Changeset 1230


Ignore:
Timestamp:
Mar 29, 2011, 5:30:21 AM (9 years ago)
Author:
julian.reschke@…
Message:

rewrite header field ABNFs to only specify the field value (see #276)

Location:
draft-ietf-httpbis/latest
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/httpbis.abnf

    r1229 r1230  
    1717Allow = "Allow:" OWS Allow-v
    1818Allow-v = [ ( "," / Method ) *( OWS "," [ OWS Method ] ) ]
    19 Authorization = "Authorization:" OWS Authorization-v
    20 Authorization-v = credentials
     19Authorization = credentials
    2120BWS = OWS
    2221Cache-Control = "Cache-Control:" OWS Cache-Control-v
     
    8079Pragma = "Pragma:" OWS Pragma-v
    8180Pragma-v = *( "," OWS ) pragma-directive *( OWS "," [ OWS pragma-directive ] )
    82 Proxy-Authenticate = "Proxy-Authenticate:" OWS Proxy-Authenticate-v
    83 Proxy-Authenticate-v = *( "," OWS ) challenge *( OWS "," [ OWS challenge ] )
    84 Proxy-Authorization = "Proxy-Authorization:" OWS Proxy-Authorization-v
    85 Proxy-Authorization-v = credentials
     81Proxy-Authenticate = *( "," OWS ) challenge *( OWS "," [ OWS challenge ] )
     82Proxy-Authorization = credentials
    8683RWS = 1*( [ obs-fold ] WSP )
    8784Range = "Range:" OWS Range-v
     
    114111Via = "Via:" OWS Via-v
    115112Via-v = *( "," OWS ) received-protocol RWS received-by [ RWS comment ] *( OWS "," [ OWS received-protocol RWS received-by [ RWS comment ] ] )
    116 WWW-Authenticate = "WWW-Authenticate:" OWS WWW-Authenticate-v
    117 WWW-Authenticate-v = *( "," OWS ) challenge *( OWS "," [ OWS challenge ] )
     113WWW-Authenticate = *( "," OWS ) challenge *( OWS "," [ OWS challenge ] )
    118114Warning = "Warning:" OWS Warning-v
    119115Warning-v = *( "," OWS ) warning-value *( OWS "," [ OWS warning-value ] )
  • draft-ietf-httpbis/latest/p7-auth.html

    r1215 r1230  
    359359  }
    360360  @bottom-center {
    361        content: "Expires September 28, 2011";
     361       content: "Expires September 30, 2011";
    362362  }
    363363  @bottom-right {
     
    389389      <link rel="Chapter" title="7 Acknowledgments" href="#rfc.section.7">
    390390      <link rel="Chapter" href="#rfc.section.8" title="8 References">
    391       <link rel="Appendix" title="A Collected ABNF" href="#rfc.section.A">
    392       <link rel="Appendix" title="B Change Log (to be removed by RFC Editor before publication)" href="#rfc.section.B">
     391      <link rel="Appendix" title="A Changes from RFC 2616" href="#rfc.section.A">
     392      <link rel="Appendix" title="B Collected ABNF" href="#rfc.section.B">
     393      <link rel="Appendix" title="C Change Log (to be removed by RFC Editor before publication)" href="#rfc.section.C">
    393394      <meta name="generator" content="http://greenbytes.de/tech/webdav/rfc2629.xslt, Revision 1.543, 2011-02-18 21:03:40, XSLT vendor: SAXON 8.9 from Saxonica http://www.saxonica.com/">
    394395      <link rel="schema.dct" href="http://purl.org/dc/terms/">
     
    403404      <meta name="dct.creator" content="Reschke, J. F.">
    404405      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p7-auth-latest">
    405       <meta name="dct.issued" scheme="ISO8601" content="2011-03-27">
     406      <meta name="dct.issued" scheme="ISO8601" content="2011-03-29">
    406407      <meta name="dct.replaces" content="urn:ietf:rfc:2616">
    407408      <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 7 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 7 defines HTTP Authentication.">
     
    434435            </tr>
    435436            <tr>
    436                <td class="left">Expires: September 28, 2011</td>
     437               <td class="left">Expires: September 30, 2011</td>
    437438               <td class="right">HP</td>
    438439            </tr>
     
    487488            <tr>
    488489               <td class="left"></td>
    489                <td class="right">March 27, 2011</td>
     490               <td class="right">March 29, 2011</td>
    490491            </tr>
    491492         </tbody>
     
    502503         list is at &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/report/3">http://tools.ietf.org/wg/httpbis/trac/report/3</a>&gt; and related documents (including fancy diffs) can be found at &lt;<a href="http://tools.ietf.org/wg/httpbis/">http://tools.ietf.org/wg/httpbis/</a>&gt;.
    503504      </p> 
    504       <p>The changes in this draft are summarized in <a href="#changes.since.13" title="Since draft-ietf-httpbis-p7-auth-13">Appendix&nbsp;B.15</a>.
     505      <p>The changes in this draft are summarized in <a href="#changes.since.13" title="Since draft-ietf-httpbis-p7-auth-13">Appendix&nbsp;C.15</a>.
    505506      </p>
    506507      <h1><a id="rfc.status" href="#rfc.status">Status of This Memo</a></h1>
     
    513514         in progress”.
    514515      </p>
    515       <p>This Internet-Draft will expire on September 28, 2011.</p>
     516      <p>This Internet-Draft will expire on September 30, 2011.</p>
    516517      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
    517518      <p>Copyright © 2011 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
     
