Ignore:
Timestamp:
25/05/14 13:57:58 (6 years ago)
Author:
julian.reschke@…
Message:

editorial fixes (#553)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/auth48/rfc7235.diff.html

    r2678 r2692  
    4343      <tr><td class="lineno" valign="top"></td><td class="lblock">Obsoletes: 2616 <span class="delete">(if approved)</span>                            J. Reschke, Ed.</td><td> </td><td class="rblock">Obsoletes: 2616                                          J. Reschke, Ed.</td><td class="lineno" valign="top"></td></tr>
    4444      <tr><td class="lineno" valign="top"></td><td class="lblock">Updates: 2617 <span class="delete">(if approved)</span>                                   greenbytes</td><td> </td><td class="rblock">Updates: 2617                                                 greenbytes</td><td class="lineno" valign="top"></td></tr>
    45       <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Intended status:</span> Standards Track                            May <span class="delete">16, 2014</span></td><td> </td><td class="rblock"><span class="insert">Category:</span> Standards Track                                       May 2014</td><td class="lineno" valign="top"></td></tr>
    46       <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Expires: November 17,</span> 2014</td><td> </td><td class="rblock"><span class="insert">ISSN: 2070-1721</span></td><td class="lineno" valign="top"></td></tr>
     45      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Intended status:</span> Standards Track                            May <span class="delete">25, 2014</span></td><td> </td><td class="rblock"><span class="insert">Category:</span> Standards Track                                       May 2014</td><td class="lineno" valign="top"></td></tr>
     46      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Expires: November 26,</span> 2014</td><td> </td><td class="rblock"><span class="insert">ISSN: 2070-1721</span></td><td class="lineno" valign="top"></td></tr>
    4747      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    4848      <tr><td class="lineno" valign="top"></td><td class="left">         Hypertext Transfer Protocol (HTTP/1.1): Authentication</td><td> </td><td class="right">         Hypertext Transfer Protocol (HTTP/1.1): Authentication</td><td class="lineno" valign="top"></td></tr>
     
    9090      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    9191      <tr><td><a name="diff0006" /></td></tr>
    92       <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">This Internet-Draft will expire</span> on <span class="delete">November 17, 2014.</span></td><td> </td><td class="rblock">   <span class="insert">Information about the current status of this document, any errata,</span></td><td class="lineno" valign="top"></td></tr>
     92      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">This Internet-Draft will expire</span> on <span class="delete">November 26, 2014.</span></td><td> </td><td class="rblock">   <span class="insert">Information about the current status of this document, any errata,</span></td><td class="lineno" valign="top"></td></tr>
    9393      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   and how to provide feedback</span> on <span class="insert">it may be obtained at</span></td><td class="lineno" valign="top"></td></tr>
    9494      <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert">   http://www.rfc-editor.org/info/rfc7235.</span></td><td class="lineno" valign="top"></td></tr>
     
