source: draft-ietf-httpbis/latest/auth48/rfc7235.diff.html @ 2678

Last change on this file since 2678 was 2678, checked in by julian.reschke@…, 6 years ago

add RFC7234-to-be and RFC7235-to-be (#553)

  • Property svn:eol-style set to native
File size: 112.8 KB
Line 
1<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2<!-- Generated by rfcdiff 1.38: rfcdiff  -->
3<!-- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional" > -->
4<html> 
5<head> 
6  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
7  <meta http-equiv="Content-Style-Type" content="text/css" />
8  <title>Diff: p7-auth.unpg.txt - rfc7235-to-be.unpg.txt</title>
9  <style type="text/css">
10    body    { margin: 0.4ex; margin-right: auto; }
11    tr      { }
12    td      { white-space: pre; font-family: monospace; vertical-align: top; font-size: 0.86em;}
13    th      { font-size: 0.86em; }
14    .small  { font-size: 0.6em; font-style: italic; font-family: Verdana, Helvetica, sans-serif; }
15    .left   { background-color: #EEE; }
16    .right  { background-color: #FFF; }
17    .diff   { background-color: #CCF; }
18    .lblock { background-color: #BFB; }
19    .rblock { background-color: #FF8; }
20    .insert { background-color: #8FF; }
21    .delete { background-color: #ACF; }
22    .void   { background-color: #FFB; }
23    .cont   { background-color: #EEE; }
24    .linebr { background-color: #AAA; }
25    .lineno { color: red; background-color: #FFF; font-size: 0.7em; text-align: right; padding: 0 2px; }
26    .elipsis{ background-color: #AAA; }
27    .left .cont { background-color: #DDD; }
28    .right .cont { background-color: #EEE; }
29    .lblock .cont { background-color: #9D9; }
30    .rblock .cont { background-color: #DD6; }
31    .insert .cont { background-color: #0DD; }
32    .delete .cont { background-color: #8AD; }
33    .stats, .stats td, .stats th { background-color: #EEE; padding: 2px 0; }
34  </style>
35</head>
36<body > 
37  <table border="0" cellpadding="0" cellspacing="0">
38  <tr bgcolor="orange"><th></th><th>&nbsp;p7-auth.unpg.txt&nbsp;</th><th> </th><th>&nbsp;rfc7235-to-be.unpg.txt&nbsp;</th><th></th></tr>
39      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
40      <tr><td><a name="diff0001" /></td></tr>
41      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">HTTPbis Working Group</span>                                   R. Fielding, Ed.</td><td> </td><td class="rblock"><span class="insert">Internet Engineering Task Force (IETF)</span>                  R. Fielding, Ed.</td><td class="lineno" valign="top"></td></tr>
42      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Internet-Draft</span>                                                     Adobe</td><td> </td><td class="rblock"><span class="insert">Request for Comments: 7235</span>                                         Adobe</td><td class="lineno" valign="top"></td></tr>
43      <tr><td class="lineno" valign="top"></td><td class="lblock">Obsoletes: 2616 <span class="delete">(if approved)</span>                            J. Reschke, Ed.</td><td> </td><td class="rblock">Obsoletes: 2616                                          J. Reschke, Ed.</td><td class="lineno" valign="top"></td></tr>
44      <tr><td class="lineno" valign="top"></td><td class="lblock">Updates: 2617 <span class="delete">(if approved)</span>                                   greenbytes</td><td> </td><td class="rblock">Updates: 2617                                                 greenbytes</td><td class="lineno" valign="top"></td></tr>
45      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Intended status:</span> Standards Track                            May <span class="delete">16, 2014</span></td><td> </td><td class="rblock"><span class="insert">Category:</span> Standards Track                                       May 2014</td><td class="lineno" valign="top"></td></tr>
46      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Expires: November 17,</span> 2014</td><td> </td><td class="rblock"><span class="insert">ISSN: 2070-1721</span></td><td class="lineno" valign="top"></td></tr>
47      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
48      <tr><td class="lineno" valign="top"></td><td class="left">         Hypertext Transfer Protocol (HTTP/1.1): Authentication</td><td> </td><td class="right">         Hypertext Transfer Protocol (HTTP/1.1): Authentication</td><td class="lineno" valign="top"></td></tr>
49      <tr><td><a name="diff0002" /></td></tr>
50      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">                   draft-ietf-httpbis-p7-auth-latest</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
51      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
52      <tr><td class="lineno" valign="top"></td><td class="left">Abstract</td><td> </td><td class="right">Abstract</td><td class="lineno" valign="top"></td></tr>
53      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
54      <tr><td class="lineno" valign="top"></td><td class="left">   The Hypertext Transfer Protocol (HTTP) is a stateless application-</td><td> </td><td class="right">   The Hypertext Transfer Protocol (HTTP) is a stateless application-</td><td class="lineno" valign="top"></td></tr>
55      <tr><td class="lineno" valign="top"></td><td class="left">   level protocol for distributed, collaborative, hypermedia information</td><td> </td><td class="right">   level protocol for distributed, collaborative, hypermedia information</td><td class="lineno" valign="top"></td></tr>
56      <tr><td class="lineno" valign="top"></td><td class="left">   systems.  This document defines the HTTP Authentication framework.</td><td> </td><td class="right">   systems.  This document defines the HTTP Authentication framework.</td><td class="lineno" valign="top"></td></tr>
57      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
58      <tr><td><a name="diff0003" /></td></tr>
59      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Editorial Note (To be removed by RFC Editor)</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
60      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
61      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Discussion of this draft takes place on the HTTPBIS working group</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
62      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   mailing list (ietf-http-wg@w3.org), which is archived at</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
63      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   &lt;http://lists.w3.org/Archives/Public/ietf-http-wg/&gt;.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
64      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
65      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   The current issues list is at</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
66      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   &lt;http://tools.ietf.org/wg/httpbis/trac/report/3&gt; and related</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
67      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   documents (including fancy diffs) can be found at</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
68      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   &lt;http://tools.ietf.org/wg/httpbis/&gt;.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
69      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
70      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   _This is a temporary document for the purpose of tracking the</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
71      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   editorial changes made during the AUTH48 (RFC publication) phase._</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
72      <tr><td class="lineno" valign="top"></td><td class="lblock">                                                                         </td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
73      <tr><td class="lineno" valign="top"></td><td class="left">Status of This Memo</td><td> </td><td class="right">Status of This Memo</td><td class="lineno" valign="top"></td></tr>
74      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
75      <tr><td><a name="diff0004" /></td></tr>
76      <tr><td class="lineno" valign="top"></td><td class="lblock">   This <span class="delete">Internet-Draft</span> is <span class="delete">submitted in full conformance with the</span></td><td> </td><td class="rblock">   This is <span class="insert">an</span> Internet <span class="insert">Standards Track document.</span></td><td class="lineno" valign="top"></td></tr>
77      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   provisions of BCP 78 and BCP 79.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
78      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
79      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Internet-Drafts are working documents of the</span> Internet <span class="delete">Engineering</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
80      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Task Force (IETF).  Note that other groups may also distribute</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
81      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   working documents as Internet-Drafts.  The list of current Internet-</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
82      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Drafts is at http://datatracker.ietf.org/drafts/current/.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
83      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
84      <tr><td><a name="diff0005" /></td></tr>
85      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">Internet-Drafts are draft documents valid for</span> a <span class="delete">maximum</span> of <span class="delete">six months</span></td><td> </td><td class="rblock">   <span class="insert">This document is</span> a <span class="insert">product of the Internet Engineering Task Force</span></td><td class="lineno" valign="top"></td></tr>
86      <tr><td class="lineno" valign="top"></td><td class="lblock">   and <span class="delete">may be updated, replaced, or obsoleted</span> by <span class="delete">other documents at any</span></td><td> </td><td class="rblock"><span class="insert">   (IETF).  It represents the consensus</span> of <span class="insert">the IETF community.  It has</span></td><td class="lineno" valign="top"></td></tr>
87      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   time.  It</span> is <span class="delete">inappropriate to use Internet-Drafts as reference</span></td><td> </td><td class="rblock"><span class="insert">   received public review</span> and <span class="insert">has been approved for publication</span> by <span class="insert">the</span></td><td class="lineno" valign="top"></td></tr>
88      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   material or to cite them other than as "work</span> in <span class="delete">progress."</span></td><td> </td><td class="rblock"><span class="insert">   Internet Engineering Steering Group (IESG).  Further information on</span></td><td class="lineno" valign="top"></td></tr>
89      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   Internet Standards</span> is <span class="insert">available</span> in <span class="insert">Section 2 of RFC 5741.</span></td><td class="lineno" valign="top"></td></tr>
90      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
91      <tr><td><a name="diff0006" /></td></tr>
92      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">This Internet-Draft will expire</span> on <span class="delete">November 17, 2014.</span></td><td> </td><td class="rblock">   <span class="insert">Information about the current status of this document, any errata,</span></td><td class="lineno" valign="top"></td></tr>
93      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   and how to provide feedback</span> on <span class="insert">it may be obtained at</span></td><td class="lineno" valign="top"></td></tr>
94      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   http://www.rfc-editor.org/info/rfc7235.</span></td><td class="lineno" valign="top"></td></tr>
95      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
96      <tr><td class="lineno" valign="top"></td><td class="left">Copyright Notice</td><td> </td><td class="right">Copyright Notice</td><td class="lineno" valign="top"></td></tr>
97      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
98      <tr><td class="lineno" valign="top"></td><td class="left">   Copyright (c) 2014 IETF Trust and the persons identified as the</td><td> </td><td class="right">   Copyright (c) 2014 IETF Trust and the persons identified as the</td><td class="lineno" valign="top"></td></tr>
99      <tr><td class="lineno" valign="top"></td><td class="left">   document authors.  All rights reserved.</td><td> </td><td class="right">   document authors.  All rights reserved.</td><td class="lineno" valign="top"></td></tr>
