Ignore:
Timestamp:
Jul 4, 2011, 9:12:46 AM (8 years ago)
Author:
julian.reschke@…
Message:

mention NTLM as something that violates the stalessness requirement (see #288)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p1-messaging.xml

    r1323 r1324  
    644644   because HTTP is a stateless protocol, it cannot be assumed that two requests
    645645   on the same connection are from the same client or share any other common
    646    attributes.
     646   attributes. In particular, intermediaries might mix requests from different
     647   clients into a single server connection. Note that some existing HTTP
     648   extensions (e.g., <xref target="RFC4559"/>) violate this requirement, thereby
     649   potentially causing interoperability and security problems.
    647650</t>
    648651</section>
     
    47994802</reference>
    48004803
     4804<reference anchor='RFC4559'>
     4805  <front>
     4806    <title>SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows</title>
     4807    <author initials='K.' surname='Jaganathan' fullname='K. Jaganathan'/>
     4808    <author initials='L.' surname='Zhu' fullname='L. Zhu'/>
     4809    <author initials='J.' surname='Brezak' fullname='J. Brezak'/>
     4810    <date year='2006' month='June' />
     4811  </front>
     4812  <seriesInfo name='RFC' value='4559' />
     4813</reference>
     4814
    48014815<reference anchor='RFC5226'>
    48024816  <front>
Note: See TracChangeset for help on using the changeset viewer.