    171171      <tr><td class="lineno" valign="top"></td><td class="left">   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this</td><td> </td><td class="right">   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this</td><td class="lineno" valign="top"></td></tr>
    172172      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    173       <tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 4, line 49</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 3, line 49</em></th><td></td></tr>
    174       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    175       <tr><td class="lineno" valign="top"></td><td class="left">2.  Access Authentication Framework</td><td> </td><td class="right">2.  Access Authentication Framework</td><td class="lineno" valign="top"></td></tr>
    176       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    177       <tr><td class="lineno" valign="top"></td><td class="left">2.1.  Challenge and Response</td><td> </td><td class="right">2.1.  Challenge and Response</td><td class="lineno" valign="top"></td></tr>
    178       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    179       <tr><td class="lineno" valign="top"></td><td class="left">   HTTP provides a simple challenge-response authentication framework</td><td> </td><td class="right">   HTTP provides a simple challenge-response authentication framework</td><td class="lineno" valign="top"></td></tr>
    180       <tr><td class="lineno" valign="top"></td><td class="left">   that can be used by a server to challenge a client request and by a</td><td> </td><td class="right">   that can be used by a server to challenge a client request and by a</td><td class="lineno" valign="top"></td></tr>
    181       <tr><td class="lineno" valign="top"></td><td class="left">   client to provide authentication information.  It uses a case-</td><td> </td><td class="right">   client to provide authentication information.  It uses a case-</td><td class="lineno" valign="top"></td></tr>
    182       <tr><td class="lineno" valign="top"></td><td class="left">   insensitive token as a means to identify the authentication scheme,</td><td> </td><td class="right">   insensitive token as a means to identify the authentication scheme,</td><td class="lineno" valign="top"></td></tr>
    183       <tr><td class="lineno" valign="top"></td><td class="left">   followed by additional information necessary for achieving</td><td> </td><td class="right">   followed by additional information necessary for achieving</td><td class="lineno" valign="top"></td></tr>
    184       <tr><td><a name="diff0009" /></td></tr>
    185       <tr><td class="lineno" valign="top"></td><td class="lblock">   authentication via that scheme.  The latter can <span class="delete">either be</span> a comma-</td><td> </td><td class="rblock">   authentication via that scheme.  The latter can <span class="insert">be either</span> a comma-</td><td class="lineno" valign="top"></td></tr>
    186       <tr><td class="lineno" valign="top"></td><td class="left">   separated list of parameters or a single sequence of characters</td><td> </td><td class="right">   separated list of parameters or a single sequence of characters</td><td class="lineno" valign="top"></td></tr>
    187       <tr><td class="lineno" valign="top"></td><td class="left">   capable of holding base64-encoded information.</td><td> </td><td class="right">   capable of holding base64-encoded information.</td><td class="lineno" valign="top"></td></tr>
    188       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    189       <tr><td class="lineno" valign="top"></td><td class="left">   Authentication parameters are name=value pairs, where the name token</td><td> </td><td class="right">   Authentication parameters are name=value pairs, where the name token</td><td class="lineno" valign="top"></td></tr>
    190       <tr><td class="lineno" valign="top"></td><td class="left">   is matched case-insensitively, and each parameter name MUST only</td><td> </td><td class="right">   is matched case-insensitively, and each parameter name MUST only</td><td class="lineno" valign="top"></td></tr>
    191       <tr><td class="lineno" valign="top"></td><td class="left">   occur once per challenge.</td><td> </td><td class="right">   occur once per challenge.</td><td class="lineno" valign="top"></td></tr>
    192       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    193       <tr><td class="lineno" valign="top"></td><td class="left">     auth-scheme    = token</td><td> </td><td class="right">     auth-scheme    = token</td><td class="lineno" valign="top"></td></tr>
    194       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    195       <tr><td class="lineno" valign="top"></td><td class="left">     auth-param     = token BWS "=" BWS ( token / quoted-string )</td><td> </td><td class="right">     auth-param     = token BWS "=" BWS ( token / quoted-string )</td><td class="lineno" valign="top"></td></tr>
    196       <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    197       <tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 6, line 26</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 5, line 26</em></th><td></td></tr>
    198       <tr><td class="lineno" valign="top"></td><td class="left">   (Unauthorized) response that contains a WWW-Authenticate header field</td><td> </td><td class="right">   (Unauthorized) response that contains a WWW-Authenticate header field</td><td class="lineno" valign="top"></td></tr>
    199       <tr><td class="lineno" valign="top"></td><td class="left">   with at least one (possibly new) challenge applicable to the</td><td> </td><td class="right">   with at least one (possibly new) challenge applicable to the</td><td class="lineno" valign="top"></td></tr>
    200       <tr><td class="lineno" valign="top"></td><td class="left">   requested resource.</td><td> </td><td class="right">   requested resource.</td><td class="lineno" valign="top"></td></tr>
    201       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    202       <tr><td class="lineno" valign="top"></td><td class="left">   Likewise, upon receipt of a request that omits proxy credentials or</td><td> </td><td class="right">   Likewise, upon receipt of a request that omits proxy credentials or</td><td class="lineno" valign="top"></td></tr>
    203       <tr><td class="lineno" valign="top"></td><td class="left">   contains invalid or partial proxy credentials, a proxy that requires</td><td> </td><td class="right">   contains invalid or partial proxy credentials, a proxy that requires</td><td class="lineno" valign="top"></td></tr>
    204       <tr><td class="lineno" valign="top"></td><td class="left">   authentication SHOULD generate a 407 (Proxy Authentication Required)</td><td> </td><td class="right">   authentication SHOULD generate a 407 (Proxy Authentication Required)</td><td class="lineno" valign="top"></td></tr>
    205       <tr><td class="lineno" valign="top"></td><td class="left">   response that contains a Proxy-Authenticate header field with at</td><td> </td><td class="right">   response that contains a Proxy-Authenticate header field with at</td><td class="lineno" valign="top"></td></tr>
    206       <tr><td class="lineno" valign="top"></td><td class="left">   least one (possibly new) challenge applicable to the proxy.</td><td> </td><td class="right">   least one (possibly new) challenge applicable to the proxy.</td><td class="lineno" valign="top"></td></tr>
    207       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    208       <tr><td><a name="diff0010" /></td></tr>
