Changeset 2700


Ignore:
Timestamp:
May 27, 2014, 11:12:19 PM (6 years ago)
Author:
julian.reschke@…
Message:

updated AUTH48 versions of RFC7230 and RFC7235 (#553)

Location:
draft-ietf-httpbis/latest/auth48
Files:
8 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/auth48/rfc7230-to-be.unpg.txt

    r2677 r2700  
    34823482
    34833483   Person and email address to contact for further information:
    3484       See Authors' Addresses Section.
     3484      See Authors' Addresses section.
    34853485
    34863486   Intended usage:  COMMON
     
    34883488   Restrictions on usage:  N/A
    34893489
    3490    Author:  See Authors' Addresses Section.
     3490   Author:  See Authors' Addresses section.
    34913491
    34923492   Change controller:  IESG
     
    35493549
    35503550   Person and email address to contact for further information:
    3551       See Authors' Addresses Section.
     3551      See Authors' Addresses section.
    35523552
    35533553   Intended usage:  COMMON
     
    35553555   Restrictions on usage:  N/A
    35563556
    3557    Author:  See Authors' Addresses Section.
     3557   Author:  See Authors' Addresses section.
    35583558
    35593559   Change controller:  IESG
  • draft-ietf-httpbis/latest/auth48/rfc7230-to-be.xml

    r2677 r2700  
    33493349   HTTP header fields are registered within the "Message Headers" registry
    33503350   maintained at
    3351    <eref target="http://www.iana.org/assignments/message-headers/"/>.
     3351   &lt;http://www.iana.org/assignments/message-headers/&gt;.
    33523352</t>
    33533353<t>
     
    34413441<t>
    34423442   IANA maintains the registry of URI Schemes <xref target="BCP115"/> at
    3443    <eref target="http://www.iana.org/assignments/uri-schemes/"/>.
     3443   &lt;http://www.iana.org/assignments/uri-schemes/&gt;.
    34443444</t>
    34453445<t>
     
    34653465<t>
    34663466   IANA maintains the registry of Internet media types <xref target="BCP13"/> at
    3467    <eref target="http://www.iana.org/assignments/media-types"/>.
     3467   &lt;http://www.iana.org/assignments/media-types&gt;.
    34683468</t>
    34693469<t>
     
    35333533    </t>
    35343534    <t hangText="Person and email address to contact for further information:">
    3535       See&nbsp;Authors'&nbsp;Addresses&nbsp;Section.
     3535      See&nbsp;Authors'&nbsp;Addresses&nbsp;section.
    35363536    </t>
    35373537    <t hangText="Intended usage:">
     
    35423542    </t>
    35433543    <t hangText="Author:">
    3544       See Authors' Addresses Section.
     3544      See Authors' Addresses section.
    35453545    </t>
    35463546    <t hangText="Change controller:">
     
    36133613    </t>
    36143614    <t hangText="Person and email address to contact for further information:">
    3615       See&nbsp;Authors'&nbsp;Addresses&nbsp;Section.
     3615      See&nbsp;Authors'&nbsp;Addresses&nbsp;section.
    36163616    </t>
    36173617    <t hangText="Intended usage:">
     
    36223622    </t>
    36233623    <t hangText="Author:">
    3624       See Authors' Addresses Section.
     3624      See Authors' Addresses section.
    36253625    </t>
    36263626    <t hangText="Change controller:">
     
    36353635<t>
    36363636   The "HTTP Transfer Coding Registry" defines the namespace for transfer
    3637    coding names. It is maintained at <eref target="http://www.iana.org/assignments/http-parameters"/>.
     3637   coding names. It is maintained at &lt;http://www.iana.org/assignments/http-parameters&gt;.
    36383638</t>
    36393639
     
    37123712<t>
    37133713   IANA maintains the "HTTP Content Coding Registry" at
    3714    <eref target="http://www.iana.org/assignments/http-parameters"/>.
     3714   &lt;http://www.iana.org/assignments/http-parameters&gt;.
    37153715</t>
    37163716<t>
     
    37553755   The "Hypertext Transfer Protocol (HTTP) Upgrade Token Registry" defines the namespace for protocol-name
    37563756   tokens used to identify protocols in the <xref target="header.upgrade" format="none">Upgrade</xref> header
    3757    field. The registry is maintained at <eref target="http://www.iana.org/assignments/http-upgrade-tokens"/>.
     3757   field. The registry is maintained at &lt;http://www.iana.org/assignments/http-upgrade-tokens&gt;.
    37583758</t>
    37593759
  • draft-ietf-httpbis/latest/auth48/rfc7230.abdiff.txt

    r2677 r2700  
    313313
    314314
     315Section 8.3.1., paragraph 18:
     316OLD:
     317
     318    Person and email address to contact for further information:
     319       See Authors' Addresses Section.
     320
     321NEW:
     322
     323    Person and email address to contact for further information:
     324       See Authors' Addresses section.
     325
     326
     327Section 8.3.1., paragraph 21:
     328OLD:
     329
     330    Author:  See Authors' Addresses Section.
     331
     332NEW:
     333
     334    Author:  See Authors' Addresses section.
     335
     336
     337Section 8.3.2., paragraph 18:
     338OLD:
     339
     340    Person and email address to contact for further information:
     341       See Authors' Addresses Section.
     342
     343NEW:
     344
     345    Person and email address to contact for further information:
     346       See Authors' Addresses section.
     347
     348
     349Section 8.3.2., paragraph 21:
     350OLD:
     351
     352    Author:  See Authors' Addresses Section.
     353
     354NEW:
     355
     356    Author:  See Authors' Addresses section.
     357
     358
    315359Section 11.1., paragraph 8:
    316360OLD:
  • draft-ietf-httpbis/latest/auth48/rfc7230.diff.html

