Changeset 1669 for draft-ietf-httpbis/latest/p7-auth.xml

Timestamp:

05/06/12 08:27:19 (10 years ago)

Author:

julian.reschke@…

Message:

Tune the requirements wrt selecting the strongest auth schemes (fixes #349)

File:

• draft-ietf-httpbis/latest/p7-auth.xml (modified) (2 diffs)

draft-ietf-httpbis/latest/p7-auth.xml

@@ -299 +299 @@
    request.
 </t>
-<t>   
+<t>
    Both the Authorization field value and the Proxy-Authorization field value
-   consist of credentials containing the authentication information of the
-   client for the realm of the resource being requested. The user agent &MUST;
-   choose to use one of the challenges with the strongest auth-scheme it
-   understands and request credentials from the user based upon that challenge.
+   contain the client's credentials for the realm of the resource being
+   requested, based upon a challenge received from the server (possibly at
+   some point in the past). When creating their values, the user agent ought to
+   do so by selecting the challenge with what it considers to be the most
+   secure auth-scheme that it understands, obtaining credentials from the user
+   as appropriate.
 </t>
 <figure><artwork type="abnf2616"><iref item="credentials" primary="true"/><iref primary="true" item="Grammar" subitem="credentials"/>
@@ -1123 +1125 @@
 <section title="Since draft-ietf-httpbis-p7-auth-19" anchor="changes.since.19">
 <t>
-  None yet.
+  Closed issues:
+  <list style="symbols">
+    <t>
+      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/349"/>:
+      "Strength"
+    </t>
+  </list>
 </t>
 </section>