Changeset 1815 for draft-ietf-httpbis/latest/p7-auth.html

Timestamp:

18/07/12 19:41:31 (10 years ago)

Author:

julian.reschke@…

Message:

"b64token" -> "token68" (see #376)

File:

• draft-ietf-httpbis/latest/p7-auth.html (modified) (14 diffs)

draft-ietf-httpbis/latest/p7-auth.html

@@ -449 +449 @@
   } 
   @bottom-center {
-       content: "Expires January 17, 2013"; 
+       content: "Expires January 19, 2013"; 
   } 
   @bottom-right {
@@ -490 +490 @@
       <meta name="dct.creator" content="Reschke, J. F.">
       <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p7-auth-latest">
-      <meta name="dct.issued" scheme="ISO8601" content="2012-07-16">
+      <meta name="dct.issued" scheme="ISO8601" content="2012-07-18">
       <meta name="dct.replaces" content="urn:ietf:rfc:2616">
       <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. This document defines the HTTP Authentication framework.">
@@ -521 +521 @@
             </tr>
             <tr>
-               <td class="left">Expires: January 17, 2013</td>
+               <td class="left">Expires: January 19, 2013</td>
                <td class="right">greenbytes</td>
             </tr>
             <tr>
                <td class="left"></td>
-               <td class="right">July 16, 2012</td>
+               <td class="right">July 18, 2012</td>
             </tr>
          </tbody>
@@ -551 +551 @@
          in progress”.
       </p>
-      <p>This Internet-Draft will expire on January 17, 2013.</p>
+      <p>This Internet-Draft will expire on January 19, 2013.</p>
       <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
       <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
@@ -665 +665 @@
       <p id="rfc.section.2.1.p.2">Parameters are name-value pairs where the name is matched case-insensitively, and each parameter name <em class="bcp14">MUST</em> only occur once per challenge.
       </p>
-      <div id="rfc.figure.u.1"></div><pre class="inline"><span id="rfc.iref.a.1"></span><span id="rfc.iref.a.2"></span><span id="rfc.iref.g.1"></span><span id="rfc.iref.g.2"></span><span id="rfc.iref.b.1"></span><span id="rfc.iref.g.3"></span>  auth-scheme    = <a href="#imported.abnf" class="smpl">token</a>
+      <div id="rfc.figure.u.1"></div><pre class="inline"><span id="rfc.iref.a.1"></span><span id="rfc.iref.a.2"></span><span id="rfc.iref.g.1"></span><span id="rfc.iref.g.2"></span><span id="rfc.iref.t.1"></span><span id="rfc.iref.g.3"></span>  auth-scheme    = <a href="#imported.abnf" class="smpl">token</a>
   
   auth-param     = <a href="#imported.abnf" class="smpl">token</a> <a href="#imported.abnf" class="smpl">BWS</a> "=" <a href="#imported.abnf" class="smpl">BWS</a> ( <a href="#imported.abnf" class="smpl">token</a> / <a href="#imported.abnf" class="smpl">quoted-string</a> )
 