    572573         </li>
    573574         <li><a href="#rfc.authors">Authors' Addresses</a></li>
    574          <li>A.&nbsp;&nbsp;&nbsp;<a href="#collected.abnf">Collected ABNF</a></li>
    575          <li>B.&nbsp;&nbsp;&nbsp;<a href="#change.log">Change Log (to be removed by RFC Editor before publication)</a><ul>
    576                <li>B.1&nbsp;&nbsp;&nbsp;<a href="#rfc.section.B.1">Since RFC 2616</a></li>
    577                <li>B.2&nbsp;&nbsp;&nbsp;<a href="#rfc.section.B.2">Since draft-ietf-httpbis-p7-auth-00</a></li>
    578                <li>B.3&nbsp;&nbsp;&nbsp;<a href="#rfc.section.B.3">Since draft-ietf-httpbis-p7-auth-01</a></li>
    579                <li>B.4&nbsp;&nbsp;&nbsp;<a href="#changes.since.02">Since draft-ietf-httpbis-p7-auth-02</a></li>
    580                <li>B.5&nbsp;&nbsp;&nbsp;<a href="#changes.since.03">Since draft-ietf-httpbis-p7-auth-03</a></li>
    581                <li>B.6&nbsp;&nbsp;&nbsp;<a href="#changes.since.04">Since draft-ietf-httpbis-p7-auth-04</a></li>
    582                <li>B.7&nbsp;&nbsp;&nbsp;<a href="#changes.since.05">Since draft-ietf-httpbis-p7-auth-05</a></li>
    583                <li>B.8&nbsp;&nbsp;&nbsp;<a href="#changes.since.06">Since draft-ietf-httpbis-p7-auth-06</a></li>
    584                <li>B.9&nbsp;&nbsp;&nbsp;<a href="#changes.since.07">Since draft-ietf-httpbis-p7-auth-07</a></li>
    585                <li>B.10&nbsp;&nbsp;&nbsp;<a href="#changes.since.08">Since draft-ietf-httpbis-p7-auth-08</a></li>
    586                <li>B.11&nbsp;&nbsp;&nbsp;<a href="#changes.since.09">Since draft-ietf-httpbis-p7-auth-09</a></li>
    587                <li>B.12&nbsp;&nbsp;&nbsp;<a href="#changes.since.10">Since draft-ietf-httpbis-p7-auth-10</a></li>
    588                <li>B.13&nbsp;&nbsp;&nbsp;<a href="#changes.since.11">Since draft-ietf-httpbis-p7-auth-11</a></li>
    589                <li>B.14&nbsp;&nbsp;&nbsp;<a href="#changes.since.12">Since draft-ietf-httpbis-p7-auth-12</a></li>
    590                <li>B.15&nbsp;&nbsp;&nbsp;<a href="#changes.since.13">Since draft-ietf-httpbis-p7-auth-13</a></li>
     575         <li>A.&nbsp;&nbsp;&nbsp;<a href="#changes.from.rfc.2616">Changes from RFC 2616</a></li>
     576         <li>B.&nbsp;&nbsp;&nbsp;<a href="#collected.abnf">Collected ABNF</a></li>
     577         <li>C.&nbsp;&nbsp;&nbsp;<a href="#change.log">Change Log (to be removed by RFC Editor before publication)</a><ul>
     578               <li>C.1&nbsp;&nbsp;&nbsp;<a href="#rfc.section.C.1">Since RFC 2616</a></li>
     579               <li>C.2&nbsp;&nbsp;&nbsp;<a href="#rfc.section.C.2">Since draft-ietf-httpbis-p7-auth-00</a></li>
     580               <li>C.3&nbsp;&nbsp;&nbsp;<a href="#rfc.section.C.3">Since draft-ietf-httpbis-p7-auth-01</a></li>
     581               <li>C.4&nbsp;&nbsp;&nbsp;<a href="#changes.since.02">Since draft-ietf-httpbis-p7-auth-02</a></li>
     582               <li>C.5&nbsp;&nbsp;&nbsp;<a href="#changes.since.03">Since draft-ietf-httpbis-p7-auth-03</a></li>
     583               <li>C.6&nbsp;&nbsp;&nbsp;<a href="#changes.since.04">Since draft-ietf-httpbis-p7-auth-04</a></li>
     584               <li>C.7&nbsp;&nbsp;&nbsp;<a href="#changes.since.05">Since draft-ietf-httpbis-p7-auth-05</a></li>
     585               <li>C.8&nbsp;&nbsp;&nbsp;<a href="#changes.since.06">Since draft-ietf-httpbis-p7-auth-06</a></li>
     586               <li>C.9&nbsp;&nbsp;&nbsp;<a href="#changes.since.07">Since draft-ietf-httpbis-p7-auth-07</a></li>
     587               <li>C.10&nbsp;&nbsp;&nbsp;<a href="#changes.since.08">Since draft-ietf-httpbis-p7-auth-08</a></li>
     588               <li>C.11&nbsp;&nbsp;&nbsp;<a href="#changes.since.09">Since draft-ietf-httpbis-p7-auth-09</a></li>
     589               <li>C.12&nbsp;&nbsp;&nbsp;<a href="#changes.since.10">Since draft-ietf-httpbis-p7-auth-10</a></li>
     590               <li>C.13&nbsp;&nbsp;&nbsp;<a href="#changes.since.11">Since draft-ietf-httpbis-p7-auth-11</a></li>
     591               <li>C.14&nbsp;&nbsp;&nbsp;<a href="#changes.since.12">Since draft-ietf-httpbis-p7-auth-12</a></li>
     592               <li>C.15&nbsp;&nbsp;&nbsp;<a href="#changes.since.13">Since draft-ietf-httpbis-p7-auth-13</a></li>
    591593            </ul>
    592594         </li>
     
