXDIG (hexadecimal 0-9/A-F/a-f), LF (line feed), OCTET (any</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 588 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> 8-bit sequence of data), SP (space), and VCHAR (any visible US-ASCII</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 589 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> character).</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 590 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 591 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> The rules below are defined in [Part1]:</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 592 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 593 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> BWS = <BWS, defined in [Part1], Section 3.2.1></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 594 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> OWS = <OWS, defined in [Part1], Section 3.2.1></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 595 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> quoted-string = <quoted-string, defined in [Part1], Section 3.2.4></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 596 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> token = <token, defined in [Part1], Section 3.2.4></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 597 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 598 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">Appendix C.</span> Collected ABNF</td><td class="lineno" valign="top"></td></tr> |
|---|
| 599 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 600 | <tr><td class="lineno" valign="top"></td><td class="left"> Authorization = credentials</td><td> </td><td class="right"> Authorization = credentials</td><td class="lineno" valign="top"></td></tr> |
|---|
| 601 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 602 | <tr><td class="lineno" valign="top"></td><td class="left"> BWS = <BWS, defined in [Part1], Section 3.2.1></td><td> </td><td class="right"> BWS = <BWS, defined in [Part1], Section 3.2.1></td><td class="lineno" valign="top"></td></tr> |
|---|
| 603 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 604 | <tr><td class="lineno" valign="top"></td><td class="left"> OWS = <OWS, defined in [Part1], Section 3.2.1></td><td> </td><td class="right"> OWS = <OWS, defined in [Part1], Section 3.2.1></td><td class="lineno" valign="top"></td></tr> |
|---|
| 605 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 606 | <tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate = *( "," OWS ) challenge *( OWS "," [ OWS</td><td> </td><td class="right"> Proxy-Authenticate = *( "," OWS ) challenge *( OWS "," [ OWS</td><td class="lineno" valign="top"></td></tr> |
|---|
| 607 | <tr><td class="lineno" valign="top"></td><td class="left"> challenge ] )</td><td> </td><td class="right"> challenge ] )</td><td class="lineno" valign="top"></td></tr> |
|---|
| 608 | <tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization = credentials</td><td> </td><td class="right"> Proxy-Authorization = credentials</td><td class="lineno" valign="top"></td></tr> |
|---|
| 609 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 610 | <tr bgcolor="gray" ><td></td><th><a name="part-l11" /><small>skipping to change at</small><em> page 16, line 35</em></th><th> </th><th><a name="part-r11" /><small>skipping to change at</small><em> page 17, line 35</em></th><td></td></tr> |
|---|
| 611 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 612 | <tr><td class="lineno" valign="top"></td><td class="left"> challenge = auth-scheme [ 1*SP ( b64token / [ ( "," / auth-param ) *(</td><td> </td><td class="right"> challenge = auth-scheme [ 1*SP ( b64token / [ ( "," / auth-param ) *(</td><td class="lineno" valign="top"></td></tr> |
|---|
| 613 | <tr><td class="lineno" valign="top"></td><td class="left"> OWS "," [ OWS auth-param ] ) ] ) ]</td><td> </td><td class="right"> OWS "," [ OWS auth-param ] ) ] ) ]</td><td class="lineno" valign="top"></td></tr> |
|---|
| 614 | <tr><td class="lineno" valign="top"></td><td class="left"> credentials = auth-scheme [ 1*SP ( b64token / [ ( "," / auth-param )</td><td> </td><td class="right"> credentials = auth-scheme [ 1*SP ( b64token / [ ( "," / auth-param )</td><td class="lineno" valign="top"></td></tr> |
|---|
| 615 | <tr><td class="lineno" valign="top"></td><td class="left"> *( OWS "," [ OWS auth-param ] ) ] ) ]</td><td> </td><td class="right"> *( OWS "," [ OWS auth-param ] ) ] ) ]</td><td class="lineno" valign="top"></td></tr> |
|---|
| 616 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 617 | <tr><td class="lineno" valign="top"></td><td class="left"> quoted-string = <quoted-string, defined in [Part1], Section 3.2.4></td><td> </td><td class="right"> quoted-string = <quoted-string, defined in [Part1], Section 3.2.4></td><td class="lineno" valign="top"></td></tr> |
|---|
| 618 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 619 | <tr><td class="lineno" valign="top"></td><td class="left"> token = <token, defined in [Part1], Section 3.2.4></td><td> </td><td class="right"> token = <token, defined in [Part1], Section 3.2.4></td><td class="lineno" valign="top"></td></tr> |
|---|
| 620 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 621 | <tr><td><a name="diff0038" /></td></tr> |
|---|