    r2677 r2700  
    138138      <tr><td class="lineno" valign="top"></td><td class="left">   specification:</td><td> </td><td class="right">   specification:</td><td class="lineno" valign="top"></td></tr>
    139139      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    140       <tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 73, line 7</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 73, line 7</em></th><td></td></tr>
     140      <tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 62, line 7</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 62, line 7</em></th><td></td></tr>
     141      <tr><td class="lineno" valign="top"></td><td class="left">   Additional information:</td><td> </td><td class="right">   Additional information:</td><td class="lineno" valign="top"></td></tr>
     142      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     143      <tr><td class="lineno" valign="top"></td><td class="left">      Magic number(s):  N/A</td><td> </td><td class="right">      Magic number(s):  N/A</td><td class="lineno" valign="top"></td></tr>
     144      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     145      <tr><td class="lineno" valign="top"></td><td class="left">      Deprecated alias names for this type:  N/A</td><td> </td><td class="right">      Deprecated alias names for this type:  N/A</td><td class="lineno" valign="top"></td></tr>
     146      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     147      <tr><td class="lineno" valign="top"></td><td class="left">      File extension(s):  N/A</td><td> </td><td class="right">      File extension(s):  N/A</td><td class="lineno" valign="top"></td></tr>
     148      <tr><td class="lineno" valign="top"></td><td class="left">      Macintosh file type code(s):  N/A</td><td> </td><td class="right">      Macintosh file type code(s):  N/A</td><td class="lineno" valign="top"></td></tr>
     149      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     150      <tr><td class="lineno" valign="top"></td><td class="left">   Person and email address to contact for further information:</td><td> </td><td class="right">   Person and email address to contact for further information:</td><td class="lineno" valign="top"></td></tr>
     151      <tr><td><a name="diff0010" /></td></tr>
     152      <tr><td class="lineno" valign="top"></td><td class="lblock">      See Authors' Addresses <span class="delete">S</span>ection.</td><td> </td><td class="rblock">      See Authors' Addresses <span class="insert">s</span>ection.</td><td class="lineno" valign="top"></td></tr>
     153      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     154      <tr><td class="lineno" valign="top"></td><td class="left">   Intended usage:  COMMON</td><td> </td><td class="right">   Intended usage:  COMMON</td><td class="lineno" valign="top"></td></tr>
     155      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     156      <tr><td class="lineno" valign="top"></td><td class="left">   Restrictions on usage:  N/A</td><td> </td><td class="right">   Restrictions on usage:  N/A</td><td class="lineno" valign="top"></td></tr>
     157      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     158      <tr><td><a name="diff0011" /></td></tr>
     159      <tr><td class="lineno" valign="top"></td><td class="lblock">   Author:  See Authors' Addresses <span class="delete">S</span>ection.</td><td> </td><td class="rblock">   Author:  See Authors' Addresses <span class="insert">s</span>ection.</td><td class="lineno" valign="top"></td></tr>
     160      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     161      <tr><td class="lineno" valign="top"></td><td class="left">   Change controller:  IESG</td><td> </td><td class="right">   Change controller:  IESG</td><td class="lineno" valign="top"></td></tr>
     162      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     163      <tr><td class="lineno" valign="top"></td><td class="left">8.3.2.  Internet Media Type application/http</td><td> </td><td class="right">8.3.2.  Internet Media Type application/http</td><td class="lineno" valign="top"></td></tr>
     164      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     165      <tr><td class="lineno" valign="top"></td><td class="left">   The application/http type can be used to enclose a pipeline of one or</td><td> </td><td class="right">   The application/http type can be used to enclose a pipeline of one or</td><td class="lineno" valign="top"></td></tr>
     166      <tr><td class="lineno" valign="top"></td><td class="left">   more HTTP request or response messages (not intermixed).</td><td> </td><td class="right">   more HTTP request or response messages (not intermixed).</td><td class="lineno" valign="top"></td></tr>
     167      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     168      <tr><td class="lineno" valign="top"></td><td class="left">   Type name:  application</td><td> </td><td class="right">   Type name:  application</td><td class="lineno" valign="top"></td></tr>
     169      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     170      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
     171      <tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 63, line 17</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 63, line 17</em></th><td></td></tr>
     172      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     173      <tr><td class="lineno" valign="top"></td><td class="left">      Deprecated alias names for this type:  N/A</td><td> </td><td class="right">      Deprecated alias names for this type:  N/A</td><td class="lineno" valign="top"></td></tr>
     174      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     175      <tr><td class="lineno" valign="top"></td><td class="left">      Magic number(s):  N/A</td><td> </td><td class="right">      Magic number(s):  N/A</td><td class="lineno" valign="top"></td></tr>
     176      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     177      <tr><td class="lineno" valign="top"></td><td class="left">      File extension(s):  N/A</td><td> </td><td class="right">      File extension(s):  N/A</td><td class="lineno" valign="top"></td></tr>
     178      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     179      <tr><td class="lineno" valign="top"></td><td class="left">      Macintosh file type code(s):  N/A</td><td> </td><td class="right">      Macintosh file type code(s):  N/A</td><td class="lineno" valign="top"></td></tr>
     180      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     181      <tr><td class="lineno" valign="top"></td><td class="left">   Person and email address to contact for further information:</td><td> </td><td class="right">   Person and email address to contact for further information:</td><td class="lineno" valign="top"></td></tr>
     182      <tr><td><a name="diff0012" /></td></tr>
     183      <tr><td class="lineno" valign="top"></td><td class="lblock">      See Authors' Addresses <span class="delete">S</span>ection.</td><td> </td><td class="rblock">      See Authors' Addresses <span class="insert">s</span>ection.</td><td class="lineno" valign="top"></td></tr>
     184      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     185      <tr><td class="lineno" valign="top"></td><td class="left">   Intended usage:  COMMON</td><td> </td><td class="right">   Intended usage:  COMMON</td><td class="lineno" valign="top"></td></tr>
     186      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     187      <tr><td class="lineno" valign="top"></td><td class="left">   Restrictions on usage:  N/A</td><td> </td><td class="right">   Restrictions on usage:  N/A</td><td class="lineno" valign="top"></td></tr>
     188      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     189      <tr><td><a name="diff0013" /></td></tr>
     190      <tr><td class="lineno" valign="top"></td><td class="lblock">   Author:  See Authors' Addresses <span class="delete">S</span>ection.</td><td> </td><td class="rblock">   Author:  See Authors' Addresses <span class="insert">s</span>ection.</td><td class="lineno" valign="top"></td></tr>
     191      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     192      <tr><td class="lineno" valign="top"></td><td class="left">   Change controller:  IESG</td><td> </td><td class="right">   Change controller:  IESG</td><td class="lineno" valign="top"></td></tr>
     193      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     194      <tr><td class="lineno" valign="top"></td><td class="left">8.4.  Transfer Coding Registry</td><td> </td><td class="right">8.4.  Transfer Coding Registry</td><td class="lineno" valign="top"></td></tr>
     195      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     196      <tr><td class="lineno" valign="top"></td><td class="left">   The "HTTP Transfer Coding Registry" defines the namespace for</td><td> </td><td class="right">   The "HTTP Transfer Coding Registry" defines the namespace for</td><td class="lineno" valign="top"></td></tr>
     197      <tr><td class="lineno" valign="top"></td><td class="left">   transfer coding names.  It is maintained at</td><td> </td><td class="right">   transfer coding names.  It is maintained at</td><td class="lineno" valign="top"></td></tr>
     198      <tr><td class="lineno" valign="top"></td><td class="left">   &lt;http://www.iana.org/assignments/http-parameters&gt;.</td><td> </td><td class="right">   &lt;http://www.iana.org/assignments/http-parameters&gt;.</td><td class="lineno" valign="top"></td></tr>
     199      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     200      <tr><td class="lineno" valign="top"></td><td class="left">8.4.1.  Procedure</td><td> </td><td class="right">8.4.1.  Procedure</td><td class="lineno" valign="top"></td></tr>
     201      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
     202      <tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 73, line 7</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 73, line 7</em></th><td></td></tr>
    141203      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC3986]     Berners-Lee, T., Fielding, R., and L. Masinter,</td><td> </td><td class="right">   [RFC3986]     Berners-Lee, T., Fielding, R., and L. Masinter,</td><td class="lineno" valign="top"></td></tr>
    142204      <tr><td class="lineno" valign="top"></td><td class="left">                 "Uniform Resource Identifier (URI): Generic Syntax",</td><td> </td><td class="right">                 "Uniform Resource Identifier (URI): Generic Syntax",</td><td class="lineno" valign="top"></td></tr>
     
