source: draft-ietf-httpbis/latest/auth48/rfc7235.abdiff.txt @ 2705

Last change on this file since 2705 was 2705, checked in by julian.reschke@…, 6 years ago

use consistent notation when referring to ABNF constructs (#553)

File size: 11.1 KB
Line 
1
2INTRODUCTION, paragraph 1:
3OLD:
4
5 HTTPbis Working Group                                   R. Fielding, Ed.
6 Internet-Draft                                                     Adobe
7 Obsoletes: 2616 (if approved)                            J. Reschke, Ed.
8 Updates: 2617 (if approved)                                   greenbytes
9 Intended status: Standards Track                            May 29, 2014
10 Expires: November 30, 2014
11
12NEW:
13
14 Internet Engineering Task Force (IETF)                  R. Fielding, Ed.
15 Request for Comments: 7235                                         Adobe
16 Obsoletes: 2616                                          J. Reschke, Ed.
17 Updates: 2617                                                 greenbytes
18 Category: Standards Track                                       May 2014
19 ISSN: 2070-1721
20
21
22INTRODUCTION, paragraph 2:
23OLD:
24
25          Hypertext Transfer Protocol (HTTP/1.1): Authentication
26                    draft-ietf-httpbis-p7-auth-latest
27
28NEW:
29
30          Hypertext Transfer Protocol (HTTP/1.1): Authentication
31
32
33INTRODUCTION, paragraph 5:
34OLD:
35
36 Editorial Note (To be removed by RFC Editor)
37 
38    Discussion of this draft takes place on the HTTPBIS working group
39    mailing list (ietf-http-wg@w3.org), which is archived at
40    <http://lists.w3.org/Archives/Public/ietf-http-wg/>.
41 
42    The current issues list is at
43    <http://tools.ietf.org/wg/httpbis/trac/report/3> and related
44    documents (including fancy diffs) can be found at
45    <http://tools.ietf.org/wg/httpbis/>.
46 
47    _This is a temporary document for the purpose of tracking the
48    editorial changes made during the AUTH48 (RFC publication) phase._
49 
50 Status of This Memo
51
52NEW:
53
54 Status of This Memo
55
56
57INTRODUCTION, paragraph 6:
58OLD:
59
60    This Internet-Draft is submitted in full conformance with the
61    provisions of BCP 78 and BCP 79.
62 
63    Internet-Drafts are working documents of the Internet Engineering
64    Task Force (IETF).  Note that other groups may also distribute
65    working documents as Internet-Drafts.  The list of current Internet-
66    Drafts is at http://datatracker.ietf.org/drafts/current/.
67
68NEW:
69
70    This is an Internet Standards Track document.
71
72
73INTRODUCTION, paragraph 7:
74OLD:
75
76    Internet-Drafts are draft documents valid for a maximum of six months
77    and may be updated, replaced, or obsoleted by other documents at any
78    time.  It is inappropriate to use Internet-Drafts as reference
79    material or to cite them other than as "work in progress."
80
81NEW:
82
83    This document is a product of the Internet Engineering Task Force
84    (IETF).  It represents the consensus of the IETF community.  It has
85    received public review and has been approved for publication by the
86    Internet Engineering Steering Group (IESG).  Further information on
87    Internet Standards is available in Section 2 of RFC 5741.
88
89
90INTRODUCTION, paragraph 8:
91OLD:
92
93    This Internet-Draft will expire on November 30, 2014.
94
95NEW:
96
97    Information about the current status of this document, any errata,
98    and how to provide feedback on it may be obtained at
99    http://www.rfc-editor.org/info/rfc7235.