    209       <tr><td class="lineno" valign="top"></td><td class="lblock">   A server that receives valid credentials <span class="delete">which</span> are not adequate to</td><td> </td><td class="rblock">   A server that receives valid credentials <span class="insert">that</span> are not adequate to</td><td class="lineno" valign="top"></td></tr>
    210       <tr><td class="lineno" valign="top"></td><td class="left">   gain access ought to respond with the 403 (Forbidden) status code</td><td> </td><td class="right">   gain access ought to respond with the 403 (Forbidden) status code</td><td class="lineno" valign="top"></td></tr>
    211       <tr><td class="lineno" valign="top"></td><td class="left">   (Section 6.5.3 of [RFC7231]).</td><td> </td><td class="right">   (Section 6.5.3 of [RFC7231]).</td><td class="lineno" valign="top"></td></tr>
    212       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    213       <tr><td class="lineno" valign="top"></td><td class="left">   HTTP does not restrict applications to this simple challenge-response</td><td> </td><td class="right">   HTTP does not restrict applications to this simple challenge-response</td><td class="lineno" valign="top"></td></tr>
    214       <tr><td class="lineno" valign="top"></td><td class="left">   framework for access authentication.  Additional mechanisms can be</td><td> </td><td class="right">   framework for access authentication.  Additional mechanisms can be</td><td class="lineno" valign="top"></td></tr>
    215       <tr><td class="lineno" valign="top"></td><td class="left">   used, such as authentication at the transport level or via message</td><td> </td><td class="right">   used, such as authentication at the transport level or via message</td><td class="lineno" valign="top"></td></tr>
    216       <tr><td class="lineno" valign="top"></td><td class="left">   encapsulation, and with additional header fields specifying</td><td> </td><td class="right">   encapsulation, and with additional header fields specifying</td><td class="lineno" valign="top"></td></tr>
    217       <tr><td class="lineno" valign="top"></td><td class="left">   authentication information.  However, such additional mechanisms are</td><td> </td><td class="right">   authentication information.  However, such additional mechanisms are</td><td class="lineno" valign="top"></td></tr>
    218       <tr><td class="lineno" valign="top"></td><td class="left">   not defined by this specification.</td><td> </td><td class="right">   not defined by this specification.</td><td class="lineno" valign="top"></td></tr>
    219       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    220       <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    221       <tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 6, line 49</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 5, line 49</em></th><td></td></tr>
    222       <tr><td class="lineno" valign="top"></td><td class="left">   The "realm" authentication parameter is reserved for use by</td><td> </td><td class="right">   The "realm" authentication parameter is reserved for use by</td><td class="lineno" valign="top"></td></tr>
    223       <tr><td class="lineno" valign="top"></td><td class="left">   authentication schemes that wish to indicate a scope of protection.</td><td> </td><td class="right">   authentication schemes that wish to indicate a scope of protection.</td><td class="lineno" valign="top"></td></tr>
    224       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    225       <tr><td class="lineno" valign="top"></td><td class="left">   A protection space is defined by the canonical root URI (the scheme</td><td> </td><td class="right">   A protection space is defined by the canonical root URI (the scheme</td><td class="lineno" valign="top"></td></tr>
    226       <tr><td class="lineno" valign="top"></td><td class="left">   and authority components of the effective request URI; see Section</td><td> </td><td class="right">   and authority components of the effective request URI; see Section</td><td class="lineno" valign="top"></td></tr>
    227       <tr><td class="lineno" valign="top"></td><td class="left">   5.5 of [RFC7230]) of the server being accessed, in combination with</td><td> </td><td class="right">   5.5 of [RFC7230]) of the server being accessed, in combination with</td><td class="lineno" valign="top"></td></tr>
    228       <tr><td class="lineno" valign="top"></td><td class="left">   the realm value if present.  These realms allow the protected</td><td> </td><td class="right">   the realm value if present.  These realms allow the protected</td><td class="lineno" valign="top"></td></tr>
    229       <tr><td class="lineno" valign="top"></td><td class="left">   resources on a server to be partitioned into a set of protection</td><td> </td><td class="right">   resources on a server to be partitioned into a set of protection</td><td class="lineno" valign="top"></td></tr>
    230       <tr><td class="lineno" valign="top"></td><td class="left">   spaces, each with its own authentication scheme and/or authorization</td><td> </td><td class="right">   spaces, each with its own authentication scheme and/or authorization</td><td class="lineno" valign="top"></td></tr>
    231       <tr><td class="lineno" valign="top"></td><td class="left">   database.  The realm value is a string, generally assigned by the</td><td> </td><td class="right">   database.  The realm value is a string, generally assigned by the</td><td class="lineno" valign="top"></td></tr>
    232       <tr><td><a name="diff0011" /></td></tr>
    233       <tr><td class="lineno" valign="top"></td><td class="lblock">   origin server, <span class="delete">which</span> can have additional semantics specific to the</td><td> </td><td class="rblock">   origin server, <span class="insert">that</span> can have additional semantics specific to the</td><td class="lineno" valign="top"></td></tr>
    234       <tr><td class="lineno" valign="top"></td><td class="left">   authentication scheme.  Note that a response can have multiple</td><td> </td><td class="right">   authentication scheme.  Note that a response can have multiple</td><td class="lineno" valign="top"></td></tr>
    235       <tr><td><a name="diff0012" /></td></tr>
    236       <tr><td class="lineno" valign="top"></td><td class="lblock">   challenges with the same auth-scheme but different realms.</td><td> </td><td class="rblock">   challenges with the same auth-scheme but <span class="insert">with </span>different realms.</td><td class="lineno" valign="top"></td></tr>
    237       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    238       <tr><td class="lineno" valign="top"></td><td class="left">   The protection space determines the domain over which credentials can</td><td> </td><td class="right">   The protection space determines the domain over which credentials can</td><td class="lineno" valign="top"></td></tr>
    239       <tr><td class="lineno" valign="top"></td><td class="left">   be automatically applied.  If a prior request has been authorized,</td><td> </td><td class="right">   be automatically applied.  If a prior request has been authorized,</td><td class="lineno" valign="top"></td></tr>
    240       <tr><td class="lineno" valign="top"></td><td class="left">   the user agent MAY reuse the same credentials for all other requests</td><td> </td><td class="right">   the user agent MAY reuse the same credentials for all other requests</td><td class="lineno" valign="top"></td></tr>
    241       <tr><td class="lineno" valign="top"></td><td class="left">   within that protection space for a period of time determined by the</td><td> </td><td class="right">   within that protection space for a period of time determined by the</td><td class="lineno" valign="top"></td></tr>