    610612      </p>
    611613      <h2 id="rfc.section.1.2"><a href="#rfc.section.1.2">1.2</a>&nbsp;<a id="notation" href="#notation">Syntax Notation</a></h2>
    612       <p id="rfc.section.1.2.p.1">This specification uses the ABNF syntax defined in <a href="p1-messaging.html#notation" title="Syntax Notation">Section 1.2</a> of <a href="#Part1" id="rfc.xref.Part1.1"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a> (which extends the syntax defined in <a href="#RFC5234" id="rfc.xref.RFC5234.1"><cite title="Augmented BNF for Syntax Specifications: ABNF">[RFC5234]</cite></a> with a list rule). <a href="#collected.abnf" title="Collected ABNF">Appendix&nbsp;A</a> shows the collected ABNF, with the list rule expanded.
     614      <p id="rfc.section.1.2.p.1">This specification uses the ABNF syntax defined in <a href="p1-messaging.html#notation" title="Syntax Notation">Section 1.2</a> of <a href="#Part1" id="rfc.xref.Part1.1"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a> (which extends the syntax defined in <a href="#RFC5234" id="rfc.xref.RFC5234.1"><cite title="Augmented BNF for Syntax Specifications: ABNF">[RFC5234]</cite></a> with a list rule). <a href="#collected.abnf" title="Collected ABNF">Appendix&nbsp;B</a> shows the collected ABNF, with the list rule expanded.
    613615      </p>
    614616      <p id="rfc.section.1.2.p.2">The following core rules are included by reference, as defined in <a href="#RFC5234" id="rfc.xref.RFC5234.2"><cite title="Augmented BNF for Syntax Specifications: ABNF">[RFC5234]</cite></a>, <a href="http://tools.ietf.org/html/rfc5234#appendix-B.1">Appendix B.1</a>: ALPHA (letters), CR (carriage return), CRLF (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote), HEXDIG
     
    716718         for the realm of the resource being requested.
    717719      </p>
    718       <div id="rfc.figure.u.6"></div><pre class="inline"><span id="rfc.iref.g.1"></span><span id="rfc.iref.g.2"></span>  <a href="#header.authorization" class="smpl">Authorization</a>   = "Authorization" ":" <a href="#core.rules" class="smpl">OWS</a> <a href="#header.authorization" class="smpl">Authorization-v</a>
    719   <a href="#header.authorization" class="smpl">Authorization-v</a> = <a href="#access.authentication.framework" class="smpl">credentials</a>
     720      <div id="rfc.figure.u.6"></div><pre class="inline"><span id="rfc.iref.g.1"></span>  <a href="#header.authorization" class="smpl">Authorization</a> = <a href="#access.authentication.framework" class="smpl">credentials</a>
    720721</pre><p id="rfc.section.4.1.p.3">If a request is authenticated and a realm specified, the same credentials <em class="bcp14">SHOULD</em> be valid for all other requests within this realm (assuming that the authentication scheme itself does not require otherwise,
    721722         such as credentials that vary according to a challenge value or using synchronized clocks).
     
    740741         to the proxy for this effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 4.3</a> of <a href="#Part1" id="rfc.xref.Part1.7"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>). It <em class="bcp14">MUST</em> be included as part of a 407 (Proxy Authentication Required) response.
    741742      </p>
    742       <div id="rfc.figure.u.7"></div><pre class="inline"><span id="rfc.iref.g.3"></span><span id="rfc.iref.g.4"></span>  <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate</a>   = "Proxy-Authenticate" ":" <a href="#core.rules" class="smpl">OWS</a>
    743                          <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate-v</a>
    744   <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate-v</a> = 1#<a href="#access.authentication.framework" class="smpl">challenge</a>
     743      <div id="rfc.figure.u.7"></div><pre class="inline"><span id="rfc.iref.g.2"></span>  <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate</a> = 1#<a href="#access.authentication.framework" class="smpl">challenge</a>
    745744</pre><p id="rfc.section.4.2.p.3">Unlike WWW-Authenticate, the Proxy-Authenticate header field applies only to the current connection and <em class="bcp14">SHOULD NOT</em> be passed on to downstream clients. However, an intermediate proxy might need to obtain its own credentials by requesting
    746745         them from the downstream client, which in some circumstances will appear as if the proxy is forwarding the Proxy-Authenticate
     
    754753         the resource being requested.
    755754      </p>
    756       <div id="rfc.figure.u.8"></div><pre class="inline"><span id="rfc.iref.g.5"></span><span id="rfc.iref.g.6"></span>  <a href="#header.proxy-authorization" class="smpl">Proxy-Authorization</a>   = "Proxy-Authorization" ":" <a href="#core.rules" class="smpl">OWS</a>
    757                           <a href="#header.proxy-authorization" class="smpl">Proxy-Authorization-v</a>
    758   <a href="#header.proxy-authorization" class="smpl">Proxy-Authorization-v</a> = <a href="#access.authentication.framework" class="smpl">credentials</a>
     755      <div id="rfc.figure.u.8"></div><pre class="inline"><span id="rfc.iref.g.3"></span>  <a href="#header.proxy-authorization" class="smpl">Proxy-Authorization</a> = <a href="#access.authentication.framework" class="smpl">credentials</a>
    759756</pre><p id="rfc.section.4.3.p.3">Unlike Authorization, the Proxy-Authorization header field applies only to the next outbound proxy that demanded authentication
    760757         using the Proxy-Authenticate field. When multiple proxies are used in a chain, the Proxy-Authorization header field is consumed
     