100      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
101      <tr><td class="lineno" valign="top"></td><td class="left">   This document is subject to BCP 78 and the IETF Trust's Legal</td><td> </td><td class="right">   This document is subject to BCP 78 and the IETF Trust's Legal</td><td class="lineno" valign="top"></td></tr>
102      <tr><td class="lineno" valign="top"></td><td class="left">   Provisions Relating to IETF Documents</td><td> </td><td class="right">   Provisions Relating to IETF Documents</td><td class="lineno" valign="top"></td></tr>
103      <tr><td class="lineno" valign="top"></td><td class="left">   (http://trustee.ietf.org/license-info) in effect on the date of</td><td> </td><td class="right">   (http://trustee.ietf.org/license-info) in effect on the date of</td><td class="lineno" valign="top"></td></tr>
104      <tr><td class="lineno" valign="top"></td><td class="left">   publication of this document.  Please review these documents</td><td> </td><td class="right">   publication of this document.  Please review these documents</td><td class="lineno" valign="top"></td></tr>
105      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
106      <tr bgcolor="gray" ><td></td><th><a name="part-l2" /><small>skipping to change at</small><em> page 3, line 7</em></th><th> </th><th><a name="part-r2" /><small>skipping to change at</small><em> page 2, line 15</em></th><td></td></tr>
107      <tr><td class="lineno" valign="top"></td><td class="left">   modifications of such material outside the IETF Standards Process.</td><td> </td><td class="right">   modifications of such material outside the IETF Standards Process.</td><td class="lineno" valign="top"></td></tr>
108      <tr><td class="lineno" valign="top"></td><td class="left">   Without obtaining an adequate license from the person(s) controlling</td><td> </td><td class="right">   Without obtaining an adequate license from the person(s) controlling</td><td class="lineno" valign="top"></td></tr>
109      <tr><td class="lineno" valign="top"></td><td class="left">   the copyright in such materials, this document may not be modified</td><td> </td><td class="right">   the copyright in such materials, this document may not be modified</td><td class="lineno" valign="top"></td></tr>
110      <tr><td class="lineno" valign="top"></td><td class="left">   outside the IETF Standards Process, and derivative works of it may</td><td> </td><td class="right">   outside the IETF Standards Process, and derivative works of it may</td><td class="lineno" valign="top"></td></tr>
111      <tr><td class="lineno" valign="top"></td><td class="left">   not be created outside the IETF Standards Process, except to format</td><td> </td><td class="right">   not be created outside the IETF Standards Process, except to format</td><td class="lineno" valign="top"></td></tr>
112      <tr><td class="lineno" valign="top"></td><td class="left">   it for publication as an RFC or to translate it into languages other</td><td> </td><td class="right">   it for publication as an RFC or to translate it into languages other</td><td class="lineno" valign="top"></td></tr>
113      <tr><td class="lineno" valign="top"></td><td class="left">   than English.</td><td> </td><td class="right">   than English.</td><td class="lineno" valign="top"></td></tr>
114      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
115      <tr><td class="lineno" valign="top"></td><td class="left">Table of Contents</td><td> </td><td class="right">Table of Contents</td><td class="lineno" valign="top"></td></tr>
116      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
117      <tr><td><a name="diff0007" /></td></tr>
118      <tr><td class="lineno" valign="top"></td><td class="lblock">   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  <span class="delete">4</span></td><td> </td><td class="rblock">   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  <span class="insert">3</span></td><td class="lineno" valign="top"></td></tr>
119      <tr><td class="lineno" valign="top"></td><td class="lblock">     1.1.  Conformance and Error Handling . . . . . . . . . . . . . .  <span class="delete">4</span></td><td> </td><td class="rblock">     1.1.  Conformance and Error Handling . . . . . . . . . . . . . .  <span class="insert">3</span></td><td class="lineno" valign="top"></td></tr>
120      <tr><td class="lineno" valign="top"></td><td class="lblock">     1.2.  Syntax Notation  . . . . . . . . . . . . . . . . . . . . .  <span class="delete">4</span></td><td> </td><td class="rblock">     1.2.  Syntax Notation  . . . . . . . . . . . . . . . . . . . . .  <span class="insert">3</span></td><td class="lineno" valign="top"></td></tr>
121      <tr><td class="lineno" valign="top"></td><td class="lblock">   2.  Access Authentication Framework  . . . . . . . . . . . . . . .  <span class="delete">4</span></td><td> </td><td class="rblock">   2.  Access Authentication Framework  . . . . . . . . . . . . . . .  <span class="insert">3</span></td><td class="lineno" valign="top"></td></tr>
122      <tr><td class="lineno" valign="top"></td><td class="lblock">     2.1.  Challenge and Response . . . . . . . . . . . . . . . . . .  <span class="delete">4</span></td><td> </td><td class="rblock">     2.1.  Challenge and Response . . . . . . . . . . . . . . . . . .  <span class="insert">3</span></td><td class="lineno" valign="top"></td></tr>
123      <tr><td class="lineno" valign="top"></td><td class="lblock">     2.2.  Protection Space (Realm) . . . . . . . . . . . . . . . . .  <span class="delete">6</span></td><td> </td><td class="rblock">     2.2.  Protection Space (Realm) . . . . . . . . . . . . . . . . .  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
124      <tr><td class="lineno" valign="top"></td><td class="lblock">   3.  Status Code Definitions  . . . . . . . . . . . . . . . . . . .  <span class="delete">7</span></td><td> </td><td class="rblock">   3.  Status Code Definitions  . . . . . . . . . . . . . . . . . . .  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
125      <tr><td class="lineno" valign="top"></td><td class="lblock">     3.1.  401 Unauthorized . . . . . . . . . . . . . . . . . . . . .  <span class="delete">7</span></td><td> </td><td class="rblock">     3.1.  401 Unauthorized . . . . . . . . . . . . . . . . . . . . .  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
126      <tr><td class="lineno" valign="top"></td><td class="lblock">     3.2.  407 Proxy Authentication Required  . . . . . . . . . . . .  <span class="delete">7</span></td><td> </td><td class="rblock">     3.2.  407 Proxy Authentication Required  . . . . . . . . . . . .  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
127      <tr><td class="lineno" valign="top"></td><td class="lblock">   4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  <span class="delete">7</span></td><td> </td><td class="rblock">   4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
128      <tr><td class="lineno" valign="top"></td><td class="lblock">     4.1.  WWW-Authenticate . . . . . . . . . . . . . . . . . . . . .  <span class="delete">8</span></td><td> </td><td class="rblock">     4.1.  WWW-Authenticate . . . . . . . . . . . . . . . . . . . . .  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
129      <tr><td class="lineno" valign="top"></td><td class="lblock">     4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  <span class="delete">8</span></td><td> </td><td class="rblock">     4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
130      <tr><td class="lineno" valign="top"></td><td class="lblock">     4.3.  Proxy-Authenticate . . . . . . . . . . . . . . . . . . . .  <span class="delete">9</span></td><td> </td><td class="rblock">     4.3.  Proxy-Authenticate . . . . . . . . . . . . . . . . . . . .  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
131      <tr><td class="lineno" valign="top"></td><td class="lblock">     4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  <span class="delete">9</span></td><td> </td><td class="rblock">     4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
132      <tr><td class="lineno" valign="top"></td><td class="lblock">   5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock">   5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
133      <tr><td class="lineno" valign="top"></td><td class="lblock">     5.1.  Authentication Scheme Registry . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock">     5.1.  Authentication Scheme Registry . . . . . . . . . . . . . .  <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
134      <tr><td class="lineno" valign="top"></td><td class="lblock">       5.1.1.  Procedure  . . . . . . . . . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock">       5.1.1.  Procedure  . . . . . . . . . . . . . . . . . . . . . .  <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
135      <tr><td class="lineno" valign="top"></td><td class="lblock">       5.1.2.  Considerations for New Authentication Schemes  . . . . <span class="delete">10</span></td><td> </td><td class="rblock">       5.1.2.  Considerations for New Authentication Schemes  . . . .  <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
136      <tr><td class="lineno" valign="top"></td><td class="lblock">     5.2.  Status Code Registration . . . . . . . . . . . . . . . . . <span class="delete">12</span></td><td> </td><td class="rblock">     5.2.  Status Code Registration . . . . . . . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
137      <tr><td class="lineno" valign="top"></td><td class="lblock">     5.3.  Header Field Registration  . . . . . . . . . . . . . . . . <span class="delete">12</span></td><td> </td><td class="rblock">     5.3.  Header Field Registration  . . . . . . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
138      <tr><td class="lineno" valign="top"></td><td class="lblock">   6.  Security Considerations  . . . . . . . . . . . . . . . . . . . <span class="delete">12</span></td><td> </td><td class="rblock">   6.  Security Considerations  . . . . . . . . . . . . . . . . . . . <span class="insert">11</span></td><td class="lineno" valign="top"></td></tr>
139      <tr><td class="lineno" valign="top"></td><td class="lblock">     6.1.  Confidentiality of Credentials . . . . . . . . . . . . . . <span class="delete">13</span></td><td> </td><td class="rblock">     6.1.  Confidentiality of Credentials . . . . . . . . . . . . . . <span class="insert">12</span></td><td class="lineno" valign="top"></td></tr>
140      <tr><td class="lineno" valign="top"></td><td class="lblock">     6.2.  Authentication Credentials and Idle Clients  . . . . . . . <span class="delete">13</span></td><td> </td><td class="rblock">     6.2.  Authentication Credentials and Idle Clients  . . . . . . . <span class="insert">12</span></td><td class="lineno" valign="top"></td></tr>
141      <tr><td class="lineno" valign="top"></td><td class="lblock">     6.3.  Protection Spaces  . . . . . . . . . . . . . . . . . . . . <span class="delete">14</span></td><td> </td><td class="rblock">     6.3.  Protection Spaces  . . . . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr>
142      <tr><td class="lineno" valign="top"></td><td class="lblock">   7.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">14</span></td><td> </td><td class="rblock">   7.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr>
143      <tr><td class="lineno" valign="top"></td><td class="lblock">   8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">14</span></td><td> </td><td class="rblock">   8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr>
144      <tr><td class="lineno" valign="top"></td><td class="lblock">     8.1.  Normative References . . . . . . . . . . . . . . . . . . . <span class="delete">14</span></td><td> </td><td class="rblock">     8.1.  Normative References . . . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr>
145      <tr><td class="lineno" valign="top"></td><td class="lblock">     8.2.  Informative References . . . . . . . . . . . . . . . . . . <span class="delete">15</span></td><td> </td><td class="rblock">     8.2.  Informative References . . . . . . . . . . . . . . . . . . <span class="insert">14</span></td><td class="lineno" valign="top"></td></tr>
146      <tr><td class="lineno" valign="top"></td><td class="lblock">   Appendix A.  Changes from RFCs 2616 and 2617 . . . . . . . . . . . <span class="delete">16</span></td><td> </td><td class="rblock">   Appendix A.  Changes from RFCs 2616 and 2617 . . . . . . . . . . . <span class="insert">15</span></td><td class="lineno" valign="top"></td></tr>
147      <tr><td class="lineno" valign="top"></td><td class="lblock">   Appendix B.  Imported ABNF . . . . . . . . . . . . . . . . . . . . <span class="delete">16</span></td><td> </td><td class="rblock">   Appendix B.  Imported ABNF . . . . . . . . . . . . . . . . . . . . <span class="insert">15</span></td><td class="lineno" valign="top"></td></tr>
