Ignore:
Timestamp:
Jun 24, 2012, 2:50:41 AM (7 years ago)
Author:
julian.reschke@…
Message:

tune conformance language (see #271)

File:
1 edited

Legend:

Unmodified
Added
Removed

  • draft-ietf-httpbis/latest/p7-auth.xml

    r1693 r1694  
    313313</artwork></figure>
    314314<t>
    315    Requests for protected resources that omit credentials, contain invalid
    316    credentials (e.g., a bad password), or partial credentials (e.g., when the
    317    authentication scheme requires more than one round trip) &SHOULD; return a
    318    401 (Unauthorized) response. Such responses &MUST; include a
    319    WWW-Authenticate header field containing at least one (possibly new)
    320    challenge applicable to the requested resource.
    321 </t>
    322 <t>
    323    Likewise, requests that require authentication by proxies that omit
    324    credentials, or contain invalid or partial credentials &SHOULD; return a
    325    407 (Proxy Authentication Required) response. Such responses &MUST;
    326    include a Proxy-Authenticate header field containing a (possibly new)
    327    challenge applicable to the proxy.
     315   Upon a request for a protected resource that omits credentials, contains
     316   invalid credentials (e.g., a bad password) or partial credentials (e.g.,
     317   when the authentication scheme requires more than one round trip), an origin
     318   server &SHOULD; return a 401 (Unauthorized) response. Such responses &MUST;
     319   include a WWW-Authenticate header field containing at least one (possibly
     320   new) challenge applicable to the requested resource.
     321</t>
     322<t>
     323   Likewise, upon a request that requires authentication by proxies that omit
     324   credentials or contain invalid or partial credentials, a proxy &SHOULD;
     325   return a 407 (Proxy Authentication Required) response. Such responses
     326   &MUST; include a Proxy-Authenticate header field containing a (possibly
     327   new) challenge applicable to the proxy.
    328328</t>
    329329<t>
     
    600600<t>
    601601   Unlike WWW-Authenticate, the Proxy-Authenticate header field applies only to
    602    the current connection and &SHOULD-NOT;  be passed on to downstream
    603    clients. However, an intermediate proxy might need to obtain its own
    604    credentials by requesting them from the downstream client, which in
     602   the current connection, and intermediaries &SHOULD-NOT;  forward it to
     603   downstream clients. However, an intermediate proxy might need to obtain its
     604   own credentials by requesting them from the downstream client, which in
    605605   some circumstances will appear as if the proxy is forwarding the
    606606   Proxy-Authenticate header field.
Note: See TracChangeset for help on using the changeset viewer.