| 622 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">ABNF diagnostics:</span></td><td> </td><td class="rblock">Appendix <span class="insert">D.</span> Change Log (to be removed by RFC Editor before publication)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 623 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 624 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> ; Authorization defined but not used</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 625 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> ; Proxy-Authenticate defined but not used</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 626 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> ; Proxy-Authorization defined but not used</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 627 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> ; WWW-Authenticate defined but not used</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 628 | <tr><td class="lineno" valign="top"></td><td class="lblock"> </td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 629 | <tr><td class="lineno" valign="top"></td><td class="lblock">Appendix <span class="delete">C.</span> Change Log (to be removed by RFC Editor before publication)</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 630 | <tr><td class="lineno" valign="top"></td><td class="lblock"> </td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 631 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.1. Since RFC 2616</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 632 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 633 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Extracted relevant partitions from [RFC2616].</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 634 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 635 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.2. Since draft-ietf-httpbis-p7-auth-00</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 636 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 637 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Closed issues:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 638 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 639 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/35>: "Normative and</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 640 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Informative references"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 641 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 642 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.3. Since draft-ietf-httpbis-p7-auth-01</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 643 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 644 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Ongoing work on ABNF conversion</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 645 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 646 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 647 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o Explicitly import BNF rules for "challenge" and "credentials" from</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 648 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> RFC2617.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 649 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 650 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o Add explicit references to BNF syntax and rules imported from</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 651 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> other parts of the specification.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 652 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 653 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.4. Since draft-ietf-httpbis-p7-auth-02</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 654 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 655 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Ongoing work on IANA Message Header Field Registration</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 656 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/40>):</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 657 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 658 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o Reference RFC 3984, and update header field registrations for</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 659 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> header fields defined in this document.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 660 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 661 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.5. Since draft-ietf-httpbis-p7-auth-03</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 662 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 663 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> None.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 664 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 665 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.6. Since draft-ietf-httpbis-p7-auth-04</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 666 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 667 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Ongoing work on ABNF conversion</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 668 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 669 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 670 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o Use "/" instead of "|" for alternatives.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 671 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 672 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o Introduce new ABNF rules for "bad" whitespace ("BWS"), optional</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 673 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> whitespace ("OWS") and required whitespace ("RWS").</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 674 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 675 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o Rewrite ABNFs to spell out whitespace rules, factor out header</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 676 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> field value format definitions.