    149211      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7231]     Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td> </td><td class="right">   [RFC7231]     Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td class="lineno" valign="top"></td></tr>
    150212      <tr><td class="lineno" valign="top"></td><td class="left">                 Transfer Protocol (HTTP/1.1): Semantics and Content",</td><td> </td><td class="right">                 Transfer Protocol (HTTP/1.1): Semantics and Content",</td><td class="lineno" valign="top"></td></tr>
    151       <tr><td><a name="diff0010" /></td></tr>
     213      <tr><td><a name="diff0014" /></td></tr>
    152214      <tr><td class="lineno" valign="top"></td><td class="lblock">                 <span class="delete">draft-ietf-httpbis-p2-semantics-latest (work in</span></td><td> </td><td class="rblock">                 <span class="insert">RFC 7231,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
    153215      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">                 progress),</span> May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
     
    155217      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7232]     Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td> </td><td class="right">   [RFC7232]     Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td class="lineno" valign="top"></td></tr>
    156218      <tr><td class="lineno" valign="top"></td><td class="left">                 Transfer Protocol (HTTP/1.1): Conditional Requests",</td><td> </td><td class="right">                 Transfer Protocol (HTTP/1.1): Conditional Requests",</td><td class="lineno" valign="top"></td></tr>
    157       <tr><td><a name="diff0011" /></td></tr>
     219      <tr><td><a name="diff0015" /></td></tr>
    158220      <tr><td class="lineno" valign="top"></td><td class="lblock">                 <span class="delete">draft-ietf-httpbis-p4-conditional-latest (work in</span></td><td> </td><td class="rblock">                 <span class="insert">RFC 7232,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
    159221      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">                 progress),</span> May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
     
    161223      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7233]     Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,</td><td> </td><td class="right">   [RFC7233]     Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,</td><td class="lineno" valign="top"></td></tr>
    162224      <tr><td class="lineno" valign="top"></td><td class="left">                 "Hypertext Transfer Protocol (HTTP/1.1): Range</td><td> </td><td class="right">                 "Hypertext Transfer Protocol (HTTP/1.1): Range</td><td class="lineno" valign="top"></td></tr>
    163       <tr><td><a name="diff0012" /></td></tr>
     225      <tr><td><a name="diff0016" /></td></tr>
    164226      <tr><td class="lineno" valign="top"></td><td class="lblock">                 Requests", <span class="delete">draft-ietf-httpbis-p5-range-latest (work in</span></td><td> </td><td class="rblock">                 Requests", <span class="insert">RFC 7233,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
    165227      <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">                 progress),</span> May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
     