    768765         applicable to the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 4.3</a> of <a href="#Part1" id="rfc.xref.Part1.8"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>). It <em class="bcp14">MUST</em> be included in 401 (Unauthorized) response messages.
    769766      </p>
    770       <div id="rfc.figure.u.9"></div><pre class="inline"><span id="rfc.iref.g.7"></span><span id="rfc.iref.g.8"></span>  <a href="#header.www-authenticate" class="smpl">WWW-Authenticate</a>   = "WWW-Authenticate" ":" <a href="#core.rules" class="smpl">OWS</a> <a href="#header.www-authenticate" class="smpl">WWW-Authenticate-v</a>
    771   <a href="#header.www-authenticate" class="smpl">WWW-Authenticate-v</a> = 1#<a href="#access.authentication.framework" class="smpl">challenge</a>
     767      <div id="rfc.figure.u.9"></div><pre class="inline"><span id="rfc.iref.g.4"></span>  <a href="#header.www-authenticate" class="smpl">WWW-Authenticate</a> = 1#<a href="#access.authentication.framework" class="smpl">challenge</a>
    772768</pre><p id="rfc.section.4.4.p.3">User agents are advised to take special care in parsing the WWW-Authenticate field value as it might contain more than one
    773769         challenge, or if more than one WWW-Authenticate header field is provided, the contents of a challenge itself can contain a
     
    954950               <span class="n hidden"><span class="family-name">Reschke</span><span class="given-name">Julian F.</span></span></span><span class="org vcardline">greenbytes GmbH</span><span class="adr"><span class="street-address vcardline">Hafenweg 16</span><span class="vcardline"><span class="locality">Muenster</span>, <span class="region">NW</span>&nbsp;<span class="postal-code">48155</span></span><span class="country-name vcardline">Germany</span></span><span class="vcardline tel">Phone: <a href="tel:+492512807760"><span class="value">+49 251 2807760</span></a></span><span class="vcardline tel"><span class="type">Fax</span>: <a href="fax:+492512807761"><span class="value">+49 251 2807761</span></a></span><span class="vcardline">Email: <a href="mailto:julian.reschke@greenbytes.de"><span class="email">julian.reschke@greenbytes.de</span></a></span><span class="vcardline">URI: <a href="http://greenbytes.de/tech/webdav/" class="url">http://greenbytes.de/tech/webdav/</a></span></address>
    955951      </div>
    956       <h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a>&nbsp;<a id="collected.abnf" href="#collected.abnf">Collected ABNF</a></h1>
    957       <div id="rfc.figure.u.10"></div> <pre class="inline"><a href="#header.authorization" class="smpl">Authorization</a> = "Authorization:" OWS Authorization-v
    958 <a href="#header.authorization" class="smpl">Authorization-v</a> = credentials
     952      <h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a>&nbsp;<a id="changes.from.rfc.2616" href="#changes.from.rfc.2616">Changes from RFC 2616</a></h1>
     953      <p id="rfc.section.A.p.1">Change ABNF productions for header fields to only define the field value. (<a href="#header.fields" title="Header Field Definitions">Section&nbsp;4</a>)
     954      </p>
     955      <h1 id="rfc.section.B"><a href="#rfc.section.B">B.</a>&nbsp;<a id="collected.abnf" href="#collected.abnf">Collected ABNF</a></h1>
     956      <div id="rfc.figure.u.10"></div> <pre class="inline"><a href="#header.authorization" class="smpl">Authorization</a> = credentials
    959957
    960958<a href="#core.rules" class="smpl">OWS</a> = &lt;OWS, defined in [Part1], Section 1.2.2&gt;
    961959
    962 <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate</a> = "Proxy-Authenticate:" OWS Proxy-Authenticate-v
    963 <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate-v</a> = *( "," OWS ) challenge *( OWS "," [ OWS
     960<a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate</a> = *( "," OWS ) challenge *( OWS "," [ OWS
    964961 challenge ] )
    965 <a href="#header.proxy-authorization" class="smpl">Proxy-Authorization</a> = "Proxy-Authorization:" OWS
    966  Proxy-Authorization-v
    967 <a href="#header.proxy-authorization" class="smpl">Proxy-Authorization-v</a> = credentials
    968 
    969 <a href="#header.www-authenticate" class="smpl">WWW-Authenticate</a> = "WWW-Authenticate:" OWS WWW-Authenticate-v
    970 <a href="#header.www-authenticate" class="smpl">WWW-Authenticate-v</a> = *( "," OWS ) challenge *( OWS "," [ OWS
    971  challenge ] )
     962<a href="#header.proxy-authorization" class="smpl">Proxy-Authorization</a> = credentials
     963
     964<a href="#header.www-authenticate" class="smpl">WWW-Authenticate</a> = *( "," OWS ) challenge *( OWS "," [ OWS challenge
     965 ] )
    972966
    973967<a href="#access.authentication.framework" class="smpl">auth-param</a> = token "=" ( token / quoted-string )
     