148      <tr><td class="lineno" valign="top"></td><td class="lblock">   Appendix C.  Collected ABNF  . . . . . . . . . . . . . . . . . . . <span class="delete">16</span></td><td> </td><td class="rblock">   Appendix C.  Collected ABNF  . . . . . . . . . . . . . . . . . . . <span class="insert">15</span></td><td class="lineno" valign="top"></td></tr>
149      <tr><td class="lineno" valign="top"></td><td class="lblock">   Index  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">17</span></td><td> </td><td class="rblock">   Index  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">16</span></td><td class="lineno" valign="top"></td></tr>
150      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
151      <tr><td class="lineno" valign="top"></td><td class="left">1.  Introduction</td><td> </td><td class="right">1.  Introduction</td><td class="lineno" valign="top"></td></tr>
152      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
153      <tr><td class="lineno" valign="top"></td><td class="left">   HTTP provides a general framework for access control and</td><td> </td><td class="right">   HTTP provides a general framework for access control and</td><td class="lineno" valign="top"></td></tr>
154      <tr><td class="lineno" valign="top"></td><td class="left">   authentication, via an extensible set of challenge-response</td><td> </td><td class="right">   authentication, via an extensible set of challenge-response</td><td class="lineno" valign="top"></td></tr>
155      <tr><td class="lineno" valign="top"></td><td class="left">   authentication schemes, which can be used by a server to challenge a</td><td> </td><td class="right">   authentication schemes, which can be used by a server to challenge a</td><td class="lineno" valign="top"></td></tr>
156      <tr><td class="lineno" valign="top"></td><td class="left">   client request and by a client to provide authentication information.</td><td> </td><td class="right">   client request and by a client to provide authentication information.</td><td class="lineno" valign="top"></td></tr>
157      <tr><td class="lineno" valign="top"></td><td class="left">   This document defines HTTP/1.1 authentication in terms of the</td><td> </td><td class="right">   This document defines HTTP/1.1 authentication in terms of the</td><td class="lineno" valign="top"></td></tr>
158      <tr><td class="lineno" valign="top"></td><td class="left">   architecture defined in [RFC7230], including the general framework</td><td> </td><td class="right">   architecture defined in [RFC7230], including the general framework</td><td class="lineno" valign="top"></td></tr>
159      <tr><td><a name="diff0008" /></td></tr>
160      <tr><td class="lineno" valign="top"></td><td class="lblock">   previously described in <span class="delete">RFC 2617</span> and the related fields and status</td><td> </td><td class="rblock">   previously described in <span class="insert">[RFC2617]</span> and the related fields and status</td><td class="lineno" valign="top"></td></tr>
161      <tr><td class="lineno" valign="top"></td><td class="lblock">   codes previously defined in <span class="delete">RFC 2616.</span></td><td> </td><td class="rblock">   codes previously defined in <span class="insert">[RFC2616].</span></td><td class="lineno" valign="top"></td></tr>
162      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
163      <tr><td class="lineno" valign="top"></td><td class="left">   The IANA Authentication Scheme Registry (Section 5.1) lists</td><td> </td><td class="right">   The IANA Authentication Scheme Registry (Section 5.1) lists</td><td class="lineno" valign="top"></td></tr>
164      <tr><td class="lineno" valign="top"></td><td class="left">   registered authentication schemes and their corresponding</td><td> </td><td class="right">   registered authentication schemes and their corresponding</td><td class="lineno" valign="top"></td></tr>
165      <tr><td class="lineno" valign="top"></td><td class="left">   specifications, including the "basic" and "digest" authentication</td><td> </td><td class="right">   specifications, including the "basic" and "digest" authentication</td><td class="lineno" valign="top"></td></tr>
166      <tr><td class="lineno" valign="top"></td><td class="left">   schemes previously defined by RFC 2617.</td><td> </td><td class="right">   schemes previously defined by RFC 2617.</td><td class="lineno" valign="top"></td></tr>
167      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
168      <tr><td class="lineno" valign="top"></td><td class="left">1.1.  Conformance and Error Handling</td><td> </td><td class="right">1.1.  Conformance and Error Handling</td><td class="lineno" valign="top"></td></tr>
169      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
170      <tr><td class="lineno" valign="top"></td><td class="left">   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",</td><td> </td><td class="right">   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",</td><td class="lineno" valign="top"></td></tr>
171      <tr><td class="lineno" valign="top"></td><td class="left">   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this</td><td> </td><td class="right">   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this</td><td class="lineno" valign="top"></td></tr>
172      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
173      <tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 4, line 49</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 3, line 49</em></th><td></td></tr>
174      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
175      <tr><td class="lineno" valign="top"></td><td class="left">2.  Access Authentication Framework</td><td> </td><td class="right">2.  Access Authentication Framework</td><td class="lineno" valign="top"></td></tr>
176      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
177      <tr><td class="lineno" valign="top"></td><td class="left">2.1.  Challenge and Response</td><td> </td><td class="right">2.1.  Challenge and Response</td><td class="lineno" valign="top"></td></tr>
178      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
179      <tr><td class="lineno" valign="top"></td><td class="left">   HTTP provides a simple challenge-response authentication framework</td><td> </td><td class="right">   HTTP provides a simple challenge-response authentication framework</td><td class="lineno" valign="top"></td></tr>
180      <tr><td class="lineno" valign="top"></td><td class="left">   that can be used by a server to challenge a client request and by a</td><td> </td><td class="right">   that can be used by a server to challenge a client request and by a</td><td class="lineno" valign="top"></td></tr>
181      <tr><td class="lineno" valign="top"></td><td class="left">   client to provide authentication information.  It uses a case-</td><td> </td><td class="right">   client to provide authentication information.  It uses a case-</td><td class="lineno" valign="top"></td></tr>
182      <tr><td class="lineno" valign="top"></td><td class="left">   insensitive token as a means to identify the authentication scheme,</td><td> </td><td class="right">   insensitive token as a means to identify the authentication scheme,</td><td class="lineno" valign="top"></td></tr>
183      <tr><td class="lineno" valign="top"></td><td class="left">   followed by additional information necessary for achieving</td><td> </td><td class="right">   followed by additional information necessary for achieving</td><td class="lineno" valign="top"></td></tr>
184      <tr><td><a name="diff0009" /></td></tr>
185      <tr><td class="lineno" valign="top"></td><td class="lblock">   authentication via that scheme.  The latter can <span class="delete">either be</span> a comma-</td><td> </td><td class="rblock">   authentication via that scheme.  The latter can <span class="insert">be either</span> a comma-</td><td class="lineno" valign="top"></td></tr>
186      <tr><td class="lineno" valign="top"></td><td class="left">   separated list of parameters or a single sequence of characters</td><td> </td><td class="right">   separated list of parameters or a single sequence of characters</td><td class="lineno" valign="top"></td></tr>
187      <tr><td class="lineno" valign="top"></td><td class="left">   capable of holding base64-encoded information.</td><td> </td><td class="right">   capable of holding base64-encoded information.</td><td class="lineno" valign="top"></td></tr>
188      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
189      <tr><td class="lineno" valign="top"></td><td class="left">   Authentication parameters are name=value pairs, where the name token</td><td> </td><td class="right">   Authentication parameters are name=value pairs, where the name token</td><td class="lineno" valign="top"></td></tr>
190      <tr><td class="lineno" valign="top"></td><td class="left">   is matched case-insensitively, and each parameter name MUST only</td><td> </td><td class="right">   is matched case-insensitively, and each parameter name MUST only</td><td class="lineno" valign="top"></td></tr>
191      <tr><td class="lineno" valign="top"></td><td class="left">   occur once per challenge.</td><td> </td><td class="right">   occur once per challenge.</td><td class="lineno" valign="top"></td></tr>
192      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
193      <tr><td class="lineno" valign="top"></td><td class="left">     auth-scheme    = token</td><td> </td><td class="right">     auth-scheme    = token</td><td class="lineno" valign="top"></td></tr>
194      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
195      <tr><td class="lineno" valign="top"></td><td class="left">     auth-param     = token BWS "=" BWS ( token / quoted-string )</td><td> </td><td class="right">     auth-param     = token BWS "=" BWS ( token / quoted-string )</td><td class="lineno" valign="top"></td></tr>
196      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
197      <tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 6, line 26</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 5, line 26</em></th><td></td></tr>
198      <tr><td class="lineno" valign="top"></td><td class="left">   (Unauthorized) response that contains a WWW-Authenticate header field</td><td> </td><td class="right">   (Unauthorized) response that contains a WWW-Authenticate header field</td><td class="lineno" valign="top"></td></tr>
199      <tr><td class="lineno" valign="top"></td><td class="left">   with at least one (possibly new) challenge applicable to the</td><td> </td><td class="right">   with at least one (possibly new) challenge applicable to the</td><td class="lineno" valign="top"></td></tr>
200      <tr><td class="lineno" valign="top"></td><td class="left">   requested resource.</td><td> </td><td class="right">   requested resource.</td><td class="lineno" valign="top"></td></tr>
201      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
202      <tr><td class="lineno" valign="top"></td><td class="left">   Likewise, upon receipt of a request that omits proxy credentials or</td><td> </td><td class="right">   Likewise, upon receipt of a request that omits proxy credentials or</td><td class="lineno" valign="top"></td></tr>
203      <tr><td class="lineno" valign="top"></td><td class="left">   contains invalid or partial proxy credentials, a proxy that requires</td><td> </td><td class="right">   contains invalid or partial proxy credentials, a proxy that requires</td><td class="lineno" valign="top"></td></tr>
204      <tr><td class="lineno" valign="top"></td><td class="left">   authentication SHOULD generate a 407 (Proxy Authentication Required)</td><td> </td><td class="right">   authentication SHOULD generate a 407 (Proxy Authentication Required)</td><td class="lineno" valign="top"></td></tr>
205      <tr><td class="lineno" valign="top"></td><td class="left">   response that contains a Proxy-Authenticate header field with at</td><td> </td><td class="right">   response that contains a Proxy-Authenticate header field with at</td><td class="lineno" valign="top"></td></tr>
206      <tr><td class="lineno" valign="top"></td><td class="left">   least one (possibly new) challenge applicable to the proxy.</td><td> </td><td class="right">   least one (possibly new) challenge applicable to the proxy.</td><td class="lineno" valign="top"></td></tr>
207      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
208      <tr><td><a name="diff0010" /></td></tr>
209      <tr><td class="lineno" valign="top"></td><td class="lblock">   A server that receives valid credentials <span class="delete">which</span> are not adequate to</td><td> </td><td class="rblock">   A server that receives valid credentials <span class="insert">that</span> are not adequate to</td><td class="lineno" valign="top"></td></tr>
