Changeset 1385 for draft-ietf-httpbis/latest/p7-auth.html

Timestamp:

07/08/11 18:51:35 (12 years ago)

Author:

julian.reschke@…

Message:

note change on realm requirement in Changes section, fix ABNF for challenge not to insist on auth-params (see #177)

File:

• draft-ietf-httpbis/latest/p7-auth.html (modified) (10 diffs)

draft-ietf-httpbis/latest/p7-auth.html

@@ -359 +359 @@
   } 
   @bottom-center {
-       content: "Expires February 7, 2012"; 
+       content: "Expires February 8, 2012"; 
   } 
   @bottom-right {
@@ -389 +389 @@
       <link rel="Chapter" title="7 Acknowledgments" href="#rfc.section.7">
       <link rel="Chapter" href="#rfc.section.8" title="8 References">
-      <link rel="Appendix" title="A Changes from RFC 2616" href="#rfc.section.A">
+      <link rel="Appendix" title="A Changes from RFCs 2616 and 2617" href="#rfc.section.A">
       <link rel="Appendix" title="B Collected ABNF" href="#rfc.section.B">
       <link rel="Appendix" title="C Change Log (to be removed by RFC Editor before publication)" href="#rfc.section.C">
@@ -404 +404 @@
       <meta name="dct.creator" content="Reschke, J. F.">
       <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p7-auth-latest">
-      <meta name="dct.issued" scheme="ISO8601" content="2011-08-06">
+      <meta name="dct.issued" scheme="ISO8601" content="2011-08-07">
       <meta name="dct.replaces" content="urn:ietf:rfc:2616">
       <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 7 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 7 defines the HTTP Authentication framework.">
@@ -435 +435 @@
             </tr>
             <tr>
-               <td class="left">Expires: February 7, 2012</td>
+               <td class="left">Expires: February 8, 2012</td>
                <td class="right">HP</td>
             </tr>
@@ -488 +488 @@
             <tr>
                <td class="left"></td>
-               <td class="right">August 6, 2011</td>
+               <td class="right">August 7, 2011</td>
             </tr>
          </tbody>
@@ -516 +516 @@
          in progress”.
       </p>
-      <p>This Internet-Draft will expire on February 7, 2012.</p>
+      <p>This Internet-Draft will expire on February 8, 2012.</p>
       <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
       <p>Copyright © 2011 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
@@ -580 +580 @@
          </li>
          <li><a href="#rfc.authors">Authors' Addresses</a></li>
-         <li>A.&nbsp;&nbsp;&nbsp;<a href="#changes.from.rfc.2616">Changes from RFC 2616</a></li>
+         <li>A.&nbsp;&nbsp;&nbsp;<a href="#changes.from.rfc.2616">Changes from RFCs 2616 and 2617</a></li>
          <li>B.&nbsp;&nbsp;&nbsp;<a href="#collected.abnf">Collected ABNF</a></li>
          <li>C.&nbsp;&nbsp;&nbsp;<a href="#change.log">Change Log (to be removed by RFC Editor before publication)</a><ul>
@@ -646 +646 @@
       <p id="rfc.section.2.1.p.4">The 407 (Proxy Authentication Required) response message is used by a proxy to challenge the authorization of a client and <em class="bcp14">MUST</em> include a Proxy-Authenticate header field containing at least one challenge applicable to the proxy for the requested resource.
       </p>
-      <div id="rfc.figure.u.3"></div><pre class="inline"><span id="rfc.iref.c.1"></span>  <a href="#challenge.and.response" class="smpl">challenge</a>   = <a href="#challenge.and.response" class="smpl">auth-scheme</a> 1*<a href="#notation" class="smpl">SP</a> 1#<a href="#challenge.and.response" class="smpl">auth-param</a>
+      <div id="rfc.figure.u.3"></div><pre class="inline"><span id="rfc.iref.c.1"></span>  <a href="#challenge.and.response" class="smpl">challenge</a>   = <a href="#challenge.and.response" class="smpl">auth-scheme</a> 1*<a href="#notation" class="smpl">SP</a> #<a href="#challenge.and.response" class="smpl">auth-param</a>
 </pre><div class="note" id="rfc.section.2.1.p.6"> 
          <p> <b>Note:</b> User agents will need to take special care in parsing the WWW-Authenticate and Proxy-Authenticate header field values because
@@ -1001 +1001 @@
                <span class="n hidden"><span class="family-name">Reschke</span><span class="given-name">Julian F.</span></span></span><span class="org vcardline">greenbytes GmbH</span><span class="adr"><span class="street-address vcardline">Hafenweg 16</span><span class="vcardline"><span class="locality">Muenster</span>, <span class="region">NW</span>&nbsp;<span class="postal-code">48155</span></span><span class="country-name vcardline">Germany</span></span><span class="vcardline tel">Phone: <a href="tel:+492512807760"><span class="value">+49 251 2807760</span></a></span><span class="vcardline tel"><span class="type">Fax</span>: <a href="fax:+492512807761"><span class="value">+49 251 2807761</span></a></span><span class="vcardline">Email: <a href="mailto:julian.reschke@greenbytes.de"><span class="email">julian.reschke@greenbytes.de</span></a></span><span class="vcardline">URI: <a href="http://greenbytes.de/tech/webdav/" class="url">http://greenbytes.de/tech/webdav/</a></span></address>
       </div>
-      <h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a>&nbsp;<a id="changes.from.rfc.2616" href="#changes.from.rfc.2616">Changes from RFC 2616</a></h1>
-      <p id="rfc.section.A.p.1">Change ABNF productions for header fields to only define the field value. (<a href="#header.fields" title="Header Field Definitions">Section&nbsp;4</a>)
+      <h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a>&nbsp;<a id="changes.from.rfc.2616" href="#changes.from.rfc.2616">Changes from RFCs 2616 and 2617</a></h1>
+      <p id="rfc.section.A.p.1">The "realm" parameter isn't required anymore in general; consequently, the ABNF allows challenges without any auth parameters.
+         (<a href="#access.authentication.framework" title="Access Authentication Framework">Section&nbsp;2</a>)
+      </p>
+      <p id="rfc.section.A.p.2">Change ABNF productions for header fields to only define the field value. (<a href="#header.fields" title="Header Field Definitions">Section&nbsp;4</a>)
       </p>
       <h1 id="rfc.section.B"><a href="#rfc.section.B">B.</a>&nbsp;<a id="collected.abnf" href="#collected.abnf">Collected ABNF</a></h1>
@@ -1019 +1022 @@
 <a href="#challenge.and.response" class="smpl">auth-scheme</a> = token
 
-<a href="#challenge.and.response" class="smpl">challenge</a> = auth-scheme 1*SP *( "," OWS ) auth-param *( OWS "," [ OWS
- auth-param ] )
+<a href="#challenge.and.response" class="smpl">challenge</a> = auth-scheme 1*SP [ ( "," / auth-param ) *( OWS "," [ OWS
+ auth-param ] ) ]
 <a href="#challenge.and.response" class="smpl">credentials</a> = auth-scheme 1*SP ( token / quoted-string / [ ( "," /
  auth-param ) *( OWS "," [ OWS auth-param ] ) ] )