    991985; WWW-Authenticate defined but not used
    992986; realm defined but not used
    993 </pre><h1 id="rfc.section.B"><a href="#rfc.section.B">B.</a>&nbsp;<a id="change.log" href="#change.log">Change Log (to be removed by RFC Editor before publication)</a></h1>
    994       <h2 id="rfc.section.B.1"><a href="#rfc.section.B.1">B.1</a>&nbsp;Since RFC 2616
     987</pre><h1 id="rfc.section.C"><a href="#rfc.section.C">C.</a>&nbsp;<a id="change.log" href="#change.log">Change Log (to be removed by RFC Editor before publication)</a></h1>
     988      <h2 id="rfc.section.C.1"><a href="#rfc.section.C.1">C.1</a>&nbsp;Since RFC 2616
    995989      </h2>
    996       <p id="rfc.section.B.1.p.1">Extracted relevant partitions from <a href="#RFC2616" id="rfc.xref.RFC2616.3"><cite title="Hypertext Transfer Protocol -- HTTP/1.1">[RFC2616]</cite></a>.
    997       </p>
    998       <h2 id="rfc.section.B.2"><a href="#rfc.section.B.2">B.2</a>&nbsp;Since draft-ietf-httpbis-p7-auth-00
     990      <p id="rfc.section.C.1.p.1">Extracted relevant partitions from <a href="#RFC2616" id="rfc.xref.RFC2616.3"><cite title="Hypertext Transfer Protocol -- HTTP/1.1">[RFC2616]</cite></a>.
     991      </p>
     992      <h2 id="rfc.section.C.2"><a href="#rfc.section.C.2">C.2</a>&nbsp;Since draft-ietf-httpbis-p7-auth-00
    999993      </h2>
    1000       <p id="rfc.section.B.2.p.1">Closed issues: </p>
     994      <p id="rfc.section.C.2.p.1">Closed issues: </p>
    1001995      <ul>
    1002996         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/35">http://tools.ietf.org/wg/httpbis/trac/ticket/35</a>&gt;: "Normative and Informative references"
    1003997         </li>
    1004998      </ul>
    1005       <h2 id="rfc.section.B.3"><a href="#rfc.section.B.3">B.3</a>&nbsp;Since draft-ietf-httpbis-p7-auth-01
     999      <h2 id="rfc.section.C.3"><a href="#rfc.section.C.3">C.3</a>&nbsp;Since draft-ietf-httpbis-p7-auth-01
    10061000      </h2>
    1007       <p id="rfc.section.B.3.p.1">Ongoing work on ABNF conversion (&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/36">http://tools.ietf.org/wg/httpbis/trac/ticket/36</a>&gt;):
     1001      <p id="rfc.section.C.3.p.1">Ongoing work on ABNF conversion (&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/36">http://tools.ietf.org/wg/httpbis/trac/ticket/36</a>&gt;):
    10081002      </p>
    10091003      <ul>
     
    10111005         <li>Add explicit references to BNF syntax and rules imported from other parts of the specification.</li>
    10121006      </ul>
    1013       <h2 id="rfc.section.B.4"><a href="#rfc.section.B.4">B.4</a>&nbsp;<a id="changes.since.02" href="#changes.since.02">Since draft-ietf-httpbis-p7-auth-02</a></h2>
    1014       <p id="rfc.section.B.4.p.1">Ongoing work on IANA Message Header Field Registration (&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/40">http://tools.ietf.org/wg/httpbis/trac/ticket/40</a>&gt;):
     1007      <h2 id="rfc.section.C.4"><a href="#rfc.section.C.4">C.4</a>&nbsp;<a id="changes.since.02" href="#changes.since.02">Since draft-ietf-httpbis-p7-auth-02</a></h2>
     1008      <p id="rfc.section.C.4.p.1">Ongoing work on IANA Message Header Field Registration (&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/40">http://tools.ietf.org/wg/httpbis/trac/ticket/40</a>&gt;):
    10151009      </p>
    10161010      <ul>
    10171011         <li>Reference RFC 3984, and update header field registrations for header fields defined in this document.</li>
    10181012      </ul>
    1019       <h2 id="rfc.section.B.5"><a href="#rfc.section.B.5">B.5</a>&nbsp;<a id="changes.since.03" href="#changes.since.03">Since draft-ietf-httpbis-p7-auth-03</a></h2>
    1020       <h2 id="rfc.section.B.6"><a href="#rfc.section.B.6">B.6</a>&nbsp;<a id="changes.since.04" href="#changes.since.04">Since draft-ietf-httpbis-p7-auth-04</a></h2>
    1021       <p id="rfc.section.B.6.p.1">Ongoing work on ABNF conversion (&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/36">http://tools.ietf.org/wg/httpbis/trac/ticket/36</a>&gt;):
     1013      <h2 id="rfc.section.C.5"><a href="#rfc.section.C.5">C.5</a>&nbsp;<a id="changes.since.03" href="#changes.since.03">Since draft-ietf-httpbis-p7-auth-03</a></h2>
     1014      <h2 id="rfc.section.C.6"><a href="#rfc.section.C.6">C.6</a>&nbsp;<a id="changes.since.04" href="#changes.since.04">Since draft-ietf-httpbis-p7-auth-04</a></h2>
     1015      <p id="rfc.section.C.6.p.1">Ongoing work on ABNF conversion (&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/36">http://tools.ietf.org/wg/httpbis/trac/ticket/36</a>&gt;):
    10221016      </p>
    10231017      <ul>
     