    242       <tr><td class="lineno" valign="top"></td><td class="left">   authentication scheme, parameters, and/or user preferences (such as a</td><td> </td><td class="right">   authentication scheme, parameters, and/or user preferences (such as a</td><td class="lineno" valign="top"></td></tr>
    243       <tr><td class="lineno" valign="top"></td><td class="left">   configurable inactivity timeout).  Unless specifically allowed by the</td><td> </td><td class="right">   configurable inactivity timeout).  Unless specifically allowed by the</td><td class="lineno" valign="top"></td></tr>
    244       <tr><td class="lineno" valign="top"></td><td class="left">   authentication scheme, a single protection space cannot extend</td><td> </td><td class="right">   authentication scheme, a single protection space cannot extend</td><td class="lineno" valign="top"></td></tr>
    245       <tr><td class="lineno" valign="top"></td><td class="left">   outside the scope of its server.</td><td> </td><td class="right">   outside the scope of its server.</td><td class="lineno" valign="top"></td></tr>
    246       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    247       <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    248       <tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 7, line 41</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 6, line 41</em></th><td></td></tr>
    249       <tr><td class="lineno" valign="top"></td><td class="left">   credentials.  The user agent MAY repeat the request with a new or</td><td> </td><td class="right">   credentials.  The user agent MAY repeat the request with a new or</td><td class="lineno" valign="top"></td></tr>
    250       <tr><td class="lineno" valign="top"></td><td class="left">   replaced Authorization header field (Section 4.2).  If the 401</td><td> </td><td class="right">   replaced Authorization header field (Section 4.2).  If the 401</td><td class="lineno" valign="top"></td></tr>
    251       <tr><td class="lineno" valign="top"></td><td class="left">   response contains the same challenge as the prior response, and the</td><td> </td><td class="right">   response contains the same challenge as the prior response, and the</td><td class="lineno" valign="top"></td></tr>
    252       <tr><td class="lineno" valign="top"></td><td class="left">   user agent has already attempted authentication at least once, then</td><td> </td><td class="right">   user agent has already attempted authentication at least once, then</td><td class="lineno" valign="top"></td></tr>
    253       <tr><td class="lineno" valign="top"></td><td class="left">   the user agent SHOULD present the enclosed representation to the</td><td> </td><td class="right">   the user agent SHOULD present the enclosed representation to the</td><td class="lineno" valign="top"></td></tr>
    254       <tr><td class="lineno" valign="top"></td><td class="left">   user, since it usually contains relevant diagnostic information.</td><td> </td><td class="right">   user, since it usually contains relevant diagnostic information.</td><td class="lineno" valign="top"></td></tr>
    255       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    256       <tr><td class="lineno" valign="top"></td><td class="left">3.2.  407 Proxy Authentication Required</td><td> </td><td class="right">3.2.  407 Proxy Authentication Required</td><td class="lineno" valign="top"></td></tr>
    257       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    258       <tr><td class="lineno" valign="top"></td><td class="left">   The 407 (Proxy Authentication Required) status code is similar to 401</td><td> </td><td class="right">   The 407 (Proxy Authentication Required) status code is similar to 401</td><td class="lineno" valign="top"></td></tr>
    259       <tr><td><a name="diff0013" /></td></tr>
    260       <tr><td class="lineno" valign="top"></td><td class="lblock">   (Unauthorized), but indicates that the client needs to authenticate</td><td> </td><td class="rblock">   (Unauthorized), but <span class="insert">it</span> indicates that the client needs to</td><td class="lineno" valign="top"></td></tr>
    261       <tr><td class="lineno" valign="top"></td><td class="lblock">   itself in order to use a proxy.  The proxy MUST send a <span class="delete">Proxy-</span></td><td> </td><td class="rblock">   authenticate itself in order to use a proxy.  The proxy MUST send a</td><td class="lineno" valign="top"></td></tr>
    262       <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Authenticate</span> header field (Section 4.3) containing a challenge</td><td> </td><td class="rblock">   <span class="insert">Proxy-Authenticate</span> header field (Section 4.3) containing a challenge</td><td class="lineno" valign="top"></td></tr>
    263       <tr><td class="lineno" valign="top"></td><td class="left">   applicable to that proxy for the target resource.  The client MAY</td><td> </td><td class="right">   applicable to that proxy for the target resource.  The client MAY</td><td class="lineno" valign="top"></td></tr>
    264       <tr><td class="lineno" valign="top"></td><td class="left">   repeat the request with a new or replaced Proxy-Authorization header</td><td> </td><td class="right">   repeat the request with a new or replaced Proxy-Authorization header</td><td class="lineno" valign="top"></td></tr>
    265       <tr><td class="lineno" valign="top"></td><td class="left">   field (Section 4.4).</td><td> </td><td class="right">   field (Section 4.4).</td><td class="lineno" valign="top"></td></tr>
    266       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    267       <tr><td class="lineno" valign="top"></td><td class="left">4.  Header Field Definitions</td><td> </td><td class="right">4.  Header Field Definitions</td><td class="lineno" valign="top"></td></tr>
    268       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    269       <tr><td class="lineno" valign="top"></td><td class="left">   This section defines the syntax and semantics of header fields</td><td> </td><td class="right">   This section defines the syntax and semantics of header fields</td><td class="lineno" valign="top"></td></tr>
    270       <tr><td class="lineno" valign="top"></td><td class="left">   related to the HTTP authentication framework.</td><td> </td><td class="right">   related to the HTTP authentication framework.</td><td class="lineno" valign="top"></td></tr>
    271       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    272       <tr><td class="lineno" valign="top"></td><td class="left">4.1.  WWW-Authenticate</td><td> </td><td class="right">4.1.  WWW-Authenticate</td><td class="lineno" valign="top"></td></tr>
    273       <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    274       <tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 10, line 15</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 9, line 15</em></th><td></td></tr>
     173      <tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 10, line 15</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 9, line 15</em></th><td></td></tr>
    275174      <tr><td class="lineno" valign="top"></td><td class="left">   the Proxy-Authorization header field is consumed by the first inbound</td><td> </td><td class="right">   the Proxy-Authorization header field is consumed by the first inbound</td><td class="lineno" valign="top"></td></tr>
    276175      <tr><td class="lineno" valign="top"></td><td class="left">   proxy that was expecting to receive credentials.  A proxy MAY relay</td><td> </td><td class="right">   proxy that was expecting to receive credentials.  A proxy MAY relay</td><td class="lineno" valign="top"></td></tr>
     