    167229      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7234]     Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,</td><td> </td><td class="right">   [RFC7234]     Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,</td><td class="lineno" valign="top"></td></tr>
    168230      <tr><td class="lineno" valign="top"></td><td class="left">                 Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",</td><td> </td><td class="right">                 Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",</td><td class="lineno" valign="top"></td></tr>
    169       <tr><td><a name="diff0013" /></td></tr>
     231      <tr><td><a name="diff0017" /></td></tr>
    170232      <tr><td class="lineno" valign="top"></td><td class="lblock">                 <span class="delete">draft-ietf-httpbis-p6-cache-latest (work in progress),</span></td><td> </td><td class="rblock">                 <span class="insert">RFC 7234,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
    171233      <tr><td class="lineno" valign="top"></td><td class="lblock">                 May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
     
    173235      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7235]     Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td> </td><td class="right">   [RFC7235]     Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td class="lineno" valign="top"></td></tr>
    174236      <tr><td class="lineno" valign="top"></td><td class="left">                 Transfer Protocol (HTTP/1.1): Authentication",</td><td> </td><td class="right">                 Transfer Protocol (HTTP/1.1): Authentication",</td><td class="lineno" valign="top"></td></tr>
    175       <tr><td><a name="diff0014" /></td></tr>
     237      <tr><td><a name="diff0018" /></td></tr>
    176238      <tr><td class="lineno" valign="top"></td><td class="lblock">                 <span class="delete">draft-ietf-httpbis-p7-auth-latest (work in progress),</span></td><td> </td><td class="rblock">                 <span class="insert">RFC 7235,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
    177239      <tr><td class="lineno" valign="top"></td><td class="lblock">                 May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
     
    188250
    189251     <tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr>
    190      <tr bgcolor="gray"><th colspan="5" align="center"><a name="end">&nbsp;End of changes. 14 change blocks.&nbsp;</a></th></tr>
    191      <tr class="stats"><td></td><th><i>45 lines changed or deleted</i></th><th><i> </i></th><th><i>21 lines changed or added</i></th><td></td></tr>
     252     <tr bgcolor="gray"><th colspan="5" align="center"><a name="end">&nbsp;End of changes. 18 change blocks.&nbsp;</a></th></tr>
     253     <tr class="stats"><td></td><th><i>49 lines changed or deleted</i></th><th><i> </i></th><th><i>25 lines changed or added</i></th><td></td></tr>
    192254     <tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.38. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr>
    193255   </table>
  • draft-ietf-httpbis/latest/auth48/rfc7235-to-be.unpg.txt

    r2678 r2700  
    7979     3.1.  401 Unauthorized . . . . . . . . . . . . . . . . . . . . .  6
    8080     3.2.  407 Proxy Authentication Required  . . . . . . . . . . . .  6
    81    4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  6
     81   4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  7
    8282     4.1.  WWW-Authenticate . . . . . . . . . . . . . . . . . . . . .  7
    83      4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  7
     83     4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  8
    8484     4.3.  Proxy-Authenticate . . . . . . . . . . . . . . . . . . . .  8
    85      4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  8
     85     4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  9
    8686   5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  9
    8787     5.1.  Authentication Scheme Registry . . . . . . . . . . . . . .  9
     
    9595     6.3.  Protection Spaces  . . . . . . . . . . . . . . . . . . . . 13
    9696   7.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 13
    97    8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 13
    98      8.1.  Normative References . . . . . . . . . . . . . . . . . . . 13
     97   8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 14
     98     8.1.  Normative References . . . . . . . . . . . . . . . . . . . 14
    9999     8.2.  Informative References . . . . . . . . . . . . . . . . . . 14
    100100   Appendix A.  Changes from RFCs 2616 and 2617 . . . . . . . . . . . 15
     
    123123   client request and by a client to provide authentication information.
    124124   This document defines HTTP/1.1 authentication in terms of the
    125    architecture defined in [RFC7230], including the general framework
    126    previously described in [RFC2617] and the related fields and status
    127    codes previously defined in [RFC2616].
     125   architecture defined in "Hypertext Transfer Protocol (HTTP/1.1):
     126   Message Syntax and Routing" [RFC7230], including the general
     127   framework previously described in "HTTP Authentication: Basic and
     128   Digest Access Authentication" [RFC2617] and the related fields and
     129   status codes previously defined in "Hypertext Transfer Protocol --
     130   HTTP/1.1" [RFC2616].
    128131
    129132   The IANA Authentication Scheme Registry (Section 5.1) lists
     
    161164   followed by additional information necessary for achieving
    162165   authentication via that scheme.  The latter can be either a comma-
     166
     167
     168
     169Fielding & Reschke           Standards Track                    [Page 3]
     170
     171
     172RFC 7235                 HTTP/1.1 Authentication                May 2014
     173
     174
    163175   separated list of parameters or a single sequence of characters
    164176   capable of holding base64-encoded information.
    165 
    166 
    167 
    168 
    169 Fielding & Reschke           Standards Track                    [Page 3]
    170 
    171 
    172 RFC 7235                 HTTP/1.1 Authentication                May 2014
    173 
    174177
    175178   Authentication parameters are name=value pairs, where the name token
     
    218221   Both the Authorization field value and the Proxy-Authorization field
    219222   value contain the client's credentials for the realm of the resource
     223
     224
     225
     226Fielding & Reschke           Standards Track                    [Page 4]
     227
     228
     229RFC 7235                 HTTP/1.1 Authentication                May 2014
     230
     231
    220232   being requested, based upon a challenge received in a response
    221233   (possibly at some point in the past).  When creating their values,
    222234   the user agent ought to do so by selecting the challenge with what it
    223 
    224 
    225 
    226 Fielding & Reschke           Standards Track                    [Page 4]
    227 
    228 
    229 RFC 7235                 HTTP/1.1 Authentication                May 2014
    230 
    231 
    232235   considers to be the most secure auth-scheme that it understands,
    233236   obtaining credentials from the user as appropriate.  Transmission of
     