210      <tr><td class="lineno" valign="top"></td><td class="left">   gain access ought to respond with the 403 (Forbidden) status code</td><td> </td><td class="right">   gain access ought to respond with the 403 (Forbidden) status code</td><td class="lineno" valign="top"></td></tr>
211      <tr><td class="lineno" valign="top"></td><td class="left">   (Section 6.5.3 of [RFC7231]).</td><td> </td><td class="right">   (Section 6.5.3 of [RFC7231]).</td><td class="lineno" valign="top"></td></tr>
212      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
213      <tr><td class="lineno" valign="top"></td><td class="left">   HTTP does not restrict applications to this simple challenge-response</td><td> </td><td class="right">   HTTP does not restrict applications to this simple challenge-response</td><td class="lineno" valign="top"></td></tr>
214      <tr><td class="lineno" valign="top"></td><td class="left">   framework for access authentication.  Additional mechanisms can be</td><td> </td><td class="right">   framework for access authentication.  Additional mechanisms can be</td><td class="lineno" valign="top"></td></tr>
215      <tr><td class="lineno" valign="top"></td><td class="left">   used, such as authentication at the transport level or via message</td><td> </td><td class="right">   used, such as authentication at the transport level or via message</td><td class="lineno" valign="top"></td></tr>
216      <tr><td class="lineno" valign="top"></td><td class="left">   encapsulation, and with additional header fields specifying</td><td> </td><td class="right">   encapsulation, and with additional header fields specifying</td><td class="lineno" valign="top"></td></tr>
217      <tr><td class="lineno" valign="top"></td><td class="left">   authentication information.  However, such additional mechanisms are</td><td> </td><td class="right">   authentication information.  However, such additional mechanisms are</td><td class="lineno" valign="top"></td></tr>
218      <tr><td class="lineno" valign="top"></td><td class="left">   not defined by this specification.</td><td> </td><td class="right">   not defined by this specification.</td><td class="lineno" valign="top"></td></tr>
219      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
220      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
221      <tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 6, line 49</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 5, line 49</em></th><td></td></tr>
222      <tr><td class="lineno" valign="top"></td><td class="left">   The "realm" authentication parameter is reserved for use by</td><td> </td><td class="right">   The "realm" authentication parameter is reserved for use by</td><td class="lineno" valign="top"></td></tr>
223      <tr><td class="lineno" valign="top"></td><td class="left">   authentication schemes that wish to indicate a scope of protection.</td><td> </td><td class="right">   authentication schemes that wish to indicate a scope of protection.</td><td class="lineno" valign="top"></td></tr>
224      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
225      <tr><td class="lineno" valign="top"></td><td class="left">   A protection space is defined by the canonical root URI (the scheme</td><td> </td><td class="right">   A protection space is defined by the canonical root URI (the scheme</td><td class="lineno" valign="top"></td></tr>
226      <tr><td class="lineno" valign="top"></td><td class="left">   and authority components of the effective request URI; see Section</td><td> </td><td class="right">   and authority components of the effective request URI; see Section</td><td class="lineno" valign="top"></td></tr>
227      <tr><td class="lineno" valign="top"></td><td class="left">   5.5 of [RFC7230]) of the server being accessed, in combination with</td><td> </td><td class="right">   5.5 of [RFC7230]) of the server being accessed, in combination with</td><td class="lineno" valign="top"></td></tr>
228      <tr><td class="lineno" valign="top"></td><td class="left">   the realm value if present.  These realms allow the protected</td><td> </td><td class="right">   the realm value if present.  These realms allow the protected</td><td class="lineno" valign="top"></td></tr>
229      <tr><td class="lineno" valign="top"></td><td class="left">   resources on a server to be partitioned into a set of protection</td><td> </td><td class="right">   resources on a server to be partitioned into a set of protection</td><td class="lineno" valign="top"></td></tr>
230      <tr><td class="lineno" valign="top"></td><td class="left">   spaces, each with its own authentication scheme and/or authorization</td><td> </td><td class="right">   spaces, each with its own authentication scheme and/or authorization</td><td class="lineno" valign="top"></td></tr>
231      <tr><td class="lineno" valign="top"></td><td class="left">   database.  The realm value is a string, generally assigned by the</td><td> </td><td class="right">   database.  The realm value is a string, generally assigned by the</td><td class="lineno" valign="top"></td></tr>
232      <tr><td><a name="diff0011" /></td></tr>
233      <tr><td class="lineno" valign="top"></td><td class="lblock">   origin server, <span class="delete">which</span> can have additional semantics specific to the</td><td> </td><td class="rblock">   origin server, <span class="insert">that</span> can have additional semantics specific to the</td><td class="lineno" valign="top"></td></tr>
234      <tr><td class="lineno" valign="top"></td><td class="left">   authentication scheme.  Note that a response can have multiple</td><td> </td><td class="right">   authentication scheme.  Note that a response can have multiple</td><td class="lineno" valign="top"></td></tr>
235      <tr><td><a name="diff0012" /></td></tr>
236      <tr><td class="lineno" valign="top"></td><td class="lblock">   challenges with the same auth-scheme but different realms.</td><td> </td><td class="rblock">   challenges with the same auth-scheme but <span class="insert">with </span>different realms.</td><td class="lineno" valign="top"></td></tr>
237      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
238      <tr><td class="lineno" valign="top"></td><td class="left">   The protection space determines the domain over which credentials can</td><td> </td><td class="right">   The protection space determines the domain over which credentials can</td><td class="lineno" valign="top"></td></tr>
239      <tr><td class="lineno" valign="top"></td><td class="left">   be automatically applied.  If a prior request has been authorized,</td><td> </td><td class="right">   be automatically applied.  If a prior request has been authorized,</td><td class="lineno" valign="top"></td></tr>
240      <tr><td class="lineno" valign="top"></td><td class="left">   the user agent MAY reuse the same credentials for all other requests</td><td> </td><td class="right">   the user agent MAY reuse the same credentials for all other requests</td><td class="lineno" valign="top"></td></tr>
241      <tr><td class="lineno" valign="top"></td><td class="left">   within that protection space for a period of time determined by the</td><td> </td><td class="right">   within that protection space for a period of time determined by the</td><td class="lineno" valign="top"></td></tr>
242      <tr><td class="lineno" valign="top"></td><td class="left">   authentication scheme, parameters, and/or user preferences (such as a</td><td> </td><td class="right">   authentication scheme, parameters, and/or user preferences (such as a</td><td class="lineno" valign="top"></td></tr>
243      <tr><td class="lineno" valign="top"></td><td class="left">   configurable inactivity timeout).  Unless specifically allowed by the</td><td> </td><td class="right">   configurable inactivity timeout).  Unless specifically allowed by the</td><td class="lineno" valign="top"></td></tr>
244      <tr><td class="lineno" valign="top"></td><td class="left">   authentication scheme, a single protection space cannot extend</td><td> </td><td class="right">   authentication scheme, a single protection space cannot extend</td><td class="lineno" valign="top"></td></tr>
245      <tr><td class="lineno" valign="top"></td><td class="left">   outside the scope of its server.</td><td> </td><td class="right">   outside the scope of its server.</td><td class="lineno" valign="top"></td></tr>
246      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
247      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
248      <tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 7, line 41</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 6, line 41</em></th><td></td></tr>
249      <tr><td class="lineno" valign="top"></td><td class="left">   credentials.  The user agent MAY repeat the request with a new or</td><td> </td><td class="right">   credentials.  The user agent MAY repeat the request with a new or</td><td class="lineno" valign="top"></td></tr>
250      <tr><td class="lineno" valign="top"></td><td class="left">   replaced Authorization header field (Section 4.2).  If the 401</td><td> </td><td class="right">   replaced Authorization header field (Section 4.2).  If the 401</td><td class="lineno" valign="top"></td></tr>
251      <tr><td class="lineno" valign="top"></td><td class="left">   response contains the same challenge as the prior response, and the</td><td> </td><td class="right">   response contains the same challenge as the prior response, and the</td><td class="lineno" valign="top"></td></tr>
252      <tr><td class="lineno" valign="top"></td><td class="left">   user agent has already attempted authentication at least once, then</td><td> </td><td class="right">   user agent has already attempted authentication at least once, then</td><td class="lineno" valign="top"></td></tr>
253      <tr><td class="lineno" valign="top"></td><td class="left">   the user agent SHOULD present the enclosed representation to the</td><td> </td><td class="right">   the user agent SHOULD present the enclosed representation to the</td><td class="lineno" valign="top"></td></tr>
254      <tr><td class="lineno" valign="top"></td><td class="left">   user, since it usually contains relevant diagnostic information.</td><td> </td><td class="right">   user, since it usually contains relevant diagnostic information.</td><td class="lineno" valign="top"></td></tr>
255      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
256      <tr><td class="lineno" valign="top"></td><td class="left">3.2.  407 Proxy Authentication Required</td><td> </td><td class="right">3.2.  407 Proxy Authentication Required</td><td class="lineno" valign="top"></td></tr>
257      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
258      <tr><td class="lineno" valign="top"></td><td class="left">   The 407 (Proxy Authentication Required) status code is similar to 401</td><td> </td><td class="right">   The 407 (Proxy Authentication Required) status code is similar to 401</td><td class="lineno" valign="top"></td></tr>
259      <tr><td><a name="diff0013" /></td></tr>
260      <tr><td class="lineno" valign="top"></td><td class="lblock">   (Unauthorized), but indicates that the client needs to authenticate</td><td> </td><td class="rblock">   (Unauthorized), but <span class="insert">it</span> indicates that the client needs to</td><td class="lineno" valign="top"></td></tr>
261      <tr><td class="lineno" valign="top"></td><td class="lblock">   itself in order to use a proxy.  The proxy MUST send a <span class="delete">Proxy-</span></td><td> </td><td class="rblock">   authenticate itself in order to use a proxy.  The proxy MUST send a</td><td class="lineno" valign="top"></td></tr>
262      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Authenticate</span> header field (Section 4.3) containing a challenge</td><td> </td><td class="rblock">   <span class="insert">Proxy-Authenticate</span> header field (Section 4.3) containing a challenge</td><td class="lineno" valign="top"></td></tr>
263      <tr><td class="lineno" valign="top"></td><td class="left">   applicable to that proxy for the target resource.  The client MAY</td><td> </td><td class="right">   applicable to that proxy for the target resource.  The client MAY</td><td class="lineno" valign="top"></td></tr>
264      <tr><td class="lineno" valign="top"></td><td class="left">   repeat the request with a new or replaced Proxy-Authorization header</td><td> </td><td class="right">   repeat the request with a new or replaced Proxy-Authorization header</td><td class="lineno" valign="top"></td></tr>
265      <tr><td class="lineno" valign="top"></td><td class="left">   field (Section 4.4).</td><td> </td><td class="right">   field (Section 4.4).</td><td class="lineno" valign="top"></td></tr>
266      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
267      <tr><td class="lineno" valign="top"></td><td class="left">4.  Header Field Definitions</td><td> </td><td class="right">4.  Header Field Definitions</td><td class="lineno" valign="top"></td></tr>
268      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