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 677 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 678 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.7. Since draft-ietf-httpbis-p7-auth-05</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 679 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 680 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Final work on ABNF conversion</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 681 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 682 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 683 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o Add appendix containing collected and expanded ABNF, reorganize</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 684 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> ABNF introduction.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 685 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 686 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.8. Since draft-ietf-httpbis-p7-auth-06</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 687 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 688 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> None.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 689 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 690 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.9. Since draft-ietf-httpbis-p7-auth-07</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 691 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 692 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Closed issues:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 693 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 694 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/198>: "move IANA</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 695 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> registrations for optional status codes"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 696 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 697 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.10. Since draft-ietf-httpbis-p7-auth-08</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 698 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 699 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> No significant changes.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 700 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 701 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.11. Since draft-ietf-httpbis-p7-auth-09</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 702 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 703 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Partly resolved issues:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 704 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 705 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/196>: "Term for the</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 706 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> requested resource's URI"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 707 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 708 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.12. Since draft-ietf-httpbis-p7-auth-10</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 709 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 710 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> None.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 711 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 712 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.13. Since draft-ietf-httpbis-p7-auth-11</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 713 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 714 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Closed issues:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 715 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 716 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/130>: "introduction</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 717 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> to part 7 is work-in-progress"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 718 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 719 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/195>: "auth-param</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 720 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> syntax"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 721 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 722 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/224>: "Header</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 723 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Classification"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 724 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 725 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/237>: "absorbing the</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 726 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> auth framework from 2617"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 727 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 728 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Partly resolved issues:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 729 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 730 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/141>: "should we</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 731 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> have an auth scheme registry"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 732 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 733 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.14. Since draft-ietf-httpbis-p7-auth-12</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 734 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 735 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> None.