    275278   spaces, each with its own authentication scheme and/or authorization
    276279   database.  The realm value is a string, generally assigned by the
     280
     281
     282
     283Fielding & Reschke           Standards Track                    [Page 5]
     284
     285
     286RFC 7235                 HTTP/1.1 Authentication                May 2014
     287
     288
    277289   origin server, that can have additional semantics specific to the
    278290   authentication scheme.  Note that a response can have multiple
    279291   challenges with the same auth-scheme but with different realms.
    280 
    281 
    282 
    283 Fielding & Reschke           Standards Track                    [Page 5]
    284 
    285 
    286 RFC 7235                 HTTP/1.1 Authentication                May 2014
    287 
    288292
    289293   The protection space determines the domain over which credentials can
     
    330334   field (Section 4.4).
    331335
     336
     337
     338
     339
     340Fielding & Reschke           Standards Track                    [Page 6]
     341
     342
     343RFC 7235                 HTTP/1.1 Authentication                May 2014
     344
     345
    3323464.  Header Field Definitions
    333347
    334348   This section defines the syntax and semantics of header fields
    335349   related to the HTTP authentication framework.
    336 
    337 
    338 
    339 
    340 Fielding & Reschke           Standards Track                    [Page 6]
    341 
    342 
    343 RFC 7235                 HTTP/1.1 Authentication                May 2014
    344 
    345350
    3463514.1.  WWW-Authenticate
     
    383388      and thus is harmless.
    384389
     390
     391
     392
     393
     394
     395
     396
     397Fielding & Reschke           Standards Track                    [Page 7]
     398
     399
     400RFC 7235                 HTTP/1.1 Authentication                May 2014
     401
     402
    3854034.2.  Authorization
    386404
     
    392410
    393411     Authorization = credentials
    394 
    395 
    396 
    397 Fielding & Reschke           Standards Track                    [Page 7]
    398 
    399 
    400 RFC 7235                 HTTP/1.1 Authentication                May 2014
    401 
    402412
    403413   If a request is authenticated and a realm specified, the same
     
    437447   this header field as well; see Section 4.1 for details.
    438448
     449
     450
     451
     452
     453
     454Fielding & Reschke           Standards Track                    [Page 8]
     455
     456
     457RFC 7235                 HTTP/1.1 Authentication                May 2014
     458
     459
    4394604.4.  Proxy-Authorization
    440461
     
    449470   Unlike Authorization, the Proxy-Authorization header field applies
    450471   only to the next inbound proxy that demanded authentication using the
    451 
    452 
    453 
    454 Fielding & Reschke           Standards Track                    [Page 8]
    455 
    456 
    457 RFC 7235                 HTTP/1.1 Authentication                May 2014
    458 
    459 
    460472   Proxy-Authenticate field.  When multiple proxies are used in a chain,
    461473   the Proxy-Authorization header field is consumed by the first inbound
     
    4694815.1.  Authentication Scheme Registry
    470482
    471    The "HTTP Authentication Schemes" registry defines the name space for
    472    the authentication schemes in challenges and credentials.  The
    473    registry has been created and is now maintained at
    474    <http://www.iana.org/assignments/http-authschemes>.
     483   The "Hypertext Transfer Protocol (HTTP) Authentication Scheme
     484   Registry" defines the namespace for the authentication schemes in
     485   challenges and credentials.  It has been created and is now
     486   maintained at <http://www.iana.org/assignments/http-authschemes>.
    475487
    4764885.1.1.  Procedure
     
    484496   o  Notes (optional)
    485497
    486    Values to be added to this name space require IETF Review (see
     498   Values to be added to this namespace require IETF Review (see
    487499   [RFC5226], Section 4.1).
    488500
     
    491503   There are certain aspects of the HTTP Authentication Framework that
    492504   put constraints on how new authentication schemes can work:
     505
     506
     507
     508
     509
     510
     511Fielding & Reschke           Standards Track                    [Page 9]
     512
     513
     514RFC 7235                 HTTP/1.1 Authentication                May 2014
     515
    493516
    494517   o  HTTP authentication is presumed to be stateless: all of the
     
    505528      NOT use it in a way incompatible with that definition.
    506529
    507 
    508 
    509 
    510 
    511 Fielding & Reschke           Standards Track                    [Page 9]
    512 
    513 
    514 RFC 7235                 HTTP/1.1 Authentication                May 2014
    515 
    516 
    517530   o  The "token68" notation was introduced for compatibility with
    518531      existing authentication schemes and can only be used once per
     
    550563      HTTP caches as the "private" Cache-Control response directive
    551564      (Section 5.2.2.6 of [RFC7234]), within the scope of the request in
     565
     566
     567
     568Fielding & Reschke           Standards Track                   [Page 10]
     569
     570
     571RFC 7235                 HTTP/1.1 Authentication                May 2014
     572
     573
    552574      which they appear.
    553575
     
    559581      directives (e.g., "private").
    560582
    561 
    562 
    563 
    564 
    565 
    566 
    567 
    568 Fielding & Reschke           Standards Track                   [Page 10]
    569 
    570 
    571 RFC 7235                 HTTP/1.1 Authentication                May 2014
    572 
    573 
    5745835.2.  Status Code Registration
    575584
    576    The HTTP Status Code Registry located at
    577    <http://www.iana.org/assignments/http-status-codes> shall be updated
    578    with the registrations below:
     585   The "Hypertext Transfer Protocol (HTTP) Status Code Registry" located
     586   at <http://www.iana.org/assignments/http-status-codes> has been
     587   updated with the registrations below:
    579588
    580589   +-------+-------------------------------+-------------+
     