    10261020         <li>Rewrite ABNFs to spell out whitespace rules, factor out header field value format definitions.</li>
    10271021      </ul>
    1028       <h2 id="rfc.section.B.7"><a href="#rfc.section.B.7">B.7</a>&nbsp;<a id="changes.since.05" href="#changes.since.05">Since draft-ietf-httpbis-p7-auth-05</a></h2>
    1029       <p id="rfc.section.B.7.p.1">Final work on ABNF conversion (&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/36">http://tools.ietf.org/wg/httpbis/trac/ticket/36</a>&gt;):
     1022      <h2 id="rfc.section.C.7"><a href="#rfc.section.C.7">C.7</a>&nbsp;<a id="changes.since.05" href="#changes.since.05">Since draft-ietf-httpbis-p7-auth-05</a></h2>
     1023      <p id="rfc.section.C.7.p.1">Final work on ABNF conversion (&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/36">http://tools.ietf.org/wg/httpbis/trac/ticket/36</a>&gt;):
    10301024      </p>
    10311025      <ul>
    10321026         <li>Add appendix containing collected and expanded ABNF, reorganize ABNF introduction.</li>
    10331027      </ul>
    1034       <h2 id="rfc.section.B.8"><a href="#rfc.section.B.8">B.8</a>&nbsp;<a id="changes.since.06" href="#changes.since.06">Since draft-ietf-httpbis-p7-auth-06</a></h2>
    1035       <p id="rfc.section.B.8.p.1">None.</p>
    1036       <h2 id="rfc.section.B.9"><a href="#rfc.section.B.9">B.9</a>&nbsp;<a id="changes.since.07" href="#changes.since.07">Since draft-ietf-httpbis-p7-auth-07</a></h2>
    1037       <p id="rfc.section.B.9.p.1">Closed issues: </p>
     1028      <h2 id="rfc.section.C.8"><a href="#rfc.section.C.8">C.8</a>&nbsp;<a id="changes.since.06" href="#changes.since.06">Since draft-ietf-httpbis-p7-auth-06</a></h2>
     1029      <p id="rfc.section.C.8.p.1">None.</p>
     1030      <h2 id="rfc.section.C.9"><a href="#rfc.section.C.9">C.9</a>&nbsp;<a id="changes.since.07" href="#changes.since.07">Since draft-ietf-httpbis-p7-auth-07</a></h2>
     1031      <p id="rfc.section.C.9.p.1">Closed issues: </p>
    10381032      <ul>
    10391033         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/198">http://tools.ietf.org/wg/httpbis/trac/ticket/198</a>&gt;: "move IANA registrations for optional status codes"
    10401034         </li>
    10411035      </ul>
    1042       <h2 id="rfc.section.B.10"><a href="#rfc.section.B.10">B.10</a>&nbsp;<a id="changes.since.08" href="#changes.since.08">Since draft-ietf-httpbis-p7-auth-08</a></h2>
    1043       <p id="rfc.section.B.10.p.1">No significant changes.</p>
    1044       <h2 id="rfc.section.B.11"><a href="#rfc.section.B.11">B.11</a>&nbsp;<a id="changes.since.09" href="#changes.since.09">Since draft-ietf-httpbis-p7-auth-09</a></h2>
    1045       <p id="rfc.section.B.11.p.1">Partly resolved issues: </p>
     1036      <h2 id="rfc.section.C.10"><a href="#rfc.section.C.10">C.10</a>&nbsp;<a id="changes.since.08" href="#changes.since.08">Since draft-ietf-httpbis-p7-auth-08</a></h2>
     1037      <p id="rfc.section.C.10.p.1">No significant changes.</p>
     1038      <h2 id="rfc.section.C.11"><a href="#rfc.section.C.11">C.11</a>&nbsp;<a id="changes.since.09" href="#changes.since.09">Since draft-ietf-httpbis-p7-auth-09</a></h2>
     1039      <p id="rfc.section.C.11.p.1">Partly resolved issues: </p>
    10461040      <ul>
    10471041         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/196">http://tools.ietf.org/wg/httpbis/trac/ticket/196</a>&gt;: "Term for the requested resource's URI"
    10481042         </li>
    10491043      </ul>
    1050       <h2 id="rfc.section.B.12"><a href="#rfc.section.B.12">B.12</a>&nbsp;<a id="changes.since.10" href="#changes.since.10">Since draft-ietf-httpbis-p7-auth-10</a></h2>
    1051       <p id="rfc.section.B.12.p.1">None yet.</p>
    1052       <h2 id="rfc.section.B.13"><a href="#rfc.section.B.13">B.13</a>&nbsp;<a id="changes.since.11" href="#changes.since.11">Since draft-ietf-httpbis-p7-auth-11</a></h2>
    1053       <p id="rfc.section.B.13.p.1">Closed issues: </p>
     1044      <h2 id="rfc.section.C.12"><a href="#rfc.section.C.12">C.12</a>&nbsp;<a id="changes.since.10" href="#changes.since.10">Since draft-ietf-httpbis-p7-auth-10</a></h2>
     1045      <p id="rfc.section.C.12.p.1">None yet.</p>
     1046      <h2 id="rfc.section.C.13"><a href="#rfc.section.C.13">C.13</a>&nbsp;<a id="changes.since.11" href="#changes.since.11">Since draft-ietf-httpbis-p7-auth-11</a></h2>
     1047      <p id="rfc.section.C.13.p.1">Closed issues: </p>
    10541048      <ul>
    10551049         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/130">http://tools.ietf.org/wg/httpbis/trac/ticket/130</a>&gt;: "introduction to part 7 is work-in-progress"
     