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 736 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 737 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.15. Since draft-ietf-httpbis-p7-auth-13</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 738 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 739 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Closed issues:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 740 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 741 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/276>: "untangle</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 742 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> ABNFs for header fields"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 743 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 744 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.16. Since draft-ietf-httpbis-p7-auth-14</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 745 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 746 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> None.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 747 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 748 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.17. Since draft-ietf-httpbis-p7-auth-15</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 749 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 750 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Closed issues:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 751 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 752 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/78>: "Relationship</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 753 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> between 401, Authorization and WWW-Authenticate"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 754 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 755 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/177>: "Realm</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 756 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> required on challenges"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 757 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 758 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/195>: "auth-param</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 759 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> syntax"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 760 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 761 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/257>:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 762 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> "Considerations for new authentications schemes"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 763 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 764 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/287>: "LWS in auth-</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 765 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> param ABNF"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 766 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 767 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/309>: "credentials</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 768 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> ABNF missing SP (still using implied LWS?)"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 769 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 770 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.18. Since draft-ietf-httpbis-p7-auth-16</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 771 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 772 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Closed issues:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 773 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 774 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/186>: "Document</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 775 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> HTTP's error-handling philosophy"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 776 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 777 | <tr><td><a name="diff0039" /></td></tr> |
|---|
| 778 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">o <http://tools.ietf.org/wg/httpbis/trac/ticket/320>: "add advice on</span></td><td> </td><td class="rblock"> <span class="insert">Changes up to the first Working Group Last Call draft are summarized</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 779 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> defining auth scheme parameters"</span></td><td> </td><td class="rblock"><span class="insert"> in <http://trac.tools.ietf.org/html/</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 780 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> draft-ietf-httpbis-p7-auth-19#appendix-C>.</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 781 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 782 | <tr><td><a name="diff0040" /></td></tr> |
|---|
| 783 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.19. Since draft-ietf-httpbis-p7-auth-17</span></td><td> </td><td class="rblock"><span class="insert">D.1. Since draft-ietf-httpbis-p7-auth-19</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 784 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 785 | <tr><td class="lineno" valign="top"></td><td class="left"> Closed issues:</td><td> </td><td class="right"> Closed issues:</td><td class="lineno" valign="top"></td></tr> |
|---|
| 786 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 787 | <tr><td><a name="diff0041" /></td></tr> |
|---|