    5875965.3.  Header Field Registration
    588597
    589    HTTP header fields are registered within the Message Header Field
    590    Registry maintained at
    591    <http://www.iana.org/assignments/message-headers>.
    592 
    593    This document defines the following HTTP header fields, so their
    594    associated registry entries have been updated according to the
    595    permanent registrations below (see [BCP90]):
     598   HTTP header fields are registered within the "Message Headers"
     599   registry maintained at
     600   <http://www.iana.org/assignments/message-headers/>.
     601
     602   This document defines the following HTTP header fields, so the
     603   "Permanent Message Header Field Names" registry has been updated
     604   accordingly (see [BCP90]).
    596605
    597606   +---------------------+----------+----------+-------------+
     
    611620   This section is meant to inform developers, information providers,
    612621   and users of known security concerns specific to HTTP authentication.
     622
     623
     624
     625Fielding & Reschke           Standards Track                   [Page 11]
     626
     627
     628RFC 7235                 HTTP/1.1 Authentication                May 2014
     629
     630
    613631   More general security considerations are addressed in HTTP messaging
    614632   [RFC7230] and semantics [RFC7231].
     
    620638   the potential considerations for specific authentication schemes
    621639   (which ought to be documented in the specifications that define those
    622 
    623 
    624 
    625 Fielding & Reschke           Standards Track                   [Page 11]
    626 
    627 
    628 RFC 7235                 HTTP/1.1 Authentication                May 2014
    629 
    630 
    631640   schemes).  Various organizations maintain topical information and
    632641   links to current research on Web application security (e.g.,
     
    648657   credentials remains confidential.
    649658
    650    HTTP depends on the security properties of the underlying transport
     659   HTTP depends on the security properties of the underlying transport-
    651660   or session-level connection to provide confidential transmission of
    652661   header fields.  In other words, if a server limits access to
     
    668677   scheme definition.
    669678
     679
     680
     681
     682Fielding & Reschke           Standards Track                   [Page 12]
     683
     684
     685RFC 7235                 HTTP/1.1 Authentication                May 2014
     686
     687
    670688   Circumstances under which credential caching can interfere with the
    671689   application's security model include but are not limited to:
     
    677695   o  Applications that include a session termination indication (such
    678696      as a "logout" or "commit" button on a page) after which the server
    679 
    680 
    681 
    682 Fielding & Reschke           Standards Track                   [Page 12]
    683 
    684 
    685 RFC 7235                 HTTP/1.1 Authentication                May 2014
    686 
    687 
    688697      side of the application "knows" that there is no further reason
    689698      for the client to retain the credentials.
     
    7257348.  References
    726735
     736
     737
     738
     739Fielding & Reschke           Standards Track                   [Page 13]
     740
     741
     742RFC 7235                 HTTP/1.1 Authentication                May 2014
     743
     744
    7277458.1.  Normative References
    728746
     
    734752
    735753   [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
    736 
    737 
    738 
    739 Fielding & Reschke           Standards Track                   [Page 13]
    740 
    741 
    742 RFC 7235                 HTTP/1.1 Authentication                May 2014
    743 
    744 
    745754              Protocol (HTTP/1.1): Message Syntax and Routing",
    746755              RFC 7230, May 2014.
     
    782791
    783792   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
     793
     794
     795
     796Fielding & Reschke           Standards Track                   [Page 14]
     797
     798
     799RFC 7235                 HTTP/1.1 Authentication                May 2014
     800
     801
    784802              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
    785803              May 2008.
     
    787805   [RFC5246]  Dierks, T. and E. Rescorla, "The Transport Layer Security
    788806              (TLS) Protocol Version 1.2", RFC 5246, August 2008.
    789 
    790 
    791 
    792 
    793 
    794 
    795 
    796 Fielding & Reschke           Standards Track                   [Page 14]
    797 
    798 
    799 RFC 7235                 HTTP/1.1 Authentication                May 2014
    800 
    801807
    802808Appendix A.  Changes from RFCs 2616 and 2617
     
    845851
    846852
    847 
    848 
    849 
    850 
    851 
    852 
    853853Fielding & Reschke           Standards Track                   [Page 15]
    854854
     
    891891
    892892   A
    893       Authorization header field  7
     893      Authorization header field  8
    894894
    895895   C
     
    900900         auth-param  4
    901901         auth-scheme  4
    902          Authorization  7
     902         Authorization  8
    903903         challenge  4
    904904         credentials  5
    905905         Proxy-Authenticate  8
    906          Proxy-Authorization  8
     906         Proxy-Authorization  9
    907907
    908908
     
    920920      Protection Space  5
    921921      Proxy-Authenticate header field  8
    922       Proxy-Authorization header field  8
     922      Proxy-Authorization header field  9
    923923
    924924   R
  • draft-ietf-httpbis/latest/auth48/rfc7235-to-be.xml

    r2678 r2700  
    5858  <workgroup>HTTPbis Working Group</workgroup>
    5959
    60 <!-- [rfced] Please insert any keywords (beyond those that appear in
    61 the title) for use on http://www.rfc-editor.org/search.
    62 -->
    63 
    64 <keyword>example</keyword>
    65 
    66 <!-- Please review the use of quotes with relation to scheme and syntax names.
    67 
    68 -->
     60  <keyword>Hypertext Transfer Protocol</keyword>
     61  <keyword>HTTP</keyword>
     62  <keyword>HTTP authentication</keyword>
    6963
    7064<abstract>
     