269      <tr><td class="lineno" valign="top"></td><td class="left">   This section defines the syntax and semantics of header fields</td><td> </td><td class="right">   This section defines the syntax and semantics of header fields</td><td class="lineno" valign="top"></td></tr>
270      <tr><td class="lineno" valign="top"></td><td class="left">   related to the HTTP authentication framework.</td><td> </td><td class="right">   related to the HTTP authentication framework.</td><td class="lineno" valign="top"></td></tr>
271      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
272      <tr><td class="lineno" valign="top"></td><td class="left">4.1.  WWW-Authenticate</td><td> </td><td class="right">4.1.  WWW-Authenticate</td><td class="lineno" valign="top"></td></tr>
273      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
274      <tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 10, line 15</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 9, line 15</em></th><td></td></tr>
275      <tr><td class="lineno" valign="top"></td><td class="left">   the Proxy-Authorization header field is consumed by the first inbound</td><td> </td><td class="right">   the Proxy-Authorization header field is consumed by the first inbound</td><td class="lineno" valign="top"></td></tr>
276      <tr><td class="lineno" valign="top"></td><td class="left">   proxy that was expecting to receive credentials.  A proxy MAY relay</td><td> </td><td class="right">   proxy that was expecting to receive credentials.  A proxy MAY relay</td><td class="lineno" valign="top"></td></tr>
277      <tr><td class="lineno" valign="top"></td><td class="left">   the credentials from the client request to the next proxy if that is</td><td> </td><td class="right">   the credentials from the client request to the next proxy if that is</td><td class="lineno" valign="top"></td></tr>
278      <tr><td class="lineno" valign="top"></td><td class="left">   the mechanism by which the proxies cooperatively authenticate a given</td><td> </td><td class="right">   the mechanism by which the proxies cooperatively authenticate a given</td><td class="lineno" valign="top"></td></tr>
279      <tr><td class="lineno" valign="top"></td><td class="left">   request.</td><td> </td><td class="right">   request.</td><td class="lineno" valign="top"></td></tr>
280      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
281      <tr><td class="lineno" valign="top"></td><td class="left">5.  IANA Considerations</td><td> </td><td class="right">5.  IANA Considerations</td><td class="lineno" valign="top"></td></tr>
282      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
283      <tr><td class="lineno" valign="top"></td><td class="left">5.1.  Authentication Scheme Registry</td><td> </td><td class="right">5.1.  Authentication Scheme Registry</td><td class="lineno" valign="top"></td></tr>
284      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
285      <tr><td><a name="diff0014" /></td></tr>
286      <tr><td class="lineno" valign="top"></td><td class="lblock">   The <span class="delete">HTTP</span> Authentication <span class="delete">Scheme Registry</span> defines the <span class="delete">namespace</span> for the</td><td> </td><td class="rblock">   The <span class="insert">"HTTP</span> Authentication <span class="insert">Schemes" registry</span> defines the <span class="insert">name space</span> for</td><td class="lineno" valign="top"></td></tr>
287      <tr><td class="lineno" valign="top"></td><td class="lblock">   authentication schemes in challenges and credentials.  <span class="delete">It will be</span></td><td> </td><td class="rblock">   the authentication schemes in challenges and credentials.  <span class="insert">The</span></td><td class="lineno" valign="top"></td></tr>
288      <tr><td class="lineno" valign="top"></td><td class="lblock">   created and maintained at <span class="delete">(the suggested URI)</span></td><td> </td><td class="rblock"><span class="insert">   registry has been</span> created and <span class="insert">is now</span> maintained at</td><td class="lineno" valign="top"></td></tr>
289      <tr><td class="lineno" valign="top"></td><td class="left">   &lt;http://www.iana.org/assignments/http-authschemes&gt;.</td><td> </td><td class="right">   &lt;http://www.iana.org/assignments/http-authschemes&gt;.</td><td class="lineno" valign="top"></td></tr>
290      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
291      <tr><td class="lineno" valign="top"></td><td class="left">5.1.1.  Procedure</td><td> </td><td class="right">5.1.1.  Procedure</td><td class="lineno" valign="top"></td></tr>
292      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
293      <tr><td class="lineno" valign="top"></td><td class="left">   Registrations MUST include the following fields:</td><td> </td><td class="right">   Registrations MUST include the following fields:</td><td class="lineno" valign="top"></td></tr>
294      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
295      <tr><td class="lineno" valign="top"></td><td class="left">   o  Authentication Scheme Name</td><td> </td><td class="right">   o  Authentication Scheme Name</td><td class="lineno" valign="top"></td></tr>
296      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
297      <tr><td class="lineno" valign="top"></td><td class="left">   o  Pointer to specification text</td><td> </td><td class="right">   o  Pointer to specification text</td><td class="lineno" valign="top"></td></tr>
298      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
299      <tr><td class="lineno" valign="top"></td><td class="left">   o  Notes (optional)</td><td> </td><td class="right">   o  Notes (optional)</td><td class="lineno" valign="top"></td></tr>
300      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
301      <tr><td><a name="diff0015" /></td></tr>
302      <tr><td class="lineno" valign="top"></td><td class="lblock">   Values to be added to this namespace require IETF Review (see</td><td> </td><td class="rblock">   Values to be added to this name<span class="insert"> </span>space require IETF Review (see</td><td class="lineno" valign="top"></td></tr>
303      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC5226], Section 4.1).</td><td> </td><td class="right">   [RFC5226], Section 4.1).</td><td class="lineno" valign="top"></td></tr>
304      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
305      <tr><td class="lineno" valign="top"></td><td class="left">5.1.2.  Considerations for New Authentication Schemes</td><td> </td><td class="right">5.1.2.  Considerations for New Authentication Schemes</td><td class="lineno" valign="top"></td></tr>
306      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
307      <tr><td class="lineno" valign="top"></td><td class="left">   There are certain aspects of the HTTP Authentication Framework that</td><td> </td><td class="right">   There are certain aspects of the HTTP Authentication Framework that</td><td class="lineno" valign="top"></td></tr>
308      <tr><td class="lineno" valign="top"></td><td class="left">   put constraints on how new authentication schemes can work:</td><td> </td><td class="right">   put constraints on how new authentication schemes can work:</td><td class="lineno" valign="top"></td></tr>
309      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
310      <tr><td class="lineno" valign="top"></td><td class="left">   o  HTTP authentication is presumed to be stateless: all of the</td><td> </td><td class="right">   o  HTTP authentication is presumed to be stateless: all of the</td><td class="lineno" valign="top"></td></tr>
311      <tr><td class="lineno" valign="top"></td><td class="left">      information necessary to authenticate a request MUST be provided</td><td> </td><td class="right">      information necessary to authenticate a request MUST be provided</td><td class="lineno" valign="top"></td></tr>
312      <tr><td class="lineno" valign="top"></td><td class="left">      in the request, rather than be dependent on the server remembering</td><td> </td><td class="right">      in the request, rather than be dependent on the server remembering</td><td class="lineno" valign="top"></td></tr>
313      <tr><td class="lineno" valign="top"></td><td class="left">      prior requests.  Authentication based on, or bound to, the</td><td> </td><td class="right">      prior requests.  Authentication based on, or bound to, the</td><td class="lineno" valign="top"></td></tr>
314      <tr><td class="lineno" valign="top"></td><td class="left">      underlying connection is outside the scope of this specification</td><td> </td><td class="right">      underlying connection is outside the scope of this specification</td><td class="lineno" valign="top"></td></tr>
315      <tr><td class="lineno" valign="top"></td><td class="left">      and inherently flawed unless steps are taken to ensure that the</td><td> </td><td class="right">      and inherently flawed unless steps are taken to ensure that the</td><td class="lineno" valign="top"></td></tr>
316      <tr><td class="lineno" valign="top"></td><td class="left">      connection cannot be used by any party other than the</td><td> </td><td class="right">      connection cannot be used by any party other than the</td><td class="lineno" valign="top"></td></tr>
317      <tr><td class="lineno" valign="top"></td><td class="left">      authenticated user (see Section 2.3 of [RFC7230]).</td><td> </td><td class="right">      authenticated user (see Section 2.3 of [RFC7230]).</td><td class="lineno" valign="top"></td></tr>
318      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
319      <tr><td class="lineno" valign="top"></td><td class="left">   o  The authentication parameter "realm" is reserved for defining</td><td> </td><td class="right">   o  The authentication parameter "realm" is reserved for defining</td><td class="lineno" valign="top"></td></tr>
320      <tr><td><a name="diff0016" /></td></tr>
321      <tr><td class="lineno" valign="top"></td><td class="lblock">      <span class="delete">Protection Spaces</span> as <span class="delete">defined</span> in Section 2.2.  New schemes MUST NOT</td><td> </td><td class="rblock">      <span class="insert">protection spaces</span> as <span class="insert">described</span> in Section 2.2.  New schemes MUST</td><td class="lineno" valign="top"></td></tr>
322      <tr><td class="lineno" valign="top"></td><td class="lblock">      use it in a way incompatible with that definition.</td><td> </td><td class="rblock">      NOT use it in a way incompatible with that definition.</td><td class="lineno" valign="top"></td></tr>
323      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
324      <tr><td class="lineno" valign="top"></td><td class="left">   o  The "token68" notation was introduced for compatibility with</td><td> </td><td class="right">   o  The "token68" notation was introduced for compatibility with</td><td class="lineno" valign="top"></td></tr>
325      <tr><td class="lineno" valign="top"></td><td class="left">      existing authentication schemes and can only be used once per</td><td> </td><td class="right">      existing authentication schemes and can only be used once per</td><td class="lineno" valign="top"></td></tr>
326      <tr><td><a name="diff0017" /></td></tr>
327      <tr><td class="lineno" valign="top"></td><td class="lblock">      challenge or credential.  <span class="delete">New</span> schemes <span class="delete">thus</span> ought to use the <span class="delete">"auth-</span></td><td> </td><td class="rblock">      challenge or credential.  <span class="insert">Thus, new</span> schemes ought to use the <span class="insert">auth-</span></td><td class="lineno" valign="top"></td></tr>
328      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">      param"</span> syntax instead, because otherwise future extensions will be</td><td> </td><td class="rblock"><span class="insert">      param</span> syntax instead, because otherwise future extensions will be</td><td class="lineno" valign="top"></td></tr>
329      <tr><td class="lineno" valign="top"></td><td class="left">      impossible.</td><td> </td><td class="right">      impossible.</td><td class="lineno" valign="top"></td></tr>
330      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
331      <tr><td class="lineno" valign="top"></td><td class="left">   o  The parsing of challenges and credentials is defined by this</td><td> </td><td class="right">   o  The parsing of challenges and credentials is defined by this</td><td class="lineno" valign="top"></td></tr>
332      <tr><td><a name="diff0018" /></td></tr>
333      <tr><td class="lineno" valign="top"></td><td class="lblock">      specification<span class="delete">,</span> and cannot be modified by new authentication</td><td> </td><td class="rblock">      specification and cannot be modified by new authentication</td><td class="lineno" valign="top"></td></tr>