100
101
102INTRODUCTION, paragraph 14:
103OLD:
104
105    1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4
106      1.1.  Conformance and Error Handling . . . . . . . . . . . . . .  4
107      1.2.  Syntax Notation  . . . . . . . . . . . . . . . . . . . . .  4
108    2.  Access Authentication Framework  . . . . . . . . . . . . . . .  4
109      2.1.  Challenge and Response . . . . . . . . . . . . . . . . . .  4
110      2.2.  Protection Space (Realm) . . . . . . . . . . . . . . . . .  6
111    3.  Status Code Definitions  . . . . . . . . . . . . . . . . . . .  7
112      3.1.  401 Unauthorized . . . . . . . . . . . . . . . . . . . . .  7
113      3.2.  407 Proxy Authentication Required  . . . . . . . . . . . .  7
114    4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  8
115      4.1.  WWW-Authenticate . . . . . . . . . . . . . . . . . . . . .  8
116      4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  9
117      4.3.  Proxy-Authenticate . . . . . . . . . . . . . . . . . . . .  9
118      4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . . 10
119    5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 10
120      5.1.  Authentication Scheme Registry . . . . . . . . . . . . . . 10
121        5.1.1.  Procedure  . . . . . . . . . . . . . . . . . . . . . . 10
122        5.1.2.  Considerations for New Authentication Schemes  . . . . 10
123      5.2.  Status Code Registration . . . . . . . . . . . . . . . . . 12
124      5.3.  Header Field Registration  . . . . . . . . . . . . . . . . 12
125    6.  Security Considerations  . . . . . . . . . . . . . . . . . . . 12
126      6.1.  Confidentiality of Credentials . . . . . . . . . . . . . . 13
127      6.2.  Authentication Credentials and Idle Clients  . . . . . . . 13
128      6.3.  Protection Spaces  . . . . . . . . . . . . . . . . . . . . 14
129    7.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 14
130    8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 15
131      8.1.  Normative References . . . . . . . . . . . . . . . . . . . 15
132      8.2.  Informative References . . . . . . . . . . . . . . . . . . 15
133    Appendix A.  Changes from RFCs 2616 and 2617 . . . . . . . . . . . 16
134    Appendix B.  Imported ABNF . . . . . . . . . . . . . . . . . . . . 16
135    Appendix C.  Collected ABNF  . . . . . . . . . . . . . . . . . . . 16
136    Index  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
137
138NEW:
139
140    1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
141      1.1.  Conformance and Error Handling . . . . . . . . . . . . . .  3
142      1.2.  Syntax Notation  . . . . . . . . . . . . . . . . . . . . .  3
143    2.  Access Authentication Framework  . . . . . . . . . . . . . . .  3
144      2.1.  Challenge and Response . . . . . . . . . . . . . . . . . .  3
145      2.2.  Protection Space (Realm) . . . . . . . . . . . . . . . . .  5
146    3.  Status Code Definitions  . . . . . . . . . . . . . . . . . . .  6
147      3.1.  401 Unauthorized . . . . . . . . . . . . . . . . . . . . .  6
148      3.2.  407 Proxy Authentication Required  . . . . . . . . . . . .  6
149    4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  7
150      4.1.  WWW-Authenticate . . . . . . . . . . . . . . . . . . . . .  7
151      4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  8
152      4.3.  Proxy-Authenticate . . . . . . . . . . . . . . . . . . . .  8
153      4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  9
154    5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  9
155      5.1.  Authentication Scheme Registry . . . . . . . . . . . . . .  9
156        5.1.1.  Procedure  . . . . . . . . . . . . . . . . . . . . . .  9
157        5.1.2.  Considerations for New Authentication Schemes  . . . .  9
158      5.2.  Status Code Registration . . . . . . . . . . . . . . . . . 11
159      5.3.  Header Field Registration  . . . . . . . . . . . . . . . . 11
160    6.  Security Considerations  . . . . . . . . . . . . . . . . . . . 11
161      6.1.  Confidentiality of Credentials . . . . . . . . . . . . . . 12
162      6.2.  Authentication Credentials and Idle Clients  . . . . . . . 12
163      6.3.  Protection Spaces  . . . . . . . . . . . . . . . . . . . . 13
164    7.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 13
165    8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 14
166      8.1.  Normative References . . . . . . . . . . . . . . . . . . . 14
167      8.2.  Informative References . . . . . . . . . . . . . . . . . . 14
168    Appendix A.  Changes from RFCs 2616 and 2617 . . . . . . . . . . . 15
169    Appendix B.  Imported ABNF . . . . . . . . . . . . . . . . . . . . 15
170    Appendix C.  Collected ABNF  . . . . . . . . . . . . . . . . . . . 15
171    Index  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
172
173
174Section 2.1., paragraph 6:
175OLD:
176
177    The token68 syntax allows the 66 unreserved URI characters
178    ([RFC3986]), plus a few others, so that it can hold a base64,
179    base64url (URL and filename safe alphabet), base32, or base16 (hex)
180    encoding, with or without padding, but excluding whitespace
181    ([RFC4648]).