    8579   provide authentication information. This document defines HTTP/1.1
    8680   authentication in terms of the architecture defined in
     81   "Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing"
    8782   <xref target="RFC7230"/>, including the general framework previously
    88    described in <xref target="RFC2617"/> and
     83   described in "HTTP Authentication: Basic and Digest Access Authentication" <xref target="RFC2617"/> and
    8984   the related fields and status codes previously defined in
    90    <xref target="RFC2616"/>.
     85   "Hypertext Transfer Protocol -- HTTP/1.1" <xref target="RFC2616"/>.
    9186</t>
    9287<t>
     
    476471<section title="Authentication Scheme Registry" anchor="authentication.scheme.registry">
    477472<t>
    478    The "HTTP Authentication Schemes" registry defines the name space for the
    479    authentication schemes in challenges and credentials. The registry has been created and
    480    is now maintained at &lt;http://www.iana.org/assignments/http-authschemes&gt;.
     473   The "Hypertext Transfer Protocol (HTTP) Authentication Scheme Registry" defines the namespace for the
     474   authentication schemes in challenges and credentials. It has been created
     475   and is now maintained at &lt;http://www.iana.org/assignments/http-authschemes&gt;.
    481476</t>
    482477
     
    491486</t>
    492487<t>
    493   Values to be added to this name space require IETF Review
     488  Values to be added to this namespace require IETF Review
    494489  (see <xref target="RFC5226"/>, Section 4.1).
    495490</t>
     
    569564<section title="Status Code Registration" anchor="status.code.registration">
    570565<t>
    571    The HTTP Status Code Registry located at &lt;http://www.iana.org/assignments/http-status-codes&gt;
    572    shall be updated with the registrations below:
     566   The "Hypertext Transfer Protocol (HTTP) Status Code Registry" located at &lt;http://www.iana.org/assignments/http-status-codes&gt;
     567   has been updated with the registrations below:
    573568</t>
    574569
     
    593588<section title="Header Field Registration" anchor="header.field.registration">
    594589<t>
    595    HTTP header fields are registered within the Message Header Field Registry
     590   HTTP header fields are registered within the "Message Headers" registry
    596591   maintained at
    597    &lt;http://www.iana.org/assignments/message-headers&gt;.
    598 </t>
    599 <t>
    600    This document defines the following HTTP header fields, so their
    601    associated registry entries have been updated according to the permanent
    602    registrations below (see <xref target="BCP90"/>):
     592   &lt;http://www.iana.org/assignments/message-headers/&gt;.
     593</t>
     594<t>
     595   This document defines the following HTTP header fields, so the
     596   "Permanent Message Header Field Names" registry has been updated
     597   accordingly (see <xref target="BCP90"/>).
    603598</t>
    604599
     
    675670</t>
    676671<t>
    677    HTTP depends on the security properties of the underlying transport or
     672   HTTP depends on the security properties of the underlying transport- or
    678673   session-level connection to provide confidential transmission of header
    679674   fields. In other words, if a server limits access to authenticated users
     
    11151110</section>
    11161111
    1117 
    1118 
    11191112</back>
    11201113</rfc>
  • draft-ietf-httpbis/latest/auth48/rfc7235.abdiff.txt

    r2693 r2700  
    147147      3.1.  401 Unauthorized . . . . . . . . . . . . . . . . . . . . .  6
    148148      3.2.  407 Proxy Authentication Required  . . . . . . . . . . . .  6
    149     4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  6
     149    4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  7
    150150      4.1.  WWW-Authenticate . . . . . . . . . . . . . . . . . . . . .  7
    151       4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  7
     151      4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  8
    152152      4.3.  Proxy-Authenticate . . . . . . . . . . . . . . . . . . . .  8
    153       4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  8
     153      4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  9
    154154    5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  9
    155155      5.1.  Authentication Scheme Registry . . . . . . . . . . . . . .  9
     
    163163      6.3.  Protection Spaces  . . . . . . . . . . . . . . . . . . . . 13
    164164    7.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 13
    165     8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 13
    166       8.1.  Normative References . . . . . . . . . . . . . . . . . . . 13
     165    8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 14
     166      8.1.  Normative References . . . . . . . . . . . . . . . . . . . 14
    167167      8.2.  Informative References . . . . . . . . . . . . . . . . . . 14
    168168    Appendix A.  Changes from RFCs 2616 and 2617 . . . . . . . . . . . 15
     
    172172
    173173
    174 Section 1., paragraph 1:
    175 OLD:
    176 
    177     HTTP provides a general framework for access control and
    178     authentication, via an extensible set of challenge-response
    179     authentication schemes, which can be used by a server to challenge a
    180     client request and by a client to provide authentication information.
    181     This document defines HTTP/1.1 authentication in terms of the
    182     architecture defined in "Hypertext Transfer Protocol (HTTP/1.1):
    183     Message Syntax and Routing" [RFC7230], including the general
    184     framework previously described in "HTTP Authentication: Basic and
    185     Digest Access Authentication" [RFC2617] and the related fields and
    186     status codes previously defined in "Hypertext Transfer Protocol --
    187     HTTP/1.1" [RFC2616].
    188 
    189 NEW:
    190 
    191     HTTP provides a general framework for access control and
    192     authentication, via an extensible set of challenge-response
    193     authentication schemes, which can be used by a server to challenge a
    194     client request and by a client to provide authentication information.
    195     This document defines HTTP/1.1 authentication in terms of the
    196     architecture defined in [RFC7230], including the general framework
    197     previously described in [RFC2617] and the related fields and status
    198     codes previously defined in [RFC2616].
    199 
    200 
    201174Section 5.1., paragraph 1:
    202175OLD:
     