334      <tr><td class="lineno" valign="top"></td><td class="left">      schemes.  When the auth-param syntax is used, all parameters ought</td><td> </td><td class="right">      schemes.  When the auth-param syntax is used, all parameters ought</td><td class="lineno" valign="top"></td></tr>
335      <tr><td class="lineno" valign="top"></td><td class="left">      to support both token and quoted-string syntax, and syntactical</td><td> </td><td class="right">      to support both token and quoted-string syntax, and syntactical</td><td class="lineno" valign="top"></td></tr>
336      <tr><td class="lineno" valign="top"></td><td class="left">      constraints ought to be defined on the field value after parsing</td><td> </td><td class="right">      constraints ought to be defined on the field value after parsing</td><td class="lineno" valign="top"></td></tr>
337      <tr><td class="lineno" valign="top"></td><td class="left">      (i.e., quoted-string processing).  This is necessary so that</td><td> </td><td class="right">      (i.e., quoted-string processing).  This is necessary so that</td><td class="lineno" valign="top"></td></tr>
338      <tr><td class="lineno" valign="top"></td><td class="left">      recipients can use a generic parser that applies to all</td><td> </td><td class="right">      recipients can use a generic parser that applies to all</td><td class="lineno" valign="top"></td></tr>
339      <tr><td class="lineno" valign="top"></td><td class="left">      authentication schemes.</td><td> </td><td class="right">      authentication schemes.</td><td class="lineno" valign="top"></td></tr>
340      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
341      <tr><td class="lineno" valign="top"></td><td class="left">      Note: The fact that the value syntax for the "realm" parameter is</td><td> </td><td class="right">      Note: The fact that the value syntax for the "realm" parameter is</td><td class="lineno" valign="top"></td></tr>
342      <tr><td class="lineno" valign="top"></td><td class="left">      restricted to quoted-string was a bad design choice not to be</td><td> </td><td class="right">      restricted to quoted-string was a bad design choice not to be</td><td class="lineno" valign="top"></td></tr>
343      <tr><td class="lineno" valign="top"></td><td class="left">      repeated for new parameters.</td><td> </td><td class="right">      repeated for new parameters.</td><td class="lineno" valign="top"></td></tr>
344      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
345      <tr><td class="lineno" valign="top"></td><td class="left">   o  Definitions of new schemes ought to define the treatment of</td><td> </td><td class="right">   o  Definitions of new schemes ought to define the treatment of</td><td class="lineno" valign="top"></td></tr>
346      <tr><td class="lineno" valign="top"></td><td class="left">      unknown extension parameters.  In general, a "must-ignore" rule is</td><td> </td><td class="right">      unknown extension parameters.  In general, a "must-ignore" rule is</td><td class="lineno" valign="top"></td></tr>
347      <tr><td><a name="diff0019" /></td></tr>
348      <tr><td class="lineno" valign="top"></td><td class="lblock">      preferable <span class="delete">over "must-understand",</span> because otherwise it will be</td><td> </td><td class="rblock">      preferable <span class="insert">to a "must-understand" rule,</span> because otherwise it will</td><td class="lineno" valign="top"></td></tr>
349      <tr><td class="lineno" valign="top"></td><td class="lblock">      hard to introduce new parameters in the presence of legacy</td><td> </td><td class="rblock">      be hard to introduce new parameters in the presence of legacy</td><td class="lineno" valign="top"></td></tr>
350      <tr><td class="lineno" valign="top"></td><td class="left">      recipients.  Furthermore, it's good to describe the policy for</td><td> </td><td class="right">      recipients.  Furthermore, it's good to describe the policy for</td><td class="lineno" valign="top"></td></tr>
351      <tr><td><a name="diff0020" /></td></tr>
352      <tr><td class="lineno" valign="top"></td><td class="lblock">      defining new parameters (such as "update the specification"<span class="delete">,</span> or</td><td> </td><td class="rblock">      defining new parameters (such as "update the specification" or</td><td class="lineno" valign="top"></td></tr>
353      <tr><td class="lineno" valign="top"></td><td class="left">      "use this registry").</td><td> </td><td class="right">      "use this registry").</td><td class="lineno" valign="top"></td></tr>
354      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
355      <tr><td class="lineno" valign="top"></td><td class="left">   o  Authentication schemes need to document whether they are usable in</td><td> </td><td class="right">   o  Authentication schemes need to document whether they are usable in</td><td class="lineno" valign="top"></td></tr>
356      <tr><td class="lineno" valign="top"></td><td class="left">      origin-server authentication (i.e., using WWW-Authenticate),</td><td> </td><td class="right">      origin-server authentication (i.e., using WWW-Authenticate),</td><td class="lineno" valign="top"></td></tr>
357      <tr><td class="lineno" valign="top"></td><td class="left">      and/or proxy authentication (i.e., using Proxy-Authenticate).</td><td> </td><td class="right">      and/or proxy authentication (i.e., using Proxy-Authenticate).</td><td class="lineno" valign="top"></td></tr>
358      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
359      <tr><td class="lineno" valign="top"></td><td class="left">   o  The credentials carried in an Authorization header field are</td><td> </td><td class="right">   o  The credentials carried in an Authorization header field are</td><td class="lineno" valign="top"></td></tr>
360      <tr><td><a name="diff0021" /></td></tr>
361      <tr><td class="lineno" valign="top"></td><td class="lblock">      specific to the <span class="delete">User Agent, and therefore</span> have the same effect on</td><td> </td><td class="rblock">      specific to the <span class="insert">user agent and, therefore,</span> have the same effect on</td><td class="lineno" valign="top"></td></tr>
362      <tr><td class="lineno" valign="top"></td><td class="left">      HTTP caches as the "private" Cache-Control response directive</td><td> </td><td class="right">      HTTP caches as the "private" Cache-Control response directive</td><td class="lineno" valign="top"></td></tr>
363      <tr><td><a name="diff0022" /></td></tr>
364      <tr><td class="lineno" valign="top"></td><td class="lblock">      (Section 5.2.2.6 of [RFC7234]), within the scope of the request</td><td> </td><td class="rblock">      (Section 5.2.2.6 of [RFC7234]), within the scope of the request <span class="insert">in</span></td><td class="lineno" valign="top"></td></tr>
365      <tr><td class="lineno" valign="top"></td><td class="lblock">      they <span class="delete">appear in.</span></td><td> </td><td class="rblock"><span class="insert">      which</span> they <span class="insert">appear.</span></td><td class="lineno" valign="top"></td></tr>
366      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
367      <tr><td class="lineno" valign="top"></td><td class="left">      Therefore, new authentication schemes that choose not to carry</td><td> </td><td class="right">      Therefore, new authentication schemes that choose not to carry</td><td class="lineno" valign="top"></td></tr>
368      <tr><td class="lineno" valign="top"></td><td class="left">      credentials in the Authorization header field (e.g., using a newly</td><td> </td><td class="right">      credentials in the Authorization header field (e.g., using a newly</td><td class="lineno" valign="top"></td></tr>
369      <tr><td class="lineno" valign="top"></td><td class="left">      defined header field) will need to explicitly disallow caching, by</td><td> </td><td class="right">      defined header field) will need to explicitly disallow caching, by</td><td class="lineno" valign="top"></td></tr>
370      <tr><td class="lineno" valign="top"></td><td class="left">      mandating the use of either Cache-Control request directives</td><td> </td><td class="right">      mandating the use of either Cache-Control request directives</td><td class="lineno" valign="top"></td></tr>
371      <tr><td class="lineno" valign="top"></td><td class="left">      (e.g., "no-store", Section 5.2.1.5 of [RFC7234]) or response</td><td> </td><td class="right">      (e.g., "no-store", Section 5.2.1.5 of [RFC7234]) or response</td><td class="lineno" valign="top"></td></tr>
372      <tr><td class="lineno" valign="top"></td><td class="left">      directives (e.g., "private").</td><td> </td><td class="right">      directives (e.g., "private").</td><td class="lineno" valign="top"></td></tr>
373      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
374      <tr><td class="lineno" valign="top"></td><td class="left">5.2.  Status Code Registration</td><td> </td><td class="right">5.2.  Status Code Registration</td><td class="lineno" valign="top"></td></tr>
375      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
376      <tr><td><a name="diff0023" /></td></tr>
377      <tr><td class="lineno" valign="top"></td><td class="lblock">   The <span class="delete">"Hypertext Transfer Protocol (HTTP)</span> Status Code <span class="delete">Registry"</span> located</td><td> </td><td class="rblock">   The <span class="insert">HTTP</span> Status Code <span class="insert">Registry</span> located at</td><td class="lineno" valign="top"></td></tr>
378      <tr><td class="lineno" valign="top"></td><td class="lblock">   at &lt;http://www.iana.org/assignments/http-status-codes&gt; <span class="delete">has been</span></td><td> </td><td class="rblock">   &lt;http://www.iana.org/assignments/http-status-codes&gt; <span class="insert">shall be</span> updated</td><td class="lineno" valign="top"></td></tr>
379      <tr><td class="lineno" valign="top"></td><td class="lblock">   updated with the registrations below:</td><td> </td><td class="rblock">   with the registrations below:</td><td class="lineno" valign="top"></td></tr>
380      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
381      <tr><td class="lineno" valign="top"></td><td class="left">   +-------+-------------------------------+-------------+</td><td> </td><td class="right">   +-------+-------------------------------+-------------+</td><td class="lineno" valign="top"></td></tr>
382      <tr><td class="lineno" valign="top"></td><td class="left">   | Value | Description                   | Reference   |</td><td> </td><td class="right">   | Value | Description                   | Reference   |</td><td class="lineno" valign="top"></td></tr>
383      <tr><td class="lineno" valign="top"></td><td class="left">   +-------+-------------------------------+-------------+</td><td> </td><td class="right">   +-------+-------------------------------+-------------+</td><td class="lineno" valign="top"></td></tr>
384      <tr><td class="lineno" valign="top"></td><td class="left">   | 401   | Unauthorized                  | Section 3.1 |</td><td> </td><td class="right">   | 401   | Unauthorized                  | Section 3.1 |</td><td class="lineno" valign="top"></td></tr>
385      <tr><td class="lineno" valign="top"></td><td class="left">   | 407   | Proxy Authentication Required | Section 3.2 |</td><td> </td><td class="right">   | 407   | Proxy Authentication Required | Section 3.2 |</td><td class="lineno" valign="top"></td></tr>
386      <tr><td class="lineno" valign="top"></td><td class="left">   +-------+-------------------------------+-------------+</td><td> </td><td class="right">   +-------+-------------------------------+-------------+</td><td class="lineno" valign="top"></td></tr>
387      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
388      <tr><td class="lineno" valign="top"></td><td class="left">5.3.  Header Field Registration</td><td> </td><td class="right">5.3.  Header Field Registration</td><td class="lineno" valign="top"></td></tr>
389      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
390      <tr><td><a name="diff0024" /></td></tr>
391      <tr><td class="lineno" valign="top"></td><td class="lblock">   HTTP header fields are registered within the <span class="delete">"Message Headers"</span></td><td> </td><td class="rblock">   HTTP header fields are registered within the <span class="insert">Message Header Field</span></td><td class="lineno" valign="top"></td></tr>
392      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   registry</span> maintained at</td><td> </td><td class="rblock"><span class="insert">   Registry</span> maintained at</td><td class="lineno" valign="top"></td></tr>
393      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">&lt;http://www.iana.org/assignments/message-headers/&gt;.</span></td><td> </td><td class="rblock">   <span class="insert">&lt;http://www.iana.org/assignments/message-headers&gt;.</span></td><td class="lineno" valign="top"></td></tr>