| 788 | <tr><td class="lineno" valign="top"></td><td class="lblock"> o <span class="delete"><http://tools.ietf.org/wg/httpbis/trac/ticket/314>: "allow</span></td><td> </td><td class="rblock"> o <span class="insert"><http://tools.ietf.org/wg/httpbis/trac/ticket/348>: "Realms and</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 789 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> unquoted realm parameters"</span></td><td> </td><td class="rblock"><span class="insert"> scope"</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 790 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 791 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/321>: "Repeating</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 792 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> auth-params"</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 793 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 794 | <tr><td><a name="diff0042" /></td></tr> |
|---|
| 795 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">C.20. Since draft-ietf-httpbis-p7-auth-18</span></td><td> </td><td class="rblock"><span class="insert"> o <http://tools.ietf.org/wg/httpbis/trac/ticket/349>: "Strength"</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 796 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 797 | <tr><td><a name="diff0043" /></td></tr> |
|---|
| 798 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">Closed issues:</span></td><td> </td><td class="rblock"> <span class="insert">o <http://tools.ietf.org/wg/httpbis/trac/ticket/357>:</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 799 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> "Authentication exchanges"</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 800 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 801 | <tr><td><a name="diff0044" /></td></tr> |
|---|
| 802 | <tr><td class="lineno" valign="top"></td><td class="lblock"> o <span class="delete"><http://tools.ietf.org/wg/httpbis/trac/ticket/334>: "recipient</span></td><td> </td><td class="rblock"> o <span class="insert"><http://tools.ietf.org/wg/httpbis/trac/ticket/361>: "ABNF</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 803 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> behavior</span> for <span class="delete">new auth parameters"</span></td><td> </td><td class="rblock"><span class="insert"> requirements</span> for <span class="insert">recipients"</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 804 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 805 | <tr><td><a name="diff0045" /></td></tr> |
|---|
| 806 | <tr><td class="lineno" valign="top"></td><td class="lblock"> o <span class="delete"><http://tools.ietf.org/wg/httpbis/trac/ticket/342>: "WWW-</span></td><td> </td><td class="rblock"> o <span class="insert"><http://tools.ietf.org/wg/httpbis/trac/ticket/368>: "note</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 807 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Authenticate ABNF slightly ambiguous"</span></td><td> </td><td class="rblock"><span class="insert"> introduction of new IANA registries as normative changes"</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 808 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 809 | <tr><td class="lineno" valign="top"></td><td class="left">Index</td><td> </td><td class="right">Index</td><td class="lineno" valign="top"></td></tr> |
|---|
| 810 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 811 | <tr><td class="lineno" valign="top"></td><td class="left"> 4</td><td> </td><td class="right"> 4</td><td class="lineno" valign="top"></td></tr> |
|---|
| 812 | <tr><td class="lineno" valign="top"></td><td class="left"> 401 Unauthorized (status code) 9</td><td> </td><td class="right"> 401 Unauthorized (status code) 9</td><td class="lineno" valign="top"></td></tr> |
|---|
| 813 | <tr><td><a name="diff0046" /></td></tr> |
|---|
| 814 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 407 Proxy Authentication Required (status code) <span class="delete">9</span></td><td> </td><td class="rblock"> 407 Proxy Authentication Required (status code) <span class="insert">10</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 815 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 816 | <tr><td class="lineno" valign="top"></td><td class="left"> A</td><td> </td><td class="right"> A</td><td class="lineno" valign="top"></td></tr> |
|---|
| 817 | <tr><td class="lineno" valign="top"></td><td class="left"> auth-param 5</td><td> </td><td class="right"> auth-param 5</td><td class="lineno" valign="top"></td></tr> |
|---|
| 818 | <tr><td class="lineno" valign="top"></td><td class="left"> auth-scheme 5</td><td> </td><td class="right"> auth-scheme 5</td><td class="lineno" valign="top"></td></tr> |
|---|
| 819 | <tr><td class="lineno" valign="top"></td><td class="left"> Authorization header field 10</td><td> </td><td class="right"> Authorization header field 10</td><td class="lineno" valign="top"></td></tr> |
|---|
| 820 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 821 | <tr><td class="lineno" valign="top"></td><td class="left"> B</td><td> </td><td class="right"> B</td><td class="lineno" valign="top"></td></tr> |
|---|
| 822 | <tr><td class="lineno" valign="top"></td><td class="left"> b64token 5</td><td> </td><td class="right"> b64token 5</td><td class="lineno" valign="top"></td></tr> |
|---|
| 823 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 824 | <tr><td class="lineno" valign="top"></td><td class="left"> C</td><td> </td><td class="right"> C</td><td class="lineno" valign="top"></td></tr> |
|---|
| 825 | <tr><td><a name="diff0047" /></td></tr> |
|---|
| 826 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Canonical Root URI 7</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 827 | <tr><td class="lineno" valign="top"></td><td class="left"> challenge 6</td><td> </td><td class="right"> challenge 6</td><td class="lineno" valign="top"></td></tr> |
|---|
| 828 | <tr><td class="lineno" valign="top"></td><td class="left"> credentials 6</td><td> </td><td class="right"> credentials 6</td><td class="lineno" valign="top"></td></tr> |
|---|
| 829 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 830 | <tr><td class="lineno" valign="top"></td><td class="left"> G</td><td> </td><td class="right"> G</td><td class="lineno" valign="top"></td></tr> |
|---|
