Changeset 1356 for draft-ietf-httpbis/latest/p7-auth.xml
- Timestamp:
- 26/07/11 16:00:04 (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p7-auth.xml
r1354 r1356 20 20 <!ENTITY basic-rules "<xref target='Part1' x:rel='#basic.rules' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 21 21 <!ENTITY effective-request-uri "<xref target='Part1' x:rel='#effective.request.uri' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 22 <!ENTITY msg-orient-and-buffering "<xref target='Part1' x:rel='#message-orientation-and-buffering' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 22 23 <!ENTITY end-to-end.and-hop-by-hop "<xref target='Part1' x:rel='#end-to-end.and.hop-by-hop.header-fields' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 23 24 <!ENTITY shared-and-non-shared-caches "<xref target='Part6' x:rel='#shared.and.non-shared.caches' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> … … 441 442 The registry itself is maintained at <eref target="http://www.iana.org/assignments/http-authschemes"/>. 442 443 </t> 444 445 <section title="Considerations for New Authentication Schemes" anchor="considerations.for.new.authentication.schemes"> 446 <t> 447 There are certain aspects of the HTTP Authentication Framework that put 448 constraints on how new authentication schemes can work: 449 </t> 450 <t> 451 <list style="symbols"> 452 <t> 453 Authentication schemes need to be compatible with the inherent 454 constraints of HTTP; for instance, that messages need to keep their 455 semantics when inspected in isolation, thus an authentication scheme 456 can not bind information to the TCP session over which the message 457 was received (see &msg-orient-and-buffering;). 458 </t> 459 <t> 460 The authentication parameter "realm" is reserved for defining Protection 461 Spaces as defined in <xref target="protection.space"/>. New schemes 462 &MUST-NOT; use it in a way incompatible with that definition. 463 </t> 464 <t> 465 Authentication schemes need to document whther they are usable in 466 origin-server authentication (i.e., using WWW-Authenticate), and/or 467 proxy authentication (i.e., using Proxy-Authenticate). 468 </t> 469 <!-- note about Authorization header --> 470 </list> 471 </t> 472 </section> 473 443 474 </section> 444 475 … … 1228 1259 "Realm required on challenges" 1229 1260 </t> 1261 <t> 1262 <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/257"/>: 1263 "Considerations for new authentications schemes" 1264 </t> 1230 1265 </list> 1231 1266 </t>
Note: See TracChangeset
for help on using the changeset viewer.