394      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
395      <tr><td><a name="diff0025" /></td></tr>
396      <tr><td class="lineno" valign="top"></td><td class="lblock">   This document defines the following HTTP header fields, so <span class="delete">the</span></td><td> </td><td class="rblock">   This document defines the following HTTP header fields, so <span class="insert">their</span></td><td class="lineno" valign="top"></td></tr>
397      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   "Permanent Message Header Field Names"</span> registry <span class="delete">has</span> been updated</td><td> </td><td class="rblock"><span class="insert">   associated</span> registry <span class="insert">entries have</span> been updated <span class="insert">according to the</span></td><td class="lineno" valign="top"></td></tr>
398      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">accordingly</span> (see <span class="delete">[BCP90]).</span></td><td> </td><td class="rblock"><span class="insert">   permanent registrations below</span> (see <span class="insert">[BCP90]):</span></td><td class="lineno" valign="top"></td></tr>
399      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
400      <tr><td class="lineno" valign="top"></td><td class="left">   +---------------------+----------+----------+-------------+</td><td> </td><td class="right">   +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
401      <tr><td class="lineno" valign="top"></td><td class="left">   | Header Field Name   | Protocol | Status   | Reference   |</td><td> </td><td class="right">   | Header Field Name   | Protocol | Status   | Reference   |</td><td class="lineno" valign="top"></td></tr>
402      <tr><td class="lineno" valign="top"></td><td class="left">   +---------------------+----------+----------+-------------+</td><td> </td><td class="right">   +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
403      <tr><td class="lineno" valign="top"></td><td class="left">   | Authorization       | http     | standard | Section 4.2 |</td><td> </td><td class="right">   | Authorization       | http     | standard | Section 4.2 |</td><td class="lineno" valign="top"></td></tr>
404      <tr><td class="lineno" valign="top"></td><td class="left">   | Proxy-Authenticate  | http     | standard | Section 4.3 |</td><td> </td><td class="right">   | Proxy-Authenticate  | http     | standard | Section 4.3 |</td><td class="lineno" valign="top"></td></tr>
405      <tr><td class="lineno" valign="top"></td><td class="left">   | Proxy-Authorization | http     | standard | Section 4.4 |</td><td> </td><td class="right">   | Proxy-Authorization | http     | standard | Section 4.4 |</td><td class="lineno" valign="top"></td></tr>
406      <tr><td class="lineno" valign="top"></td><td class="left">   | WWW-Authenticate    | http     | standard | Section 4.1 |</td><td> </td><td class="right">   | WWW-Authenticate    | http     | standard | Section 4.1 |</td><td class="lineno" valign="top"></td></tr>
407      <tr><td class="lineno" valign="top"></td><td class="left">   +---------------------+----------+----------+-------------+</td><td> </td><td class="right">   +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
408      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
409      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
410      <tr bgcolor="gray" ><td></td><th><a name="part-l8" /><small>skipping to change at</small><em> page 13, line 23</em></th><th> </th><th><a name="part-r8" /><small>skipping to change at</small><em> page 12, line 23</em></th><td></td></tr>
411      <tr><td class="lineno" valign="top"></td><td class="left">   authentication scheme defines how the credentials are encoded prior</td><td> </td><td class="right">   authentication scheme defines how the credentials are encoded prior</td><td class="lineno" valign="top"></td></tr>
412      <tr><td class="lineno" valign="top"></td><td class="left">   to transmission.  While this provides flexibility for the development</td><td> </td><td class="right">   to transmission.  While this provides flexibility for the development</td><td class="lineno" valign="top"></td></tr>
413      <tr><td class="lineno" valign="top"></td><td class="left">   of future authentication schemes, it is inadequate for the protection</td><td> </td><td class="right">   of future authentication schemes, it is inadequate for the protection</td><td class="lineno" valign="top"></td></tr>
414      <tr><td class="lineno" valign="top"></td><td class="left">   of existing schemes that provide no confidentiality on their own, or</td><td> </td><td class="right">   of existing schemes that provide no confidentiality on their own, or</td><td class="lineno" valign="top"></td></tr>
415      <tr><td class="lineno" valign="top"></td><td class="left">   that do not sufficiently protect against replay attacks.</td><td> </td><td class="right">   that do not sufficiently protect against replay attacks.</td><td class="lineno" valign="top"></td></tr>
416      <tr><td class="lineno" valign="top"></td><td class="left">   Furthermore, if the server expects credentials that are specific to</td><td> </td><td class="right">   Furthermore, if the server expects credentials that are specific to</td><td class="lineno" valign="top"></td></tr>
417      <tr><td class="lineno" valign="top"></td><td class="left">   each individual user, the exchange of those credentials will have the</td><td> </td><td class="right">   each individual user, the exchange of those credentials will have the</td><td class="lineno" valign="top"></td></tr>
418      <tr><td class="lineno" valign="top"></td><td class="left">   effect of identifying that user even if the content within</td><td> </td><td class="right">   effect of identifying that user even if the content within</td><td class="lineno" valign="top"></td></tr>
419      <tr><td class="lineno" valign="top"></td><td class="left">   credentials remains confidential.</td><td> </td><td class="right">   credentials remains confidential.</td><td class="lineno" valign="top"></td></tr>
420      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
421      <tr><td><a name="diff0026" /></td></tr>
422      <tr><td class="lineno" valign="top"></td><td class="lblock">   HTTP depends on the security properties of the underlying transport<span class="delete">-</span></td><td> </td><td class="rblock">   HTTP depends on the security properties of the underlying transport</td><td class="lineno" valign="top"></td></tr>
423      <tr><td class="lineno" valign="top"></td><td class="left">   or session-level connection to provide confidential transmission of</td><td> </td><td class="right">   or session-level connection to provide confidential transmission of</td><td class="lineno" valign="top"></td></tr>
424      <tr><td class="lineno" valign="top"></td><td class="left">   header fields.  In other words, if a server limits access to</td><td> </td><td class="right">   header fields.  In other words, if a server limits access to</td><td class="lineno" valign="top"></td></tr>
425      <tr><td class="lineno" valign="top"></td><td class="left">   authenticated users using this framework, the server needs to ensure</td><td> </td><td class="right">   authenticated users using this framework, the server needs to ensure</td><td class="lineno" valign="top"></td></tr>
426      <tr><td class="lineno" valign="top"></td><td class="left">   that the connection is properly secured in accordance with the nature</td><td> </td><td class="right">   that the connection is properly secured in accordance with the nature</td><td class="lineno" valign="top"></td></tr>
427      <tr><td class="lineno" valign="top"></td><td class="left">   of the authentication scheme used.  For example, services that depend</td><td> </td><td class="right">   of the authentication scheme used.  For example, services that depend</td><td class="lineno" valign="top"></td></tr>
428      <tr><td class="lineno" valign="top"></td><td class="left">   on individual user authentication often require a connection to be</td><td> </td><td class="right">   on individual user authentication often require a connection to be</td><td class="lineno" valign="top"></td></tr>
429      <tr><td class="lineno" valign="top"></td><td class="left">   secured with TLS ("Transport Layer Security", [RFC5246]) prior to</td><td> </td><td class="right">   secured with TLS ("Transport Layer Security", [RFC5246]) prior to</td><td class="lineno" valign="top"></td></tr>
430      <tr><td class="lineno" valign="top"></td><td class="left">   exchanging any credentials.</td><td> </td><td class="right">   exchanging any credentials.</td><td class="lineno" valign="top"></td></tr>
431      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
432      <tr><td class="lineno" valign="top"></td><td class="left">6.2.  Authentication Credentials and Idle Clients</td><td> </td><td class="right">6.2.  Authentication Credentials and Idle Clients</td><td class="lineno" valign="top"></td></tr>
433      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
434      <tr bgcolor="gray" ><td></td><th><a name="part-l9" /><small>skipping to change at</small><em> page 15, line 5</em></th><th> </th><th><a name="part-r9" /><small>skipping to change at</small><em> page 14, line 5</em></th><td></td></tr>
435      <tr><td class="lineno" valign="top"></td><td class="left">8.1.  Normative References</td><td> </td><td class="right">8.1.  Normative References</td><td class="lineno" valign="top"></td></tr>
436      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
437      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate</td><td> </td><td class="right">   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate</td><td class="lineno" valign="top"></td></tr>
438      <tr><td class="lineno" valign="top"></td><td class="left">              Requirement Levels", BCP 14, RFC 2119, March 1997.</td><td> </td><td class="right">              Requirement Levels", BCP 14, RFC 2119, March 1997.</td><td class="lineno" valign="top"></td></tr>
439      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
440      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC5234]  Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax</td><td> </td><td class="right">   [RFC5234]  Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax</td><td class="lineno" valign="top"></td></tr>
441      <tr><td class="lineno" valign="top"></td><td class="left">              Specifications: ABNF", STD 68, RFC 5234, January 2008.</td><td> </td><td class="right">              Specifications: ABNF", STD 68, RFC 5234, January 2008.</td><td class="lineno" valign="top"></td></tr>
442      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
443      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td> </td><td class="right">   [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td class="lineno" valign="top"></td></tr>
444      <tr><td class="lineno" valign="top"></td><td class="left">              Protocol (HTTP/1.1): Message Syntax and Routing",</td><td> </td><td class="right">              Protocol (HTTP/1.1): Message Syntax and Routing",</td><td class="lineno" valign="top"></td></tr>
445      <tr><td><a name="diff0027" /></td></tr>
446      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">draft-ietf-httpbis-p1-messaging-latest (work in progress),</span></td><td> </td><td class="rblock">              <span class="insert">RFC 7230,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
447      <tr><td class="lineno" valign="top"></td><td class="lblock">              May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
448      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
449      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7231]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td> </td><td class="right">   [RFC7231]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td class="lineno" valign="top"></td></tr>
450      <tr><td><a name="diff0028" /></td></tr>
451      <tr><td class="lineno" valign="top"></td><td class="lblock">              Protocol (HTTP/1.1): Semantics and Content",</td><td> </td><td class="rblock">              Protocol (HTTP/1.1): Semantics and Content", <span class="insert">RFC 7231,</span></td><td class="lineno" valign="top"></td></tr>
452      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">draft-ietf-httpbis-p2-semantics-latest (work in progress),</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
453      <tr><td class="lineno" valign="top"></td><td class="left">              May 2014.</td><td> </td><td class="right">              May 2014.</td><td class="lineno" valign="top"></td></tr>
454      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
455      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7234]  Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,</td><td> </td><td class="right">   [RFC7234]  Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,</td><td class="lineno" valign="top"></td></tr>