182
183NEW:
184
185    The "token68" syntax allows the 66 unreserved URI characters
186    ([RFC3986]), plus a few others, so that it can hold a base64,
187    base64url (URL and filename safe alphabet), base32, or base16 (hex)
188    encoding, with or without padding, but excluding whitespace
189    ([RFC4648]).
190
191
192Section 8.1., paragraph 3:
193OLD:
194
195    [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
196               Protocol (HTTP/1.1): Message Syntax and Routing",
197               draft-ietf-httpbis-p1-messaging-latest (work in progress),
198               May 2014.
199
200NEW:
201
202    [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
203               Protocol (HTTP/1.1): Message Syntax and Routing",
204               RFC 7230, May 2014.
205
206
207Section 8.1., paragraph 4:
208OLD:
209
210    [RFC7231]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
211               Protocol (HTTP/1.1): Semantics and Content",
212               draft-ietf-httpbis-p2-semantics-latest (work in progress),
213               May 2014.
214
215NEW:
216
217    [RFC7231]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
218               Protocol (HTTP/1.1): Semantics and Content", RFC 7231,
219               May 2014.
220
221
222Section 8.1., paragraph 5:
223OLD:
224
225    [RFC7234]  Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
226               Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",
227               draft-ietf-httpbis-p6-cache-latest (work in progress),
228               May 2014.
229
230NEW:
231
232    [RFC7234]  Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
233               Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",
234               RFC 7234, May 2014.
235
236
237Section 1.2, paragraph 11:
238OLD:
239
240    4
241       401 Unauthorized (status code)  7
242       407 Proxy Authentication Required (status code)  7
243
244NEW:
245
246    4
247       401 Unauthorized (status code)  6
248       407 Proxy Authentication Required (status code)  6
249
250
251Section 1.2, paragraph 12:
252OLD:
253
254    A
255       Authorization header field  9
256
257NEW:
258
259    A
260       Authorization header field  8
261
262
263Section 1.2, paragraph 13:
264OLD:
265
266    C
267       Canonical Root URI  6
268
269NEW:
270
271    C
272       Canonical Root URI  5
273
274
275Section 1.2, paragraph 14:
276OLD:
277
278    G
279       Grammar
280          auth-param  5
281          auth-scheme  5
282          Authorization  9
283          challenge  5
284          credentials  6
285          Proxy-Authenticate  9
286          Proxy-Authorization  10
287          token68  5
288          WWW-Authenticate  8
289
290NEW:
291
292    G
293       Grammar
294          auth-param  4
295          auth-scheme  4
296          Authorization  8
297          challenge  4
298          credentials  5
299          Proxy-Authenticate  8
300          Proxy-Authorization  9
301          token68  4
302          WWW-Authenticate  7
303
304
305Section 1.2, paragraph 15:
306OLD:
307
308    P
309       Protection Space  6
310       Proxy-Authenticate header field  9
311       Proxy-Authorization header field  10
312
313NEW:
314
315    P
316       Protection Space  5
317       Proxy-Authenticate header field  8
318       Proxy-Authorization header field  9
319
320
321Section 1.2, paragraph 16:
322OLD:
323
324    R
325       Realm  6
326
327NEW:
328
329    R
330       Realm  5
331
332
333Section 1.2, paragraph 17:
334OLD:
335
336    W
337       WWW-Authenticate header field  8
338
339NEW:
340
341    W
342       WWW-Authenticate header field  7
343
Note: See TracBrowser for help on using the repository browser.