-  b64token       = 1*( <a href="#imported.abnf" class="smpl">ALPHA</a> / <a href="#imported.abnf" class="smpl">DIGIT</a> /
+  token68        = 1*( <a href="#imported.abnf" class="smpl">ALPHA</a> / <a href="#imported.abnf" class="smpl">DIGIT</a> /
                        "-" / "." / "_" / "~" / "+" / "/" ) *"=" 
-</pre><p id="rfc.section.2.1.p.4">The "b64token" syntax allows the 66 unreserved URI characters (<a href="#RFC3986" id="rfc.xref.RFC3986.1"><cite title="Uniform Resource Identifier (URI): Generic Syntax">[RFC3986]</cite></a>), plus a few others, so that it can hold a base64, base64url (URL and filename safe alphabet), base32, or base16 (hex) encoding,
+</pre><p id="rfc.section.2.1.p.4">The "token68" syntax allows the 66 unreserved URI characters (<a href="#RFC3986" id="rfc.xref.RFC3986.1"><cite title="Uniform Resource Identifier (URI): Generic Syntax">[RFC3986]</cite></a>), plus a few others, so that it can hold a base64, base64url (URL and filename safe alphabet), base32, or base16 (hex) encoding,
          with or without padding, but excluding whitespace (<a href="#RFC4648" id="rfc.xref.RFC4648.1"><cite title="The Base16, Base32, and Base64 Data Encodings">[RFC4648]</cite></a>).
       </p>
@@ -678 +678 @@
       <p id="rfc.section.2.1.p.6">The <a href="#status.407" class="smpl">407 (Proxy Authentication Required)</a> response message is used by a proxy to challenge the authorization of a client and <em class="bcp14">MUST</em> include a <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate</a> header field containing at least one challenge applicable to the proxy for the requested resource.
       </p>
-      <div id="rfc.figure.u.2"></div><pre class="inline"><span id="rfc.iref.c.1"></span><span id="rfc.iref.g.4"></span>  <a href="#challenge.and.response" class="smpl">challenge</a>   = <a href="#challenge.and.response" class="smpl">auth-scheme</a> [ 1*<a href="#imported.abnf" class="smpl">SP</a> ( <a href="#challenge.and.response" class="smpl">b64token</a> / #<a href="#challenge.and.response" class="smpl">auth-param</a> ) ]
+      <div id="rfc.figure.u.2"></div><pre class="inline"><span id="rfc.iref.c.1"></span><span id="rfc.iref.g.4"></span>  <a href="#challenge.and.response" class="smpl">challenge</a>   = <a href="#challenge.and.response" class="smpl">auth-scheme</a> [ 1*<a href="#imported.abnf" class="smpl">SP</a> ( <a href="#challenge.and.response" class="smpl">token68</a> / #<a href="#challenge.and.response" class="smpl">auth-param</a> ) ]
 </pre><div class="note" id="rfc.section.2.1.p.8"> 
          <p> <b>Note:</b> User agents will need to take special care in parsing the <a href="#header.www-authenticate" class="smpl">WWW-Authenticate</a> and <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate</a> header field values because they can contain more than one challenge, or if more than one of each is provided, since the contents
@@ -698 +698 @@
          user as appropriate.
       </p>
-      <div id="rfc.figure.u.3"></div><pre class="inline"><span id="rfc.iref.c.2"></span><span id="rfc.iref.g.5"></span>  <a href="#challenge.and.response" class="smpl">credentials</a> = <a href="#challenge.and.response" class="smpl">auth-scheme</a> [ 1*<a href="#imported.abnf" class="smpl">SP</a> ( <a href="#challenge.and.response" class="smpl">b64token</a> / #<a href="#challenge.and.response" class="smpl">auth-param</a> ) ]
+      <div id="rfc.figure.u.3"></div><pre class="inline"><span id="rfc.iref.c.2"></span><span id="rfc.iref.g.5"></span>  <a href="#challenge.and.response" class="smpl">credentials</a> = <a href="#challenge.and.response" class="smpl">auth-scheme</a> [ 1*<a href="#imported.abnf" class="smpl">SP</a> ( <a href="#challenge.and.response" class="smpl">token68</a> / #<a href="#challenge.and.response" class="smpl">auth-param</a> ) ]
 </pre><p id="rfc.section.2.1.p.14">Upon a request for a protected resource that omits credentials, contains invalid credentials (e.g., a bad password) or partial
          credentials (e.g., when the authentication scheme requires more than one round trip), an origin server <em class="bcp14">SHOULD</em> return a <a href="#status.401" class="smpl">401 (Unauthorized)</a> response. Such responses <em class="bcp14">MUST</em> include a <a href="#header.www-authenticate" class="smpl">WWW-Authenticate</a> header field containing at least one (possibly new) challenge applicable to the requested resource.
@@ -761 +761 @@
          </li>
          <li>
-            <p>The "b64token" notation was introduced for compatibility with existing authentication schemes and can only be used once per
+            <p>The "token68" notation was introduced for compatibility with existing authentication schemes and can only be used once per
                challenge/credentials. New schemes thus ought to use the "auth-param" syntax instead, because otherwise future extensions
                will be impossible.
@@ -1089 +1089 @@
          (<a href="#access.authentication.framework" title="Access Authentication Framework">Section&nbsp;2</a>)
       </p>
-      <p id="rfc.section.A.p.2">The "b64token" alternative to auth-param lists has been added for consistency with legacy authentication schemes such as "Basic".
+      <p id="rfc.section.A.p.2">The "token68" alternative to auth-param lists has been added for consistency with legacy authentication schemes such as "Basic".
          (<a href="#access.authentication.framework" title="Access Authentication Framework">Section&nbsp;2</a>)
       </p>
@@ -1124 +1124 @@
 <a href="#challenge.and.response" class="smpl">auth-scheme</a> = token
 