    10621056         </li>
    10631057      </ul>
    1064       <p id="rfc.section.B.13.p.2">Partly resolved issues: </p>
     1058      <p id="rfc.section.C.13.p.2">Partly resolved issues: </p>
    10651059      <ul>
    10661060         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/141">http://tools.ietf.org/wg/httpbis/trac/ticket/141</a>&gt;: "should we have an auth scheme registry"
    10671061         </li>
    10681062      </ul>
    1069       <h2 id="rfc.section.B.14"><a href="#rfc.section.B.14">B.14</a>&nbsp;<a id="changes.since.12" href="#changes.since.12">Since draft-ietf-httpbis-p7-auth-12</a></h2>
    1070       <p id="rfc.section.B.14.p.1">None.</p>
    1071       <h2 id="rfc.section.B.15"><a href="#rfc.section.B.15">B.15</a>&nbsp;<a id="changes.since.13" href="#changes.since.13">Since draft-ietf-httpbis-p7-auth-13</a></h2>
    1072       <p id="rfc.section.B.15.p.1">None yet.</p>
     1063      <h2 id="rfc.section.C.14"><a href="#rfc.section.C.14">C.14</a>&nbsp;<a id="changes.since.12" href="#changes.since.12">Since draft-ietf-httpbis-p7-auth-12</a></h2>
     1064      <p id="rfc.section.C.14.p.1">None.</p>
     1065      <h2 id="rfc.section.C.15"><a href="#rfc.section.C.15">C.15</a>&nbsp;<a id="changes.since.13" href="#changes.since.13">Since draft-ietf-httpbis-p7-auth-13</a></h2>
     1066      <p id="rfc.section.C.15.p.1">Closed issues: </p>
     1067      <ul>
     1068         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/276">http://tools.ietf.org/wg/httpbis/trac/ticket/276</a>&gt;: "untangle ABNFs for header fields"
     1069         </li>
     1070      </ul>
    10731071      <h1 id="rfc.index"><a href="#rfc.index">Index</a></h1>
    10741072      <p class="noprint"><a href="#rfc.index.4">4</a> <a href="#rfc.index.A">A</a> <a href="#rfc.index.C">C</a> <a href="#rfc.index.G">G</a> <a href="#rfc.index.H">H</a> <a href="#rfc.index.P">P</a> <a href="#rfc.index.R">R</a> <a href="#rfc.index.S">S</a> <a href="#rfc.index.W">W</a>
     
    10961094                     <ul>
    10971095                        <li><tt>Authorization</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.1"><b>4.1</b></a></li>
    1098                         <li><tt>Authorization-v</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.2"><b>4.1</b></a></li>
    1099                         <li><tt>Proxy-Authenticate</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.3"><b>4.2</b></a></li>
    1100                         <li><tt>Proxy-Authenticate-v</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.4"><b>4.2</b></a></li>
    1101                         <li><tt>Proxy-Authorization</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.5"><b>4.3</b></a></li>
    1102                         <li><tt>Proxy-Authorization-v</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.6"><b>4.3</b></a></li>
    1103                         <li><tt>WWW-Authenticate</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.7"><b>4.4</b></a></li>
    1104                         <li><tt>WWW-Authenticate-v</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.8"><b>4.4</b></a></li>
     1096                        <li><tt>Proxy-Authenticate</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.2"><b>4.2</b></a></li>
     1097                        <li><tt>Proxy-Authorization</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.3"><b>4.3</b></a></li>
     1098                        <li><tt>WWW-Authenticate</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.4"><b>4.4</b></a></li>
    11051099                     </ul>
    11061100                  </li>
     
    11371131                  <li><tt>realm-value</tt>&nbsp;&nbsp;<a href="#rfc.iref.r.2"><b>2</b></a></li>
    11381132                  <li><em>RFC2119</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC2119.1">1.1</a>, <a href="#RFC2119"><b>8.1</b></a></li>
    1139                   <li><em>RFC2616</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC2616.1">1</a>, <a href="#rfc.xref.RFC2616.2">7</a>, <a href="#RFC2616"><b>8.2</b></a>, <a href="#rfc.xref.RFC2616.3">B.1</a></li>
     1133                  <li><em>RFC2616</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC2616.1">1</a>, <a href="#rfc.xref.RFC2616.2">7</a>, <a href="#RFC2616"><b>8.2</b></a>, <a href="#rfc.xref.RFC2616.3">C.1</a></li>
    11401134                  <li><em>RFC2617</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC2617.1">1</a>, <a href="#rfc.xref.RFC2617.2">1</a>, <a href="#RFC2617"><b>8.2</b></a></li>
    11411135                  <li><em>RFC3864</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC3864.1">5.3</a>, <a href="#RFC3864"><b>8.2</b></a></li>
  • draft-ietf-httpbis/latest/p7-auth.xml

    r1180 r1230  
    467467  <iref primary="true" item="Header Fields" subitem="Authorization" x:for-anchor=""/>
    468468  <x:anchor-alias value="Authorization"/>
    469   <x:anchor-alias value="Authorization-v"/>
    470469<t>
    471470   The "Authorization" header field allows a user agent to authenticate
     
    475474   requested.
    476475</t>
    477 <figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Authorization"/><iref primary="true" item="Grammar" subitem="Authorization-v"/>
    478   <x:ref>Authorization</x:ref>   = "Authorization" ":" <x:ref>OWS</x:ref> <x:ref>Authorization-v</x:ref>
    479   <x:ref>Authorization-v</x:ref> = <x:ref>credentials</x:ref>
     476<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Authorization"/>
     477  <x:ref>Authorization</x:ref> = <x:ref>credentials</x:ref>
    480478</artwork></figure>
    481479<t>
     
    522520  <iref primary="true" item="Header Fields" subitem="Proxy-Authenticate" x:for-anchor=""/>
    523521  <x:anchor-alias value="Proxy-Authenticate"/>
    524   <x:anchor-alias value="Proxy-Authenticate-v"/>
    525522<t>
    526523   The "Proxy-Authenticate" header field consists of a challenge that
     
