Ignore:
Timestamp:
Sep 22, 2010, 8:03:45 AM (9 years ago)
Author:
julian.reschke@…
Message:

move and rephrase Note about listing well-known schemes first in WWW-Authenticate (see #237)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p7-auth.html

    r1007 r1018  
    397397      <meta name="dct.creator" content="Reschke, J. F.">
    398398      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p7-auth-latest">
    399       <meta name="dct.issued" scheme="ISO8601" content="2010-09-14">
     399      <meta name="dct.issued" scheme="ISO8601" content="2010-09-22">
    400400      <meta name="dct.replaces" content="urn:ietf:rfc:2616">
    401401      <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 7 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 7 defines HTTP Authentication.">
     
    428428            </tr>
    429429            <tr>
    430                <td class="left">Expires: March 18, 2011</td>
     430               <td class="left">Expires: March 26, 2011</td>
    431431               <td class="right">HP</td>
    432432            </tr>
     
    481481            <tr>
    482482               <td class="left"></td>
    483                <td class="right">September 14, 2010</td>
     483               <td class="right">September 22, 2010</td>
    484484            </tr>
    485485         </tbody>
     
    507507         in progress”.
    508508      </p>
    509       <p>This Internet-Draft will expire on March 18, 2011.</p>
     509      <p>This Internet-Draft will expire on March 26, 2011.</p>
    510510      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
    511511      <p>Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
     
    628628         </p>
    629629      </div>
    630       <p id="rfc.section.2.p.6">The authentication parameter realm is defined for all authentication schemes:</p>
     630      <div class="note" id="rfc.section.2.p.6">
     631         <p> <b>Note:</b> Many browsers fail to parse challenges containing unknown schemes. A workaround for this problem is to list well-supported
     632            schemes (such as "basic") first.
     633         </p>
     634      </div>
     635      <p id="rfc.section.2.p.7">The authentication parameter realm is defined for all authentication schemes:</p>
    631636      <div id="rfc.figure.u.4"></div><pre class="inline"><span id="rfc.iref.r.1"></span><span id="rfc.iref.r.2"></span>  realm       = "realm" "=" realm-value
    632637  realm-value = quoted-string
    633 </pre><p id="rfc.section.2.p.8">The realm directive (case-insensitive) is required for all authentication schemes that issue a challenge. The realm value
     638</pre><p id="rfc.section.2.p.9">The realm directive (case-insensitive) is required for all authentication schemes that issue a challenge. The realm value
    634639         (case-sensitive), in combination with the canonical root URI (the scheme and authority components of the effective request
    635640         URI; see <a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 4.3</a> of <a href="#Part1" id="rfc.xref.Part1.6"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) of the server being accessed, defines the protection space. These realms allow the protected resources on a server to be
     
    638643         scheme. Note that there can be multiple challenges with the same auth-scheme but different realms.
    639644      </p>
    640       <p id="rfc.section.2.p.9">A user agent that wishes to authenticate itself with an origin server -- usually, but not necessarily, after receiving a 401
     645      <p id="rfc.section.2.p.10">A user agent that wishes to authenticate itself with an origin server -- usually, but not necessarily, after receiving a 401
    641646         (Unauthorized) -- <em class="bcp14">MAY</em> do so by including an Authorization header field with the request. A client that wishes to authenticate itself with a proxy
    642647         -- usually, but not necessarily, after receiving a 407 (Proxy Authentication Required) -- <em class="bcp14">MAY</em> do so by including a Proxy-Authorization header field with the request. Both the Authorization field value and the Proxy-Authorization
     
    648653                            / <a href="#core.rules" class="smpl">quoted-string</a>
    649654                            / #<a href="#access.authentication.framework" class="smpl">auth-param</a> )
    650 </pre><div class="note" id="rfc.section.2.p.11">
    651          <p> <b>Note:</b> many browsers will only recognize Basic and will require that it be the first auth-scheme presented. Servers should only include
    652             Basic if it is minimally acceptable.<span class="comment" id="rfc.comment.1">[<a href="#rfc.comment.1" class="smpl">rfc.comment.1</a>: Either rephrase and add reference or drop.]</span>
    653          </p>
    654       </div>
    655       <p id="rfc.section.2.p.12">The protection space determines the domain over which credentials can be automatically applied. If a prior request has been
     655</pre><p id="rfc.section.2.p.12">The protection space determines the domain over which credentials can be automatically applied. If a prior request has been
    656656         authorized, the same credentials <em class="bcp14">MAY</em> be reused for all other requests within that protection space for a period of time determined by the authentication scheme,
    657657         parameters, and/or user preference. Unless otherwise defined by the authentication scheme, a single protection space cannot
Note: See TracChangeset for help on using the changeset viewer.