456      <tr><td class="lineno" valign="top"></td><td class="left">              Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",</td><td> </td><td class="right">              Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",</td><td class="lineno" valign="top"></td></tr>
457      <tr><td><a name="diff0029" /></td></tr>
458      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">draft-ietf-httpbis-p6-cache-latest (work in progress),</span></td><td> </td><td class="rblock">              <span class="insert">RFC 7234,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
459      <tr><td class="lineno" valign="top"></td><td class="lblock">              May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
460      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
461      <tr><td class="lineno" valign="top"></td><td class="left">8.2.  Informative References</td><td> </td><td class="right">8.2.  Informative References</td><td class="lineno" valign="top"></td></tr>
462      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
463      <tr><td class="lineno" valign="top"></td><td class="left">   [BCP90]    Klyne, G., Nottingham, M., and J. Mogul, "Registration</td><td> </td><td class="right">   [BCP90]    Klyne, G., Nottingham, M., and J. Mogul, "Registration</td><td class="lineno" valign="top"></td></tr>
464      <tr><td class="lineno" valign="top"></td><td class="left">              Procedures for Message Header Fields", BCP 90, RFC 3864,</td><td> </td><td class="right">              Procedures for Message Header Fields", BCP 90, RFC 3864,</td><td class="lineno" valign="top"></td></tr>
465      <tr><td class="lineno" valign="top"></td><td class="left">              September 2004.</td><td> </td><td class="right">              September 2004.</td><td class="lineno" valign="top"></td></tr>
466      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
467      <tr><td class="lineno" valign="top"></td><td class="left">   [OWASP]    van der Stock, A., Ed., "A Guide to Building Secure Web</td><td> </td><td class="right">   [OWASP]    van der Stock, A., Ed., "A Guide to Building Secure Web</td><td class="lineno" valign="top"></td></tr>
468      <tr><td class="lineno" valign="top"></td><td class="left">              Applications and Web Services", The Open Web Application</td><td> </td><td class="right">              Applications and Web Services", The Open Web Application</td><td class="lineno" valign="top"></td></tr>
469      <tr><td class="lineno" valign="top"></td><td class="left">              Security Project (OWASP) 2.0.1, July 2005,</td><td> </td><td class="right">              Security Project (OWASP) 2.0.1, July 2005,</td><td class="lineno" valign="top"></td></tr>
470      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
471      <tr bgcolor="gray" ><td></td><th><a name="part-l10" /><small>skipping to change at</small><em> page 17, line 35</em></th><th> </th><th><a name="part-r10" /><small>skipping to change at</small><em> page 16, line 35</em></th><td></td></tr>
472      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
473      <tr><td class="lineno" valign="top"></td><td class="left">   quoted-string = &lt;quoted-string, see [RFC7230], Section 3.2.6&gt;</td><td> </td><td class="right">   quoted-string = &lt;quoted-string, see [RFC7230], Section 3.2.6&gt;</td><td class="lineno" valign="top"></td></tr>
474      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
475      <tr><td class="lineno" valign="top"></td><td class="left">   token = &lt;token, see [RFC7230], Section 3.2.6&gt;</td><td> </td><td class="right">   token = &lt;token, see [RFC7230], Section 3.2.6&gt;</td><td class="lineno" valign="top"></td></tr>
476      <tr><td class="lineno" valign="top"></td><td class="left">   token68 = 1*( ALPHA / DIGIT / "-" / "." / "_" / "~" / "+" / "/" )</td><td> </td><td class="right">   token68 = 1*( ALPHA / DIGIT / "-" / "." / "_" / "~" / "+" / "/" )</td><td class="lineno" valign="top"></td></tr>
477      <tr><td class="lineno" valign="top"></td><td class="left">    *"="</td><td> </td><td class="right">    *"="</td><td class="lineno" valign="top"></td></tr>
478      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
479      <tr><td class="lineno" valign="top"></td><td class="left">Index</td><td> </td><td class="right">Index</td><td class="lineno" valign="top"></td></tr>
480      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
481      <tr><td class="lineno" valign="top"></td><td class="left">   4</td><td> </td><td class="right">   4</td><td class="lineno" valign="top"></td></tr>
482      <tr><td><a name="diff0030" /></td></tr>
483      <tr><td class="lineno" valign="top"></td><td class="lblock">      401 Unauthorized (status code)  <span class="delete">7</span></td><td> </td><td class="rblock">      401 Unauthorized (status code)  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
484      <tr><td class="lineno" valign="top"></td><td class="lblock">      407 Proxy Authentication Required (status code)  <span class="delete">7</span></td><td> </td><td class="rblock">      407 Proxy Authentication Required (status code)  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
485      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
486      <tr><td class="lineno" valign="top"></td><td class="left">   A</td><td> </td><td class="right">   A</td><td class="lineno" valign="top"></td></tr>
487      <tr><td><a name="diff0031" /></td></tr>
488      <tr><td class="lineno" valign="top"></td><td class="lblock">      Authorization header field  <span class="delete">8</span></td><td> </td><td class="rblock">      Authorization header field  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
489      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
490      <tr><td class="lineno" valign="top"></td><td class="left">   C</td><td> </td><td class="right">   C</td><td class="lineno" valign="top"></td></tr>
491      <tr><td><a name="diff0032" /></td></tr>
492      <tr><td class="lineno" valign="top"></td><td class="lblock">      Canonical Root URI  <span class="delete">6</span></td><td> </td><td class="rblock">      Canonical Root URI  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
493      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
494      <tr><td class="lineno" valign="top"></td><td class="left">   G</td><td> </td><td class="right">   G</td><td class="lineno" valign="top"></td></tr>
495      <tr><td class="lineno" valign="top"></td><td class="left">      Grammar</td><td> </td><td class="right">      Grammar</td><td class="lineno" valign="top"></td></tr>
496      <tr><td><a name="diff0033" /></td></tr>
497      <tr><td class="lineno" valign="top"></td><td class="lblock">         auth-param  <span class="delete">5</span></td><td> </td><td class="rblock">         auth-param  <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
498      <tr><td class="lineno" valign="top"></td><td class="lblock">         auth-scheme  <span class="delete">5</span></td><td> </td><td class="rblock">         auth-scheme  <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
499      <tr><td class="lineno" valign="top"></td><td class="lblock">         Authorization  <span class="delete">8</span></td><td> </td><td class="rblock">         Authorization  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
500      <tr><td class="lineno" valign="top"></td><td class="lblock">         challenge  <span class="delete">5</span></td><td> </td><td class="rblock">         challenge  <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
501      <tr><td class="lineno" valign="top"></td><td class="lblock">         credentials  <span class="delete">6</span></td><td> </td><td class="rblock">         credentials  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
502      <tr><td class="lineno" valign="top"></td><td class="lblock">         Proxy-Authenticate  <span class="delete">9</span></td><td> </td><td class="rblock">         Proxy-Authenticate  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
503      <tr><td class="lineno" valign="top"></td><td class="lblock">         Proxy-Authorization  <span class="delete">9</span></td><td> </td><td class="rblock">         Proxy-Authorization  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
504      <tr><td class="lineno" valign="top"></td><td class="lblock">         token68  <span class="delete">5</span></td><td> </td><td class="rblock">         token68  <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
505      <tr><td class="lineno" valign="top"></td><td class="lblock">         WWW-Authenticate  <span class="delete">8</span></td><td> </td><td class="rblock">         WWW-Authenticate  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
506      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
507      <tr><td class="lineno" valign="top"></td><td class="left">   P</td><td> </td><td class="right">   P</td><td class="lineno" valign="top"></td></tr>
508      <tr><td><a name="diff0034" /></td></tr>
509      <tr><td class="lineno" valign="top"></td><td class="lblock">      Protection Space  <span class="delete">6</span></td><td> </td><td class="rblock">      Protection Space  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
510      <tr><td class="lineno" valign="top"></td><td class="lblock">      Proxy-Authenticate header field  <span class="delete">9</span></td><td> </td><td class="rblock">      Proxy-Authenticate header field  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
511      <tr><td class="lineno" valign="top"></td><td class="lblock">      Proxy-Authorization header field  <span class="delete">9</span></td><td> </td><td class="rblock">      Proxy-Authorization header field  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
512      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
513      <tr><td class="lineno" valign="top"></td><td class="left">   R</td><td> </td><td class="right">   R</td><td class="lineno" valign="top"></td></tr>
514      <tr><td><a name="diff0035" /></td></tr>
515      <tr><td class="lineno" valign="top"></td><td class="lblock">      Realm  <span class="delete">6</span></td><td> </td><td class="rblock">      Realm  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
516      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
517      <tr><td class="lineno" valign="top"></td><td class="left">   W</td><td> </td><td class="right">   W</td><td class="lineno" valign="top"></td></tr>
518      <tr><td><a name="diff0036" /></td></tr>
519      <tr><td class="lineno" valign="top"></td><td class="lblock">      WWW-Authenticate header field  <span class="delete">8</span></td><td> </td><td class="rblock">      WWW-Authenticate header field  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
520      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
521      <tr><td class="lineno" valign="top"></td><td class="left">Authors' Addresses</td><td> </td><td class="right">Authors' Addresses</td><td class="lineno" valign="top"></td></tr>
522      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
523      <tr><td class="lineno" valign="top"></td><td class="left">   Roy T. Fielding (editor)</td><td> </td><td class="right">   Roy T. Fielding (editor)</td><td class="lineno" valign="top"></td></tr>
524      <tr><td class="lineno" valign="top"></td><td class="left">   Adobe Systems Incorporated</td><td> </td><td class="right">   Adobe Systems Incorporated</td><td class="lineno" valign="top"></td></tr>
525      <tr><td class="lineno" valign="top"></td><td class="left">   345 Park Ave</td><td> </td><td class="right">   345 Park Ave</td><td class="lineno" valign="top"></td></tr>
526      <tr><td class="lineno" valign="top"></td><td class="left">   San Jose, CA  95110</td><td> </td><td class="right">   San Jose, CA  95110</td><td class="lineno" valign="top"></td></tr>
527      <tr><td class="lineno" valign="top"></td><td class="left">   USA</td><td> </td><td class="right">   USA</td><td class="lineno" valign="top"></td></tr>
528      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
529      <tr><td class="lineno" valign="top"></td><td class="left">   EMail: fielding@gbiv.com</td><td> </td><td class="right">   EMail: fielding@gbiv.com</td><td class="lineno" valign="top"></td></tr>
530
531     <tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr>
532     <tr bgcolor="gray"><th colspan="5" align="center"><a name="end">&nbsp;End of changes. 36 change blocks.&nbsp;</a></th></tr>
533     <tr class="stats"><td></td><th><i>123 lines changed or deleted</i></th><th><i> </i></th><th><i>102 lines changed or added</i></th><td></td></tr>
534     <tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.38. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr>
535   </table>
536   </body>
537   </html>
Note: See TracBrowser for help on using the repository browser.