    283182      <tr><td class="lineno" valign="top"></td><td class="left">5.1.  Authentication Scheme Registry</td><td> </td><td class="right">5.1.  Authentication Scheme Registry</td><td class="lineno" valign="top"></td></tr>
    284183      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    285       <tr><td><a name="diff0014" /></td></tr>
    286       <tr><td class="lineno" valign="top"></td><td class="lblock">   The <span class="delete">HTTP</span> Authentication <span class="delete">Scheme Registry</span> defines the <span class="delete">namespace</span> for the</td><td> </td><td class="rblock">   The <span class="insert">"HTTP</span> Authentication <span class="insert">Schemes" registry</span> defines the <span class="insert">name space</span> for</td><td class="lineno" valign="top"></td></tr>
    287       <tr><td class="lineno" valign="top"></td><td class="lblock">   authentication schemes in challenges and credentials.  <span class="delete">It will be</span></td><td> </td><td class="rblock">   the authentication schemes in challenges and credentials.  <span class="insert">The</span></td><td class="lineno" valign="top"></td></tr>
    288       <tr><td class="lineno" valign="top"></td><td class="lblock">   created and maintained at <span class="delete">(the suggested URI)</span></td><td> </td><td class="rblock"><span class="insert">   registry has been</span> created and <span class="insert">is now</span> maintained at</td><td class="lineno" valign="top"></td></tr>
    289       <tr><td class="lineno" valign="top"></td><td class="left">   &lt;http://www.iana.org/assignments/http-authschemes&gt;.</td><td> </td><td class="right">   &lt;http://www.iana.org/assignments/http-authschemes&gt;.</td><td class="lineno" valign="top"></td></tr>
     184      <tr><td><a name="diff0009" /></td></tr>
     185      <tr><td class="lineno" valign="top"></td><td class="lblock">   The <span class="delete">"Hypertext Transfer Protocol (HTTP)</span> Authentication <span class="delete">Scheme</span></td><td> </td><td class="rblock">   The <span class="insert">"HTTP</span> Authentication <span class="insert">Schemes" registry</span> defines the <span class="insert">name space</span> for</td><td class="lineno" valign="top"></td></tr>
     186      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Registry"</span> defines the <span class="delete">namespace</span> for the authentication schemes in</td><td> </td><td class="rblock">   the authentication schemes in challenges and credentials.  <span class="insert">The</span></td><td class="lineno" valign="top"></td></tr>
     187      <tr><td class="lineno" valign="top"></td><td class="lblock">   challenges and credentials.  <span class="delete">It will</span> has been created and is now</td><td> </td><td class="rblock"><span class="insert">   registry</span> has been created and is now maintained at</td><td class="lineno" valign="top"></td></tr>
     188      <tr><td class="lineno" valign="top"></td><td class="lblock">   maintained at &lt;http://www.iana.org/assignments/http-authschemes&gt;.</td><td> </td><td class="rblock">   &lt;http://www.iana.org/assignments/http-authschemes&gt;.</td><td class="lineno" valign="top"></td></tr>
    290189      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    291190      <tr><td class="lineno" valign="top"></td><td class="left">5.1.1.  Procedure</td><td> </td><td class="right">5.1.1.  Procedure</td><td class="lineno" valign="top"></td></tr>
     