| 831 | <tr><td class="lineno" valign="top"></td><td class="left"> Grammar</td><td> </td><td class="right"> Grammar</td><td class="lineno" valign="top"></td></tr> |
|---|
| 832 | <tr><td class="lineno" valign="top"></td><td class="left"> auth-param 5</td><td> </td><td class="right"> auth-param 5</td><td class="lineno" valign="top"></td></tr> |
|---|
| 833 | <tr><td class="lineno" valign="top"></td><td class="left"> auth-scheme 5</td><td> </td><td class="right"> auth-scheme 5</td><td class="lineno" valign="top"></td></tr> |
|---|
| 834 | <tr><td class="lineno" valign="top"></td><td class="left"> Authorization 10</td><td> </td><td class="right"> Authorization 10</td><td class="lineno" valign="top"></td></tr> |
|---|
| 835 | <tr><td class="lineno" valign="top"></td><td class="left"> b64token 5</td><td> </td><td class="right"> b64token 5</td><td class="lineno" valign="top"></td></tr> |
|---|
| 836 | <tr><td class="lineno" valign="top"></td><td class="left"> challenge 6</td><td> </td><td class="right"> challenge 6</td><td class="lineno" valign="top"></td></tr> |
|---|
| 837 | <tr><td class="lineno" valign="top"></td><td class="left"> credentials 6</td><td> </td><td class="right"> credentials 6</td><td class="lineno" valign="top"></td></tr> |
|---|
| 838 | <tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate 11</td><td> </td><td class="right"> Proxy-Authenticate 11</td><td class="lineno" valign="top"></td></tr> |
|---|
| 839 | <tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization 11</td><td> </td><td class="right"> Proxy-Authorization 11</td><td class="lineno" valign="top"></td></tr> |
|---|
| 840 | <tr><td class="lineno" valign="top"></td><td class="left"> WWW-Authenticate 12</td><td> </td><td class="right"> WWW-Authenticate 12</td><td class="lineno" valign="top"></td></tr> |
|---|
| 841 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 842 | <tr><td class="lineno" valign="top"></td><td class="left"> H</td><td> </td><td class="right"> H</td><td class="lineno" valign="top"></td></tr> |
|---|
| 843 | <tr><td class="lineno" valign="top"></td><td class="left"> Header Fields</td><td> </td><td class="right"> Header Fields</td><td class="lineno" valign="top"></td></tr> |
|---|
| 844 | <tr><td class="lineno" valign="top"></td><td class="left"> Authorization 10</td><td> </td><td class="right"> Authorization 10</td><td class="lineno" valign="top"></td></tr> |
|---|
| 845 | <tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate 11</td><td> </td><td class="right"> Proxy-Authenticate 11</td><td class="lineno" valign="top"></td></tr> |
|---|
| 846 | <tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization 11</td><td> </td><td class="right"> Proxy-Authorization 11</td><td class="lineno" valign="top"></td></tr> |
|---|
| 847 | <tr><td><a name="diff0048" /></td></tr> |
|---|
| 848 | <tr><td class="lineno" valign="top"></td><td class="lblock"> WWW-Authenticate 1<span class="delete">1</span></td><td> </td><td class="rblock"> WWW-Authenticate 1<span class="insert">2</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 849 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 850 | <tr><td class="lineno" valign="top"></td><td class="left"> P</td><td> </td><td class="right"> P</td><td class="lineno" valign="top"></td></tr> |
|---|
| 851 | <tr><td class="lineno" valign="top"></td><td class="left"> Protection Space 7</td><td> </td><td class="right"> Protection Space 7</td><td class="lineno" valign="top"></td></tr> |
|---|
| 852 | <tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authenticate header field 11</td><td> </td><td class="right"> Proxy-Authenticate header field 11</td><td class="lineno" valign="top"></td></tr> |
|---|
| 853 | <tr><td class="lineno" valign="top"></td><td class="left"> Proxy-Authorization header field 11</td><td> </td><td class="right"> Proxy-Authorization header field 11</td><td class="lineno" valign="top"></td></tr> |
|---|
| 854 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 855 | <tr><td class="lineno" valign="top"></td><td class="left"> R</td><td> </td><td class="right"> R</td><td class="lineno" valign="top"></td></tr> |
|---|
| 856 | <tr><td class="lineno" valign="top"></td><td class="left"> Realm 7</td><td> </td><td class="right"> Realm 7</td><td class="lineno" valign="top"></td></tr> |
|---|
| 857 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 858 | <tr><td class="lineno" valign="top"></td><td class="left"> S</td><td> </td><td class="right"> S</td><td class="lineno" valign="top"></td></tr> |
|---|
| 859 | <tr><td class="lineno" valign="top"></td><td class="left"> Status Codes</td><td> </td><td class="right"> Status Codes</td><td class="lineno" valign="top"></td></tr> |
|---|
| 860 | <tr><td class="lineno" valign="top"></td><td class="left"> 401 Unauthorized 9</td><td> </td><td class="right"> 401 Unauthorized 9</td><td class="lineno" valign="top"></td></tr> |
|---|
| 861 | <tr><td><a name="diff0049" /></td></tr> |
|---|
| 862 | <tr><td class="lineno" valign="top"></td><td class="lblock"> 407 Proxy Authentication Required <span class="delete">9</span></td><td> </td><td class="rblock"> 407 Proxy Authentication Required <span class="insert">10</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 863 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 864 | <tr><td class="lineno" valign="top"></td><td class="left"> W</td><td> </td><td class="right"> W</td><td class="lineno" valign="top"></td></tr> |
|---|
| 865 | <tr><td><a name="diff0050" /></td></tr> |
|---|
| 866 | <tr><td class="lineno" valign="top"></td><td class="lblock"> WWW-Authenticate header field 1<span class="delete">1</span></td><td> </td><td class="rblock"> WWW-Authenticate header field 1<span class="insert">2</span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 867 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 868 | <tr><td class="lineno" valign="top"></td><td class="left">Authors' Addresses</td><td> </td><td class="right">Authors' Addresses</td><td class="lineno" valign="top"></td></tr> |