    529526   of a 407 (Proxy Authentication Required) response.
    530527</t>
    531 <figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Proxy-Authenticate"/><iref primary="true" item="Grammar" subitem="Proxy-Authenticate-v"/>
    532   <x:ref>Proxy-Authenticate</x:ref>   = "Proxy-Authenticate" ":" <x:ref>OWS</x:ref>
    533                          <x:ref>Proxy-Authenticate-v</x:ref>
    534   <x:ref>Proxy-Authenticate-v</x:ref> = 1#<x:ref>challenge</x:ref>
     528<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Proxy-Authenticate"/>
     529  <x:ref>Proxy-Authenticate</x:ref> = 1#<x:ref>challenge</x:ref>
    535530</artwork></figure>
    536531<t>
     
    548543  <iref primary="true" item="Header Fields" subitem="Proxy-Authorization" x:for-anchor=""/>
    549544  <x:anchor-alias value="Proxy-Authorization"/>
    550   <x:anchor-alias value="Proxy-Authorization-v"/>
    551545<t>
    552546   The "Proxy-Authorization" header field allows the client to
     
    556550   agent for the proxy and/or realm of the resource being requested.
    557551</t>
    558 <figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Proxy-Authorization"/><iref primary="true" item="Grammar" subitem="Proxy-Authorization-v"/>
    559   <x:ref>Proxy-Authorization</x:ref>   = "Proxy-Authorization" ":" <x:ref>OWS</x:ref>
    560                           <x:ref>Proxy-Authorization-v</x:ref>
    561   <x:ref>Proxy-Authorization-v</x:ref> = <x:ref>credentials</x:ref>
     552<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Proxy-Authorization"/>
     553  <x:ref>Proxy-Authorization</x:ref> = <x:ref>credentials</x:ref>
    562554</artwork></figure>
    563555<t>
     
    577569  <iref primary="true" item="Header Fields" subitem="WWW-Authenticate" x:for-anchor=""/>
    578570  <x:anchor-alias value="WWW-Authenticate"/>
    579   <x:anchor-alias value="WWW-Authenticate-v"/>
    580571<t>
    581572   The "WWW-Authenticate" header field consists of at least one
     
    584575   (Unauthorized) response messages.
    585576</t>
    586 <figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="WWW-Authenticate"/><iref primary="true" item="Grammar" subitem="WWW-Authenticate-v"/>
    587   <x:ref>WWW-Authenticate</x:ref>   = "WWW-Authenticate" ":" <x:ref>OWS</x:ref> <x:ref>WWW-Authenticate-v</x:ref>
    588   <x:ref>WWW-Authenticate-v</x:ref> = 1#<x:ref>challenge</x:ref>
     577<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="WWW-Authenticate"/>
     578  <x:ref>WWW-Authenticate</x:ref> = 1#<x:ref>challenge</x:ref>
    589579</artwork></figure>
    590580<t>
     
    983973</references>
    984974
    985 <!-- re-add this once we have changes
    986975<section title="Changes from RFC 2616" anchor="changes.from.rfc.2616">
    987 </section>
    988  -->
     976<t>
     977  Change ABNF productions for header fields to only define the field value.
     978  (<xref target="header.fields"/>)
     979</t>
     980</section>
    989981 
    990982<?BEGININC p7-auth.abnf-appendix ?>
     
    992984<figure>
    993985<artwork type="abnf" name="p7-auth.parsed-abnf">
    994 <x:ref>Authorization</x:ref> = "Authorization:" OWS Authorization-v
    995 <x:ref>Authorization-v</x:ref> = credentials
     986<x:ref>Authorization</x:ref> = credentials
    996987
    997988<x:ref>OWS</x:ref> = &lt;OWS, defined in [Part1], Section 1.2.2&gt;
    998989
    999 <x:ref>Proxy-Authenticate</x:ref> = "Proxy-Authenticate:" OWS Proxy-Authenticate-v
    1000 <x:ref>Proxy-Authenticate-v</x:ref> = *( "," OWS ) challenge *( OWS "," [ OWS
     990<x:ref>Proxy-Authenticate</x:ref> = *( "," OWS ) challenge *( OWS "," [ OWS
    1001991 challenge ] )
    1002 <x:ref>Proxy-Authorization</x:ref> = "Proxy-Authorization:" OWS
    1003  Proxy-Authorization-v
    1004 <x:ref>Proxy-Authorization-v</x:ref> = credentials
    1005 
    1006 <x:ref>WWW-Authenticate</x:ref> = "WWW-Authenticate:" OWS WWW-Authenticate-v
    1007 <x:ref>WWW-Authenticate-v</x:ref> = *( "," OWS ) challenge *( OWS "," [ OWS
    1008  challenge ] )
     992<x:ref>Proxy-Authorization</x:ref> = credentials
     993
     994<x:ref>WWW-Authenticate</x:ref> = *( "," OWS ) challenge *( OWS "," [ OWS challenge
     995 ] )
    1009996
    1010997<x:ref>auth-param</x:ref> = token "=" ( token / quoted-string )
     
    11971184<section title="Since draft-ietf-httpbis-p7-auth-13" anchor="changes.since.13">
    11981185<t>
    1199   None yet.
     1186  Closed issues:
     1187  <list style="symbols">
     1188    <t>
     1189      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/276"/>:
     1190      "untangle ABNFs for header fields"
     1191    </t>
     1192  </list>
    12001193</t>
    12011194</section>
Note: See TracChangeset for help on using the changeset viewer.