Changeset 2211 for draft-ietf-httpbis/latest
- Timestamp:
- 19/03/13 15:16:02 (10 years ago)
- Location:
- draft-ietf-httpbis/latest
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p7-auth.html
r2206 r2211 449 449 } 450 450 @bottom-center { 451 content: "Expires September 19, 2013";451 content: "Expires September 20, 2013"; 452 452 } 453 453 @bottom-right { … … 489 489 <meta name="dct.creator" content="Reschke, J. F."> 490 490 <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p7-auth-latest"> 491 <meta name="dct.issued" scheme="ISO8601" content="2013-03-1 8">491 <meta name="dct.issued" scheme="ISO8601" content="2013-03-19"> 492 492 <meta name="dct.replaces" content="urn:ietf:rfc:2616"> 493 493 <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. This document defines the HTTP Authentication framework."> … … 517 517 <tr> 518 518 <td class="left">Intended status: Standards Track</td> 519 <td class="right">March 1 8, 2013</td>519 <td class="right">March 19, 2013</td> 520 520 </tr> 521 521 <tr> 522 <td class="left">Expires: September 19, 2013</td>522 <td class="left">Expires: September 20, 2013</td> 523 523 <td class="right"></td> 524 524 </tr> … … 546 546 in progress”. 547 547 </p> 548 <p>This Internet-Draft will expire on September 19, 2013.</p>548 <p>This Internet-Draft will expire on September 20, 2013.</p> 549 549 <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 550 550 <p>Copyright © 2013 IETF Trust and the persons identified as the document authors. All rights reserved.</p> … … 624 624 Authentication" (<a href="#RFC2617" id="rfc.xref.RFC2617.1"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a>). 625 625 </p> 626 <p id="rfc.section.1.p.2">HTTP provides several <em class="bcp14">OPTIONAL</em> challenge-response authentication mechanisms that can be used by a server to challenge a client request and by a client to627 provideauthentication information. The "basic" and "digest" authentication schemes continue to be specified in <cite title="HTTP Authentication: Basic and Digest Access Authentication" id="rfc.xref.RFC2617.2">RFC 2617</cite>.626 <p id="rfc.section.1.p.2">HTTP provides several <em class="bcp14">OPTIONAL</em> challenge-response authentication schemes that can be used by a server to challenge a client request and by a client to provide 627 authentication information. The "basic" and "digest" authentication schemes continue to be specified in <cite title="HTTP Authentication: Basic and Digest Access Authentication" id="rfc.xref.RFC2617.2">RFC 2617</cite>. 628 628 </p> 629 629 <h2 id="rfc.section.1.1"><a href="#rfc.section.1.1">1.1</a> <a id="conformance" href="#conformance">Conformance and Error Handling</a></h2> … … 638 638 <h1 id="rfc.section.2"><a href="#rfc.section.2">2.</a> <a id="access.authentication.framework" href="#access.authentication.framework">Access Authentication Framework</a></h1> 639 639 <h2 id="rfc.section.2.1"><a href="#rfc.section.2.1">2.1</a> <a id="challenge.and.response" href="#challenge.and.response">Challenge and Response</a></h2> 640 <p id="rfc.section.2.1.p.1">HTTP provides a simple challenge-response authentication mechanismthat can be used by a server to challenge a client request640 <p id="rfc.section.2.1.p.1">HTTP provides a simple challenge-response authentication framework that can be used by a server to challenge a client request 641 641 and by a client to provide authentication information. It uses an extensible, case-insensitive token to identify the authentication 642 642 scheme, followed by additional information necessary for achieving authentication via that scheme. The latter can either be … … 687 687 <p id="rfc.section.2.1.p.16">A server receiving credentials that are valid, but not adequate to gain access, ought to respond with the <a href="p2-semantics.html#status.403" class="smpl">403 (Forbidden)</a> status code (<a href="p2-semantics.html#status.403" title="403 Forbidden">Section 6.5.3</a> of <a href="#Part2" id="rfc.xref.Part2.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>). 688 688 </p> 689 <p id="rfc.section.2.1.p.17">The HTTP protocol does not restrict applications to this simple challenge-response mechanismfor access authentication. Additional689 <p id="rfc.section.2.1.p.17">The HTTP protocol does not restrict applications to this simple challenge-response framework for access authentication. Additional 690 690 mechanisms <em class="bcp14">MAY</em> be used, such as encryption at the transport level or via message encapsulation, and with additional header fields specifying 691 691 authentication information. However, such additional mechanisms are not defined by this specification. … … 1132 1132 <ul> 1133 1133 <li> <<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/436">http://tools.ietf.org/wg/httpbis/trac/ticket/436</a>>: "explain list expansion in ABNF appendices" 1134 </li> 1135 <li> <<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/439">http://tools.ietf.org/wg/httpbis/trac/ticket/439</a>>: "terminology: mechanism vs framework vs scheme" 1134 1136 </li> 1135 1137 </ul> -
draft-ietf-httpbis/latest/p7-auth.xml
r2206 r2211 120 120 <t> 121 121 HTTP provides several &OPTIONAL; challenge-response authentication 122 mechanisms that can be used by a server to challenge a client request and122 schemes that can be used by a server to challenge a client request and 123 123 by a client to provide authentication information. The "basic" and "digest" 124 124 authentication schemes continue to be specified in … … 158 158 <x:anchor-alias value="credentials"/> 159 159 <t> 160 HTTP provides a simple challenge-response authentication mechanism160 HTTP provides a simple challenge-response authentication framework 161 161 that can be used by a server to challenge a client request and by a 162 162 client to provide authentication information. It uses an extensible, … … 261 261 <t> 262 262 The HTTP protocol does not restrict applications to this simple 263 challenge-response mechanismfor access authentication. Additional263 challenge-response framework for access authentication. Additional 264 264 mechanisms &MAY; be used, such as encryption at the transport level or 265 265 via message encapsulation, and with additional header fields … … 1166 1166 "explain list expansion in ABNF appendices" 1167 1167 </t> 1168 <t> 1169 <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/439"/>: 1170 "terminology: mechanism vs framework vs scheme" 1171 </t> 1168 1172 </list> 1169 1173 </t>
Note: See TracChangeset
for help on using the changeset viewer.