    299198      <tr><td class="lineno" valign="top"></td><td class="left">   o  Notes (optional)</td><td> </td><td class="right">   o  Notes (optional)</td><td class="lineno" valign="top"></td></tr>
    300199      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    301       <tr><td><a name="diff0015" /></td></tr>
     200      <tr><td><a name="diff0010" /></td></tr>
    302201      <tr><td class="lineno" valign="top"></td><td class="lblock">   Values to be added to this namespace require IETF Review (see</td><td> </td><td class="rblock">   Values to be added to this name<span class="insert"> </span>space require IETF Review (see</td><td class="lineno" valign="top"></td></tr>
    303202      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC5226], Section 4.1).</td><td> </td><td class="right">   [RFC5226], Section 4.1).</td><td class="lineno" valign="top"></td></tr>
     
    311210      <tr><td class="lineno" valign="top"></td><td class="left">      information necessary to authenticate a request MUST be provided</td><td> </td><td class="right">      information necessary to authenticate a request MUST be provided</td><td class="lineno" valign="top"></td></tr>
    312211      <tr><td class="lineno" valign="top"></td><td class="left">      in the request, rather than be dependent on the server remembering</td><td> </td><td class="right">      in the request, rather than be dependent on the server remembering</td><td class="lineno" valign="top"></td></tr>
    313       <tr><td class="lineno" valign="top"></td><td class="left">      prior requests.  Authentication based on, or bound to, the</td><td> </td><td class="right">      prior requests.  Authentication based on, or bound to, the</td><td class="lineno" valign="top"></td></tr>
    314       <tr><td class="lineno" valign="top"></td><td class="left">      underlying connection is outside the scope of this specification</td><td> </td><td class="right">      underlying connection is outside the scope of this specification</td><td class="lineno" valign="top"></td></tr>
    315       <tr><td class="lineno" valign="top"></td><td class="left">      and inherently flawed unless steps are taken to ensure that the</td><td> </td><td class="right">      and inherently flawed unless steps are taken to ensure that the</td><td class="lineno" valign="top"></td></tr>
    316       <tr><td class="lineno" valign="top"></td><td class="left">      connection cannot be used by any party other than the</td><td> </td><td class="right">      connection cannot be used by any party other than the</td><td class="lineno" valign="top"></td></tr>
    317       <tr><td class="lineno" valign="top"></td><td class="left">      authenticated user (see Section 2.3 of [RFC7230]).</td><td> </td><td class="right">      authenticated user (see Section 2.3 of [RFC7230]).</td><td class="lineno" valign="top"></td></tr>
    318       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    319       <tr><td class="lineno" valign="top"></td><td class="left">   o  The authentication parameter "realm" is reserved for defining</td><td> </td><td class="right">   o  The authentication parameter "realm" is reserved for defining</td><td class="lineno" valign="top"></td></tr>
    320       <tr><td><a name="diff0016" /></td></tr>
    321       <tr><td class="lineno" valign="top"></td><td class="lblock">      <span class="delete">Protection Spaces</span> as <span class="delete">defined</span> in Section 2.2.  New schemes MUST NOT</td><td> </td><td class="rblock">      <span class="insert">protection spaces</span> as <span class="insert">described</span> in Section 2.2.  New schemes MUST</td><td class="lineno" valign="top"></td></tr>
    322       <tr><td class="lineno" valign="top"></td><td class="lblock">      use it in a way incompatible with that definition.</td><td> </td><td class="rblock">      NOT use it in a way incompatible with that definition.</td><td class="lineno" valign="top"></td></tr>
    323       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    324       <tr><td class="lineno" valign="top"></td><td class="left">   o  The "token68" notation was introduced for compatibility with</td><td> </td><td class="right">   o  The "token68" notation was introduced for compatibility with</td><td class="lineno" valign="top"></td></tr>
    325       <tr><td class="lineno" valign="top"></td><td class="left">      existing authentication schemes and can only be used once per</td><td> </td><td class="right">      existing authentication schemes and can only be used once per</td><td class="lineno" valign="top"></td></tr>
    326       <tr><td><a name="diff0017" /></td></tr>
    327       <tr><td class="lineno" valign="top"></td><td class="lblock">      challenge or credential.  <span class="delete">New</span> schemes <span class="delete">thus</span> ought to use the <span class="delete">"auth-</span></td><td> </td><td class="rblock">      challenge or credential.  <span class="insert">Thus, new</span> schemes ought to use the <span class="insert">auth-</span></td><td class="lineno" valign="top"></td></tr>
    328       <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">      param"</span> syntax instead, because otherwise future extensions will be</td><td> </td><td class="rblock"><span class="insert">      param</span> syntax instead, because otherwise future extensions will be</td><td class="lineno" valign="top"></td></tr>
    329       <tr><td class="lineno" valign="top"></td><td class="left">      impossible.</td><td> </td><td class="right">      impossible.</td><td class="lineno" valign="top"></td></tr>
    330       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    331       <tr><td class="lineno" valign="top"></td><td class="left">   o  The parsing of challenges and credentials is defined by this</td><td> </td><td class="right">   o  The parsing of challenges and credentials is defined by this</td><td class="lineno" valign="top"></td></tr>
    332       <tr><td><a name="diff0018" /></td></tr>
    333       <tr><td class="lineno" valign="top"></td><td class="lblock">      specification<span class="delete">,</span> and cannot be modified by new authentication</td><td> </td><td class="rblock">      specification and cannot be modified by new authentication</td><td class="lineno" valign="top"></td></tr>
    334       <tr><td class="lineno" valign="top"></td><td class="left">      schemes.  When the auth-param syntax is used, all parameters ought</td><td> </td><td class="right">      schemes.  When the auth-param syntax is used, all parameters ought</td><td class="lineno" valign="top"></td></tr>
    335       <tr><td class="lineno" valign="top"></td><td class="left">      to support both token and quoted-string syntax, and syntactical</td><td> </td><td class="right">      to support both token and quoted-string syntax, and syntactical</td><td class="lineno" valign="top"></td></tr>
    336       <tr><td class="lineno" valign="top"></td><td class="left">      constraints ought to be defined on the field value after parsing</td><td> </td><td class="right">      constraints ought to be defined on the field value after parsing</td><td class="lineno" valign="top"></td></tr>
    337       <tr><td class="lineno" valign="top"></td><td class="left">      (i.e., quoted-string processing).  This is necessary so that</td><td> </td><td class="right">      (i.e., quoted-string processing).  This is necessary so that</td><td class="lineno" valign="top"></td></tr>
    338       <tr><td class="lineno" valign="top"></td><td class="left">      recipients can use a generic parser that applies to all</td><td> </td><td class="right">      recipients can use a generic parser that applies to all</td><td class="lineno" valign="top"></td></tr>
    339       <tr><td class="lineno" valign="top"></td><td class="left">      authentication schemes.</td><td> </td><td class="right">      authentication schemes.</td><td class="lineno" valign="top"></td></tr>
    340       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    341       <tr><td class="lineno" valign="top"></td><td class="left">      Note: The fact that the value syntax for the "realm" parameter is</td><td> </td><td class="right">      Note: The fact that the value syntax for the "realm" parameter is</td><td class="lineno" valign="top"></td></tr>
    342       <tr><td class="lineno" valign="top"></td><td class="left">      restricted to quoted-string was a bad design choice not to be</td><td> </td><td class="right">      restricted to quoted-string was a bad design choice not to be</td><td class="lineno" valign="top"></td></tr>
    343       <tr><td class="lineno" valign="top"></td><td class="left">      repeated for new parameters.</td><td> </td><td class="right">      repeated for new parameters.</td><td class="lineno" valign="top"></td></tr>
    344       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    345       <tr><td class="lineno" valign="top"></td><td class="left">   o  Definitions of new schemes ought to define the treatment of</td><td> </td><td class="right">   o  Definitions of new schemes ought to define the treatment of</td><td class="lineno" valign="top"></td></tr>
    346       <tr><td class="lineno" valign="top"></td><td class="left">      unknown extension parameters.  In general, a "must-ignore" rule is</td><td> </td><td class="right">      unknown extension parameters.  In general, a "must-ignore" rule is</td><td class="lineno" valign="top"></td></tr>
    347       <tr><td><a name="diff0019" /></td></tr>
    348       <tr><td class="lineno" valign="top"></td><td class="lblock">      preferable <span class="delete">over "must-understand",</span> because otherwise it will be</td><td> </td><td class="rblock">      preferable <span class="insert">to a "must-understand" rule,</span> because otherwise it will</td><td class="lineno" valign="top"></td></tr>
    349       <tr><td class="lineno" valign="top"></td><td class="lblock">      hard to introduce new parameters in the presence of legacy</td><td> </td><td class="rblock">      be hard to introduce new parameters in the presence of legacy</td><td class="lineno" valign="top"></td></tr>
    350       <tr><td class="lineno" valign="top"></td><td class="left">      recipients.  Furthermore, it's good to describe the policy for</td><td> </td><td class="right">      recipients.  Furthermore, it's good to describe the policy for</td><td class="lineno" valign="top"></td></tr>
    351       <tr><td><a name="diff0020" /></td></tr>
    352       <tr><td class="lineno" valign="top"></td><td class="lblock">      defining new parameters (such as "update the specification"<span class="delete">,</span> or</td><td> </td><td class="rblock">      defining new parameters (such as "update the specification" or</td><td class="lineno" valign="top"></td></tr>
    353       <tr><td class="lineno" valign="top"></td><td class="left">      "use this registry").</td><td> </td><td class="right">      "use this registry").</td><td class="lineno" valign="top"></td></tr>
    354       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    355       <tr><td class="lineno" valign="top"></td><td class="left">   o  Authentication schemes need to document whether they are usable in</td><td> </td><td class="right">   o  Authentication schemes need to document whether they are usable in</td><td class="lineno" valign="top"></td></tr>
    356       <tr><td class="lineno" valign="top"></td><td class="left">      origin-server authentication (i.e., using WWW-Authenticate),</td><td> </td><td class="right">      origin-server authentication (i.e., using WWW-Authenticate),</td><td class="lineno" valign="top"></td></tr>
    357       <tr><td class="lineno" valign="top"></td><td class="left">      and/or proxy authentication (i.e., using Proxy-Authenticate).</td><td> </td><td class="right">      and/or proxy authentication (i.e., using Proxy-Authenticate).</td><td class="lineno" valign="top"></td></tr>
    358       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    359       <tr><td class="lineno" valign="top"></td><td class="left">   o  The credentials carried in an Authorization header field are</td><td> </td><td class="right">   o  The credentials carried in an Authorization header field are</td><td class="lineno" valign="top"></td></tr>
    360       <tr><td><a name="diff0021" /></td></tr>
    361       <tr><td class="lineno" valign="top"></td><td class="lblock">      specific to the <span class="delete">User Agent, and therefore</span> have the same effect on</td><td> </td><td class="rblock">      specific to the <span class="insert">user agent and, therefore,</span> have the same effect on</td><td class="lineno" valign="top"></td></tr>
    362       <tr><td class="lineno" valign="top"></td><td class="left">      HTTP caches as the "private" Cache-Control response directive</td><td> </td><td class="right">      HTTP caches as the "private" Cache-Control response directive</td><td class="lineno" valign="top"></td></tr>
    363       <tr><td><a name="diff0022" /></td></tr>
    364       <tr><td class="lineno" valign="top"></td><td class="lblock">      (Section 5.2.2.6 of [RFC7234]), within the scope of the request</td><td> </td><td class="rblock">      (Section 5.2.2.6 of [RFC7234]), within the scope of the request <span class="insert">in</span></td><td class="lineno" valign="top"></td></tr>
    365       <tr><td class="lineno" valign="top"></td><td class="lblock">      they <span class="delete">appear in.</span></td><td> </td><td class="rblock"><span class="insert">      which</span> they <span class="insert">appear.</span></td><td class="lineno" valign="top"></td></tr>
     212      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
     213      <tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 12, line 7</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 11, line 7</em></th><td></td></tr>
    366214      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    367215      <tr><td class="lineno" valign="top"></td><td class="left">      Therefore, new authentication schemes that choose not to carry</td><td> </td><td class="right">      Therefore, new authentication schemes that choose not to carry</td><td class="lineno" valign="top"></td></tr>
     
