Ignore:
Timestamp:
30/10/13 13:28:02 (7 years ago)
Author:
julian.reschke@…
Message:

s/upon a request/upon receipt of a request/ (see #510)

Location:
draft-ietf-httpbis/latest
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p7-auth.html

    r2448 r2449  
    684684            </p>
    685685            <div id="rfc.figure.u.3"></div><pre class="inline"><span id="rfc.iref.g.5"></span>  <a href="#challenge.and.response" class="smpl">credentials</a> = <a href="#challenge.and.response" class="smpl">auth-scheme</a> [ 1*<a href="#imported.abnf" class="smpl">SP</a> ( <a href="#challenge.and.response" class="smpl">token68</a> / #<a href="#challenge.and.response" class="smpl">auth-param</a> ) ]
    686 </pre><p id="rfc.section.2.1.p.14">Upon a request for a protected resource that omits credentials, contains invalid credentials (e.g., a bad password) or partial
    687                credentials (e.g., when the authentication scheme requires more than one round trip), an origin server <em class="bcp14">SHOULD</em> send a <a href="#status.401" class="smpl">401 (Unauthorized)</a> response that contains a <a href="#header.www-authenticate" class="smpl">WWW-Authenticate</a> header field with at least one (possibly new) challenge applicable to the requested resource.
    688             </p>
    689             <p id="rfc.section.2.1.p.15">Likewise, upon a request that requires authentication by proxies that omit credentials or contain invalid or partial credentials,
    690                a proxy <em class="bcp14">SHOULD</em> send a <a href="#status.407" class="smpl">407 (Proxy Authentication Required)</a> response that contains a <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate</a> header field with a (possibly new) challenge applicable to the proxy.
     686</pre><p id="rfc.section.2.1.p.14">Upon receipt of a request for a protected resource that omits credentials, contains invalid credentials (e.g., a bad password)
     687               or partial credentials (e.g., when the authentication scheme requires more than one round trip), an origin server <em class="bcp14">SHOULD</em> send a <a href="#status.401" class="smpl">401 (Unauthorized)</a> response that contains a <a href="#header.www-authenticate" class="smpl">WWW-Authenticate</a> header field with at least one (possibly new) challenge applicable to the requested resource.
     688            </p>
     689            <p id="rfc.section.2.1.p.15">Likewise, upon receipt of a request that requires authentication by proxies that omit credentials or contain invalid or partial
     690               credentials, a proxy <em class="bcp14">SHOULD</em> send a <a href="#status.407" class="smpl">407 (Proxy Authentication Required)</a> response that contains a <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate</a> header field with a (possibly new) challenge applicable to the proxy.
    691691            </p>
    692692            <p id="rfc.section.2.1.p.16">A server receiving credentials that are valid, but not adequate to gain access, ought to respond with the <a href="p2-semantics.html#status.403" class="smpl">403 (Forbidden)</a> status code (<a href="p2-semantics.html#status.403" title="403 Forbidden">Section 6.5.3</a> of <a href="#Part2" id="rfc.xref.Part2.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>).
     
    11621162               </li>
    11631163            </ul>
     1164            <p id="rfc.section.D.1.p.2">Partly resolved issues: </p>
     1165            <ul>
     1166               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/510">http://tools.ietf.org/wg/httpbis/trac/ticket/510</a>&gt;: "SECDIR review of draft-ietf-httpbis-p7-auth-24"
     1167               </li>
     1168            </ul>
    11641169         </div>
    11651170      </div>
  • draft-ietf-httpbis/latest/p7-auth.xml

    r2448 r2449  
    243243</artwork></figure>
    244244<t>
    245    Upon a request for a protected resource that omits credentials, contains
    246    invalid credentials (e.g., a bad password) or partial credentials (e.g.,
    247    when the authentication scheme requires more than one round trip), an origin
    248    server &SHOULD; send a <x:ref>401 (Unauthorized)</x:ref> response that
     245   Upon receipt of a request for a protected resource that omits credentials,
     246   contains invalid credentials (e.g., a bad password) or partial credentials
     247   (e.g., when the authentication scheme requires more than one round trip), an
     248   origin server &SHOULD; send a <x:ref>401 (Unauthorized)</x:ref> response that
    249249   contains a <x:ref>WWW-Authenticate</x:ref> header field with at least one
    250250   (possibly new) challenge applicable to the requested resource.
    251251</t>
    252252<t>
    253    Likewise, upon a request that requires authentication by proxies that omit
    254    credentials or contain invalid or partial credentials, a proxy &SHOULD;
    255    send a <x:ref>407 (Proxy Authentication Required)</x:ref> response that
    256    contains a <x:ref>Proxy-Authenticate</x:ref> header field with a (possibly
    257    new) challenge applicable to the proxy.
     253   Likewise, upon receipt of a request that requires authentication by proxies
     254   that omit credentials or contain invalid or partial credentials, a proxy
     255   &SHOULD; send a <x:ref>407 (Proxy Authentication Required)</x:ref> response
     256   that contains a <x:ref>Proxy-Authenticate</x:ref> header field with a
     257   (possibly new) challenge applicable to the proxy.
    258258</t>
    259259<t>
     
    11071107  </list>
    11081108</t>
     1109<t>
     1110  Partly resolved issues:
     1111  <list style="symbols">
     1112    <t>
     1113      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/510"/>:
     1114      "SECDIR review of draft-ietf-httpbis-p7-auth-24"
     1115    </t>
     1116  </list>
     1117</t>
    11091118</section>
    11101119</section>
Note: See TracChangeset for help on using the changeset viewer.