|---|
| 869 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 870 | <tr><td class="lineno" valign="top"></td><td class="left"> Roy T. Fielding (editor)</td><td> </td><td class="right"> Roy T. Fielding (editor)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 871 | <tr><td class="lineno" valign="top"></td><td class="left"> Adobe Systems Incorporated</td><td> </td><td class="right"> Adobe Systems Incorporated</td><td class="lineno" valign="top"></td></tr> |
|---|
| 872 | <tr><td class="lineno" valign="top"></td><td class="left"> 345 Park Ave</td><td> </td><td class="right"> 345 Park Ave</td><td class="lineno" valign="top"></td></tr> |
|---|
| 873 | <tr><td class="lineno" valign="top"></td><td class="left"> San Jose, CA 95110</td><td> </td><td class="right"> San Jose, CA 95110</td><td class="lineno" valign="top"></td></tr> |
|---|
| 874 | <tr><td class="lineno" valign="top"></td><td class="left"> USA</td><td> </td><td class="right"> USA</td><td class="lineno" valign="top"></td></tr> |
|---|
| 875 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 876 | <tr><td class="lineno" valign="top"></td><td class="left"> EMail: fielding@gbiv.com</td><td> </td><td class="right"> EMail: fielding@gbiv.com</td><td class="lineno" valign="top"></td></tr> |
|---|
| 877 | <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> |
|---|
| 878 | <tr bgcolor="gray" ><td></td><th><a name="part-l12" /><small>skipping to change at</small><em> page 22, line 4</em></th><th> </th><th><a name="part-r12" /><small>skipping to change at</small><em> page 19, line 36</em></th><td></td></tr> |
|---|
| 879 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 880 | <tr><td class="lineno" valign="top"></td><td class="left"> Yves Lafon (editor)</td><td> </td><td class="right"> Yves Lafon (editor)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 881 | <tr><td class="lineno" valign="top"></td><td class="left"> World Wide Web Consortium</td><td> </td><td class="right"> World Wide Web Consortium</td><td class="lineno" valign="top"></td></tr> |
|---|
| 882 | <tr><td class="lineno" valign="top"></td><td class="left"> W3C / ERCIM</td><td> </td><td class="right"> W3C / ERCIM</td><td class="lineno" valign="top"></td></tr> |
|---|
| 883 | <tr><td class="lineno" valign="top"></td><td class="left"> 2004, rte des Lucioles</td><td> </td><td class="right"> 2004, rte des Lucioles</td><td class="lineno" valign="top"></td></tr> |
|---|
| 884 | <tr><td class="lineno" valign="top"></td><td class="left"> Sophia-Antipolis, AM 06902</td><td> </td><td class="right"> Sophia-Antipolis, AM 06902</td><td class="lineno" valign="top"></td></tr> |
|---|
| 885 | <tr><td class="lineno" valign="top"></td><td class="left"> France</td><td> </td><td class="right"> France</td><td class="lineno" valign="top"></td></tr> |
|---|
| 886 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 887 | <tr><td class="lineno" valign="top"></td><td class="left"> EMail: ylafon@w3.org</td><td> </td><td class="right"> EMail: ylafon@w3.org</td><td class="lineno" valign="top"></td></tr> |
|---|
| 888 | <tr><td class="lineno" valign="top"></td><td class="left"> URI: http://www.raubacapeu.net/people/yves/</td><td> </td><td class="right"> URI: http://www.raubacapeu.net/people/yves/</td><td class="lineno" valign="top"></td></tr> |
|---|
| 889 | <tr><td><a name="diff0051" /></td></tr> |
|---|
| 890 | <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> </span></td><td class="lineno" valign="top"></td></tr> |
|---|
| 891 | <tr><td class="lineno" valign="top"></td><td class="left"> Julian F. Reschke (editor)</td><td> </td><td class="right"> Julian F. Reschke (editor)</td><td class="lineno" valign="top"></td></tr> |
|---|
| 892 | <tr><td class="lineno" valign="top"></td><td class="left"> greenbytes GmbH</td><td> </td><td class="right"> greenbytes GmbH</td><td class="lineno" valign="top"></td></tr> |
|---|
| 893 | <tr><td class="lineno" valign="top"></td><td class="left"> Hafenweg 16</td><td> </td><td class="right"> Hafenweg 16</td><td class="lineno" valign="top"></td></tr> |
|---|
| 894 | <tr><td class="lineno" valign="top"></td><td class="left"> Muenster, NW 48155</td><td> </td><td class="right"> Muenster, NW 48155</td><td class="lineno" valign="top"></td></tr> |
|---|
| 895 | <tr><td class="lineno" valign="top"></td><td class="left"> Germany</td><td> </td><td class="right"> Germany</td><td class="lineno" valign="top"></td></tr> |
|---|
| 896 | <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 897 | <tr><td><a name="diff0052" /></td></tr> |
|---|
| 898 | <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">Phone: +49 251 2807760</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 899 | <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Fax: +49 251 2807761</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> |
|---|
| 900 | <tr><td class="lineno" valign="top"></td><td class="left"> EMail: julian.reschke@greenbytes.de</td><td> </td><td class="right"> EMail: julian.reschke@greenbytes.de</td><td class="lineno" valign="top"></td></tr> |
|---|
| 901 | <tr><td class="lineno" valign="top"></td><td class="left"> URI: http://greenbytes.de/tech/webdav/</td><td> </td><td class="right"> URI: http://greenbytes.de/tech/webdav/</td><td class="lineno" valign="top"></td></tr> |
|---|
| 902 | |
|---|
| 903 | <tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr> |
|---|
| 904 | <tr bgcolor="gray"><th colspan="5" align="center"><a name="end"> End of changes. 52 change blocks. </a></th></tr> |
|---|
| 905 | <tr class="stats"><td></td><th><i>294 lines changed or deleted</i></th><th><i> </i></th><th><i>165 lines changed or added</i></th><td></td></tr> |
|---|
| 906 | <tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.38. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr> |
|---|
| 907 | </table> |
|---|
| 908 | </body> |
|---|
| 909 | </html> |
|---|
![(please configure the [header_logo] section in trac.ini)](https://www.ietf.org/images/ietflogotrans.gif)