    374222      <tr><td class="lineno" valign="top"></td><td class="left">5.2.  Status Code Registration</td><td> </td><td class="right">5.2.  Status Code Registration</td><td class="lineno" valign="top"></td></tr>
    375223      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    376       <tr><td><a name="diff0023" /></td></tr>
     224      <tr><td><a name="diff0011" /></td></tr>
    377225      <tr><td class="lineno" valign="top"></td><td class="lblock">   The <span class="delete">"Hypertext Transfer Protocol (HTTP)</span> Status Code <span class="delete">Registry"</span> located</td><td> </td><td class="rblock">   The <span class="insert">HTTP</span> Status Code <span class="insert">Registry</span> located at</td><td class="lineno" valign="top"></td></tr>
    378226      <tr><td class="lineno" valign="top"></td><td class="lblock">   at &lt;http://www.iana.org/assignments/http-status-codes&gt; <span class="delete">has been</span></td><td> </td><td class="rblock">   &lt;http://www.iana.org/assignments/http-status-codes&gt; <span class="insert">shall be</span> updated</td><td class="lineno" valign="top"></td></tr>
     
    388236      <tr><td class="lineno" valign="top"></td><td class="left">5.3.  Header Field Registration</td><td> </td><td class="right">5.3.  Header Field Registration</td><td class="lineno" valign="top"></td></tr>
    389237      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    390       <tr><td><a name="diff0024" /></td></tr>
     238      <tr><td><a name="diff0012" /></td></tr>
    391239      <tr><td class="lineno" valign="top"></td><td class="lblock">   HTTP header fields are registered within the <span class="delete">"Message Headers"</span></td><td> </td><td class="rblock">   HTTP header fields are registered within the <span class="insert">Message Header Field</span></td><td class="lineno" valign="top"></td></tr>
    392240      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   registry</span> maintained at</td><td> </td><td class="rblock"><span class="insert">   Registry</span> maintained at</td><td class="lineno" valign="top"></td></tr>
    393241      <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">&lt;http://www.iana.org/assignments/message-headers/&gt;.</span></td><td> </td><td class="rblock">   <span class="insert">&lt;http://www.iana.org/assignments/message-headers&gt;.</span></td><td class="lineno" valign="top"></td></tr>
    394242      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    395       <tr><td><a name="diff0025" /></td></tr>
     243      <tr><td><a name="diff0013" /></td></tr>
    396244      <tr><td class="lineno" valign="top"></td><td class="lblock">   This document defines the following HTTP header fields, so <span class="delete">the</span></td><td> </td><td class="rblock">   This document defines the following HTTP header fields, so <span class="insert">their</span></td><td class="lineno" valign="top"></td></tr>
    397245      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   "Permanent Message Header Field Names"</span> registry <span class="delete">has</span> been updated</td><td> </td><td class="rblock"><span class="insert">   associated</span> registry <span class="insert">entries have</span> been updated <span class="insert">according to the</span></td><td class="lineno" valign="top"></td></tr>
     
    408256      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    409257      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    410       <tr bgcolor="gray" ><td></td><th><a name="part-l8" /><small>skipping to change at</small><em> page 13, line 23</em></th><th> </th><th><a name="part-r8" /><small>skipping to change at</small><em> page 12, line 23</em></th><td></td></tr>
     258      <tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 13, line 23</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 12, line 23</em></th><td></td></tr>
    411259      <tr><td class="lineno" valign="top"></td><td class="left">   authentication scheme defines how the credentials are encoded prior</td><td> </td><td class="right">   authentication scheme defines how the credentials are encoded prior</td><td class="lineno" valign="top"></td></tr>
    412260      <tr><td class="lineno" valign="top"></td><td class="left">   to transmission.  While this provides flexibility for the development</td><td> </td><td class="right">   to transmission.  While this provides flexibility for the development</td><td class="lineno" valign="top"></td></tr>
     
    419267      <tr><td class="lineno" valign="top"></td><td class="left">   credentials remains confidential.</td><td> </td><td class="right">   credentials remains confidential.</td><td class="lineno" valign="top"></td></tr>
    420268      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    421       <tr><td><a name="diff0026" /></td></tr>
     269      <tr><td><a name="diff0014" /></td></tr>
    422270      <tr><td class="lineno" valign="top"></td><td class="lblock">   HTTP depends on the security properties of the underlying transport<span class="delete">-</span></td><td> </td><td class="rblock">   HTTP depends on the security properties of the underlying transport</td><td class="lineno" valign="top"></td></tr>
    423271      <tr><td class="lineno" valign="top"></td><td class="left">   or session-level connection to provide confidential transmission of</td><td> </td><td class="right">   or session-level connection to provide confidential transmission of</td><td class="lineno" valign="top"></td></tr>
     
    432280      <tr><td class="lineno" valign="top"></td><td class="left">6.2.  Authentication Credentials and Idle Clients</td><td> </td><td class="right">6.2.  Authentication Credentials and Idle Clients</td><td class="lineno" valign="top"></td></tr>
    433281      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    434       <tr bgcolor="gray" ><td></td><th><a name="part-l9" /><small>skipping to change at</small><em> page 15, line 5</em></th><th> </th><th><a name="part-r9" /><small>skipping to change at</small><em> page 14, line 5</em></th><td></td></tr>
     282      <tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 15, line 5</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 14, line 5</em></th><td></td></tr>
    435283      <tr><td class="lineno" valign="top"></td><td class="left">8.1.  Normative References</td><td> </td><td class="right">8.1.  Normative References</td><td class="lineno" valign="top"></td></tr>
    436284      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     
    443291      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td> </td><td class="right">   [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td class="lineno" valign="top"></td></tr>
    444292      <tr><td class="lineno" valign="top"></td><td class="left">              Protocol (HTTP/1.1): Message Syntax and Routing",</td><td> </td><td class="right">              Protocol (HTTP/1.1): Message Syntax and Routing",</td><td class="lineno" valign="top"></td></tr>
    445       <tr><td><a name="diff0027" /></td></tr>
     293      <tr><td><a name="diff0015" /></td></tr>
    446294      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">draft-ietf-httpbis-p1-messaging-latest (work in progress),</span></td><td> </td><td class="rblock">              <span class="insert">RFC 7230,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
    447295      <tr><td class="lineno" valign="top"></td><td class="lblock">              May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
    448296      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    449297      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7231]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td> </td><td class="right">   [RFC7231]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td class="lineno" valign="top"></td></tr>
    450       <tr><td><a name="diff0028" /></td></tr>
     298      <tr><td><a name="diff0016" /></td></tr>
    451299      <tr><td class="lineno" valign="top"></td><td class="lblock">              Protocol (HTTP/1.1): Semantics and Content",</td><td> </td><td class="rblock">              Protocol (HTTP/1.1): Semantics and Content", <span class="insert">RFC 7231,</span></td><td class="lineno" valign="top"></td></tr>
    452300      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">draft-ietf-httpbis-p2-semantics-latest (work in progress),</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
     
