Ignore:
Timestamp:
Jun 5, 2012, 1:27:19 AM (7 years ago)
Author:
julian.reschke@…
Message:

Tune the requirements wrt selecting the strongest auth schemes (fixes #349)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p7-auth.xml

    r1667 r1669  
    299299   request.
    300300</t>
    301 <t>   
     301<t>
    302302   Both the Authorization field value and the Proxy-Authorization field value
    303    consist of credentials containing the authentication information of the
    304    client for the realm of the resource being requested. The user agent &MUST;
    305    choose to use one of the challenges with the strongest auth-scheme it
    306    understands and request credentials from the user based upon that challenge.
     303   contain the client's credentials for the realm of the resource being
     304   requested, based upon a challenge received from the server (possibly at
     305   some point in the past). When creating their values, the user agent ought to
     306   do so by selecting the challenge with what it considers to be the most
     307   secure auth-scheme that it understands, obtaining credentials from the user
     308   as appropriate.
    307309</t>
    308310<figure><artwork type="abnf2616"><iref item="credentials" primary="true"/><iref primary="true" item="Grammar" subitem="credentials"/>
     
    11231125<section title="Since draft-ietf-httpbis-p7-auth-19" anchor="changes.since.19">
    11241126<t>
    1125   None yet.
     1127  Closed issues:
     1128  <list style="symbols">
     1129    <t>
     1130      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/349"/>:
     1131      "Strength"
     1132    </t>
     1133  </list>
    11261134</t>
    11271135</section>
Note: See TracChangeset for help on using the changeset viewer.