-<a href="#challenge.and.response" class="smpl">b64token</a> = 1*( ALPHA / DIGIT / "-" / "." / "_" / "~" / "+" / "/" )
+<a href="#challenge.and.response" class="smpl">challenge</a> = auth-scheme [ 1*SP ( token68 / [ ( "," / auth-param ) *(
+ OWS "," [ OWS auth-param ] ) ] ) ]
+<a href="#challenge.and.response" class="smpl">credentials</a> = auth-scheme [ 1*SP ( token68 / [ ( "," / auth-param )
+ *( OWS "," [ OWS auth-param ] ) ] ) ]
+
+<a href="#imported.abnf" class="smpl">quoted-string</a> = &lt;quoted-string, defined in [Part1], Section 3.2.4&gt;
+
+<a href="#imported.abnf" class="smpl">token</a> = &lt;token, defined in [Part1], Section 3.2.4&gt;
+<a href="#challenge.and.response" class="smpl">token68</a> = 1*( ALPHA / DIGIT / "-" / "." / "_" / "~" / "+" / "/" )
  *"="
-
-<a href="#challenge.and.response" class="smpl">challenge</a> = auth-scheme [ 1*SP ( b64token / [ ( "," / auth-param ) *(
- OWS "," [ OWS auth-param ] ) ] ) ]
-<a href="#challenge.and.response" class="smpl">credentials</a> = auth-scheme [ 1*SP ( b64token / [ ( "," / auth-param )
- *( OWS "," [ OWS auth-param ] ) ] ) ]
-
-<a href="#imported.abnf" class="smpl">quoted-string</a> = &lt;quoted-string, defined in [Part1], Section 3.2.4&gt;
-
-<a href="#imported.abnf" class="smpl">token</a> = &lt;token, defined in [Part1], Section 3.2.4&gt;
 </pre> <h1 id="rfc.section.D"><a href="#rfc.section.D">D.</a>&nbsp;<a id="change.log" href="#change.log">Change Log (to be removed by RFC Editor before publication)</a></h1>
       <p id="rfc.section.D.p.1">Changes up to the first Working Group Last Call draft are summarized in &lt;<a href="http://trac.tools.ietf.org/html/draft-ietf-httpbis-p7-auth-19#appendix-C">http://trac.tools.ietf.org/html/draft-ietf-httpbis-p7-auth-19#appendix-C</a>&gt;.
@@ -1153 +1152 @@
       </ul>
       <h2 id="rfc.section.D.2"><a href="#rfc.section.D.2">D.2</a>&nbsp;<a id="changes.since.20" href="#changes.since.20">Since draft-ietf-httpbis-p7-auth-20</a></h2>
-      <p id="rfc.section.D.2.p.1">None yet.</p>
+      <p id="rfc.section.D.2.p.1">Closed issues: </p>
+      <ul>
+         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/376">http://tools.ietf.org/wg/httpbis/trac/ticket/376</a>&gt;: "rename b64token for clarity"
+         </li>
+      </ul>
       <h1 id="rfc.index"><a href="#rfc.index">Index</a></h1>
-      <p class="noprint"><a href="#rfc.index.4">4</a> <a href="#rfc.index.A">A</a> <a href="#rfc.index.B">B</a> <a href="#rfc.index.C">C</a> <a href="#rfc.index.G">G</a> <a href="#rfc.index.H">H</a> <a href="#rfc.index.P">P</a> <a href="#rfc.index.R">R</a> <a href="#rfc.index.S">S</a> <a href="#rfc.index.W">W</a> 
+      <p class="noprint"><a href="#rfc.index.4">4</a> <a href="#rfc.index.A">A</a> <a href="#rfc.index.C">C</a> <a href="#rfc.index.G">G</a> <a href="#rfc.index.H">H</a> <a href="#rfc.index.P">P</a> <a href="#rfc.index.R">R</a> <a href="#rfc.index.S">S</a> <a href="#rfc.index.T">T</a> <a href="#rfc.index.W">W</a> 
       </p>
       <div class="print2col">
@@ -1168 +1171 @@
                   <li><tt>auth-scheme</tt>&nbsp;&nbsp;<a href="#rfc.iref.a.1"><b>2.1</b></a></li>
                   <li>Authorization header field&nbsp;&nbsp;<a href="#rfc.xref.header.authorization.1">2.1</a>, <a href="#rfc.xref.header.authorization.2">3.1</a>, <a href="#rfc.iref.a.3"><b>4.1</b></a>, <a href="#rfc.xref.header.authorization.3">5.3</a></li>
-               </ul>
-            </li>
-            <li><a id="rfc.index.B" href="#rfc.index.B"><b>B</b></a><ul>
-                  <li><tt>b64token</tt>&nbsp;&nbsp;<a href="#rfc.iref.b.1"><b>2.1</b></a></li>
                </ul>
             </li>
@@ -1186 +1185 @@
                         <li><tt>auth-scheme</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.1"><b>2.1</b></a></li>
                         <li><tt>Authorization</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.6"><b>4.1</b></a></li>
-                        <li><tt>b64token</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.3"><b>2.1</b></a></li>
                         <li><tt>challenge</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.4"><b>2.1</b></a></li>
                         <li><tt>credentials</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.5"><b>2.1</b></a></li>
                         <li><tt>Proxy-Authenticate</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.7"><b>4.2</b></a></li>
                         <li><tt>Proxy-Authorization</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.8"><b>4.3</b></a></li>
+                        <li><tt>token68</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.3"><b>2.1</b></a></li>
                         <li><tt>WWW-Authenticate</tt>&nbsp;&nbsp;<a href="#rfc.iref.g.9"><b>4.4</b></a></li>
                      </ul>
@@ -1261 +1260 @@
                </ul>
             </li>
+            <li><a id="rfc.index.T" href="#rfc.index.T"><b>T</b></a><ul>
+                  <li><tt>token68</tt>&nbsp;&nbsp;<a href="#rfc.iref.t.1"><b>2.1</b></a></li>
+               </ul>
+            </li>
             <li><a id="rfc.index.W" href="#rfc.index.W"><b>W</b></a><ul>
                   <li>WWW-Authenticate header field&nbsp;&nbsp;<a href="#rfc.xref.header.www-authenticate.1">3.1</a>, <a href="#rfc.xref.header.www-authenticate.2">4.2</a>, <a href="#rfc.iref.w.1"><b>4.4</b></a>, <a href="#rfc.xref.header.www-authenticate.3">5.3</a></li>