    455303      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7234]  Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,</td><td> </td><td class="right">   [RFC7234]  Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,</td><td class="lineno" valign="top"></td></tr>
    456304      <tr><td class="lineno" valign="top"></td><td class="left">              Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",</td><td> </td><td class="right">              Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",</td><td class="lineno" valign="top"></td></tr>
    457       <tr><td><a name="diff0029" /></td></tr>
     305      <tr><td><a name="diff0017" /></td></tr>
    458306      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">draft-ietf-httpbis-p6-cache-latest (work in progress),</span></td><td> </td><td class="rblock">              <span class="insert">RFC 7234,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
    459307      <tr><td class="lineno" valign="top"></td><td class="lblock">              May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
     
    469317      <tr><td class="lineno" valign="top"></td><td class="left">              Security Project (OWASP) 2.0.1, July 2005,</td><td> </td><td class="right">              Security Project (OWASP) 2.0.1, July 2005,</td><td class="lineno" valign="top"></td></tr>
    470318      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    471       <tr bgcolor="gray" ><td></td><th><a name="part-l10" /><small>skipping to change at</small><em> page 17, line 35</em></th><th> </th><th><a name="part-r10" /><small>skipping to change at</small><em> page 16, line 35</em></th><td></td></tr>
     319      <tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 17, line 35</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 16, line 35</em></th><td></td></tr>
    472320      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    473321      <tr><td class="lineno" valign="top"></td><td class="left">   quoted-string = &lt;quoted-string, see [RFC7230], Section 3.2.6&gt;</td><td> </td><td class="right">   quoted-string = &lt;quoted-string, see [RFC7230], Section 3.2.6&gt;</td><td class="lineno" valign="top"></td></tr>
     
    480328      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    481329      <tr><td class="lineno" valign="top"></td><td class="left">   4</td><td> </td><td class="right">   4</td><td class="lineno" valign="top"></td></tr>
    482       <tr><td><a name="diff0030" /></td></tr>
     330      <tr><td><a name="diff0018" /></td></tr>
    483331      <tr><td class="lineno" valign="top"></td><td class="lblock">      401 Unauthorized (status code)  <span class="delete">7</span></td><td> </td><td class="rblock">      401 Unauthorized (status code)  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
    484332      <tr><td class="lineno" valign="top"></td><td class="lblock">      407 Proxy Authentication Required (status code)  <span class="delete">7</span></td><td> </td><td class="rblock">      407 Proxy Authentication Required (status code)  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
    485333      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    486334      <tr><td class="lineno" valign="top"></td><td class="left">   A</td><td> </td><td class="right">   A</td><td class="lineno" valign="top"></td></tr>
    487       <tr><td><a name="diff0031" /></td></tr>
     335      <tr><td><a name="diff0019" /></td></tr>
    488336      <tr><td class="lineno" valign="top"></td><td class="lblock">      Authorization header field  <span class="delete">8</span></td><td> </td><td class="rblock">      Authorization header field  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
    489337      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    490338      <tr><td class="lineno" valign="top"></td><td class="left">   C</td><td> </td><td class="right">   C</td><td class="lineno" valign="top"></td></tr>
    491       <tr><td><a name="diff0032" /></td></tr>
     339      <tr><td><a name="diff0020" /></td></tr>
    492340      <tr><td class="lineno" valign="top"></td><td class="lblock">      Canonical Root URI  <span class="delete">6</span></td><td> </td><td class="rblock">      Canonical Root URI  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
    493341      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    494342      <tr><td class="lineno" valign="top"></td><td class="left">   G</td><td> </td><td class="right">   G</td><td class="lineno" valign="top"></td></tr>
    495343      <tr><td class="lineno" valign="top"></td><td class="left">      Grammar</td><td> </td><td class="right">      Grammar</td><td class="lineno" valign="top"></td></tr>
    496       <tr><td><a name="diff0033" /></td></tr>
     344      <tr><td><a name="diff0021" /></td></tr>
    497345      <tr><td class="lineno" valign="top"></td><td class="lblock">         auth-param  <span class="delete">5</span></td><td> </td><td class="rblock">         auth-param  <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
    498346      <tr><td class="lineno" valign="top"></td><td class="lblock">         auth-scheme  <span class="delete">5</span></td><td> </td><td class="rblock">         auth-scheme  <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
     
    506354      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    507355      <tr><td class="lineno" valign="top"></td><td class="left">   P</td><td> </td><td class="right">   P</td><td class="lineno" valign="top"></td></tr>
    508       <tr><td><a name="diff0034" /></td></tr>
     356      <tr><td><a name="diff0022" /></td></tr>
    509357      <tr><td class="lineno" valign="top"></td><td class="lblock">      Protection Space  <span class="delete">6</span></td><td> </td><td class="rblock">      Protection Space  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
    510358      <tr><td class="lineno" valign="top"></td><td class="lblock">      Proxy-Authenticate header field  <span class="delete">9</span></td><td> </td><td class="rblock">      Proxy-Authenticate header field  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
     
    512360      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    513361      <tr><td class="lineno" valign="top"></td><td class="left">   R</td><td> </td><td class="right">   R</td><td class="lineno" valign="top"></td></tr>
    514       <tr><td><a name="diff0035" /></td></tr>
     362      <tr><td><a name="diff0023" /></td></tr>
    515363      <tr><td class="lineno" valign="top"></td><td class="lblock">      Realm  <span class="delete">6</span></td><td> </td><td class="rblock">      Realm  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
    516364      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    517365      <tr><td class="lineno" valign="top"></td><td class="left">   W</td><td> </td><td class="right">   W</td><td class="lineno" valign="top"></td></tr>
    518       <tr><td><a name="diff0036" /></td></tr>
     366      <tr><td><a name="diff0024" /></td></tr>
    519367      <tr><td class="lineno" valign="top"></td><td class="lblock">      WWW-Authenticate header field  <span class="delete">8</span></td><td> </td><td class="rblock">      WWW-Authenticate header field  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
    520368      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     
    530378
    531379     <tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr>
    532      <tr bgcolor="gray"><th colspan="5" align="center"><a name="end">&nbsp;End of changes. 36 change blocks.&nbsp;</a></th></tr>
    533      <tr class="stats"><td></td><th><i>123 lines changed or deleted</i></th><th><i> </i></th><th><i>102 lines changed or added</i></th><td></td></tr>
     380     <tr bgcolor="gray"><th colspan="5" align="center"><a name="end">&nbsp;End of changes. 24 change blocks.&nbsp;</a></th></tr>
     381     <tr class="stats"><td></td><th><i>106 lines changed or deleted</i></th><th><i> </i></th><th><i>85 lines changed or added</i></th><td></td></tr>
    534382     <tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.38. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr>
    535383   </table>
Note: See TracChangeset for help on using the changeset viewer.