    209182NEW:
    210183
    211     The "HTTP Authentication Schemes" registry defines the name space for
    212     the authentication schemes in challenges and credentials.  The
    213     registry has been created and is now maintained at
    214     <http://www.iana.org/assignments/http-authschemes>.
    215 
    216 
    217 Section 5.2., paragraph 1:
    218 OLD:
    219 
    220     The "Hypertext Transfer Protocol (HTTP) Status Code Registry" located
    221     at <http://www.iana.org/assignments/http-status-codes> has been
    222     updated with the registrations below:
    223 
    224 NEW:
    225 
    226     The HTTP Status Code Registry located at
    227     <http://www.iana.org/assignments/http-status-codes> shall be updated
    228     with the registrations below:
    229 
    230 
    231 Section 5.3., paragraph 1:
    232 OLD:
    233 
    234     HTTP header fields are registered within the "Message Headers"
    235     registry maintained at
    236     <http://www.iana.org/assignments/message-headers/>.
    237 
    238 NEW:
    239 
    240     HTTP header fields are registered within the Message Header Field
    241     Registry maintained at
    242     <http://www.iana.org/assignments/message-headers>.
    243 
    244 
    245 Section 5.3., paragraph 2:
    246 OLD:
    247 
    248     This document defines the following HTTP header fields, so the
    249     "Permanent Message Header Field Names" registry has been updated
    250     accordingly (see [BCP90]).
    251 
    252 NEW:
    253 
    254     This document defines the following HTTP header fields, so their
    255     associated registry entries have been updated according to the
    256     permanent registrations below (see [BCP90]):
    257 
    258 
    259 Section 6., paragraph 1:
    260 OLD:
    261 
    262     This section is meant to inform developers, information providers,
    263     and users of known security concerns specific to HTTP authentication.
    264  
    265     More general security considerations are addressed in HTTP messaging
    266     [RFC7230] and semantics [RFC7231].
    267 
    268 NEW:
    269 
    270     This section is meant to inform developers, information providers,
    271     and users of known security concerns specific to HTTP authentication.
    272     More general security considerations are addressed in HTTP messaging
    273     [RFC7230] and semantics [RFC7231].
    274 
    275 
    276 Section 6.1., paragraph 2:
    277 OLD:
    278 
    279     HTTP depends on the security properties of the underlying transport-
    280     or session-level connection to provide confidential transmission of
    281     header fields.  In other words, if a server limits access to
    282     authenticated users using this framework, the server needs to ensure
    283     that the connection is properly secured in accordance with the nature
    284     of the authentication scheme used.  For example, services that depend
    285     on individual user authentication often require a connection to be
    286     secured with TLS ("Transport Layer Security", [RFC5246]) prior to
    287     exchanging any credentials.
    288 
    289 NEW:
    290 
    291     HTTP depends on the security properties of the underlying transport
    292     or session-level connection to provide confidential transmission of
    293     header fields.  In other words, if a server limits access to
    294     authenticated users using this framework, the server needs to ensure
    295     that the connection is properly secured in accordance with the nature
    296     of the authentication scheme used.  For example, services that depend
    297     on individual user authentication often require a connection to be
    298     secured with TLS ("Transport Layer Security", [RFC5246]) prior to
    299     exchanging any credentials.
    300 
    301 
    302 Section 8.1., paragraph 0:
    303 OLD:
    304 
    305  8.  References
    306  8.1.  Normative References
    307 
    308 NEW:
    309 
    310  8.  References
    311  
    312  8.1.  Normative References
     184    The "Hypertext Transfer Protocol (HTTP) Authentication Scheme
     185    Registry" defines the namespace for the authentication schemes in
     186    challenges and credentials.  It has been created and is now
     187    maintained at <http://www.iana.org/assignments/http-authschemes>.
    313188
    314189
     
    381256
    382257    A
    383        Authorization header field  7
     258       Authorization header field  8
    384259
    385260
     
    417292          auth-param  4
    418293          auth-scheme  4
    419           Authorization  7
     294          Authorization  8
    420295          challenge  4
    421296          credentials  5
    422297          Proxy-Authenticate  8
    423           Proxy-Authorization  8
     298          Proxy-Authorization  9
    424299          token68  4
    425300          WWW-Authenticate  7
     
    439314       Protection Space  5
    440315       Proxy-Authenticate header field  8
    441        Proxy-Authorization header field  8
     316       Proxy-Authorization header field  9
    442317
    443318
  • draft-ietf-httpbis/latest/auth48/rfc7235.diff.html

    r2693 r2700  
    125125      <tr><td class="lineno" valign="top"></td><td class="lblock">     3.1.  401 Unauthorized . . . . . . . . . . . . . . . . . . . . .  <span class="delete">7</span></td><td> </td><td class="rblock">     3.1.  401 Unauthorized . . . . . . . . . . . . . . . . . . . . .  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
    126126      <tr><td class="lineno" valign="top"></td><td class="lblock">     3.2.  407 Proxy Authentication Required  . . . . . . . . . . . .  <span class="delete">7</span></td><td> </td><td class="rblock">     3.2.  407 Proxy Authentication Required  . . . . . . . . . . . .  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
    127       <tr><td class="lineno" valign="top"></td><td class="lblock">   4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  <span class="delete">8</span></td><td> </td><td class="rblock">   4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
     127      <tr><td class="lineno" valign="top"></td><td class="lblock">   4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  <span class="delete">8</span></td><td> </td><td class="rblock">   4.  Header Field Definitions . . . . . . . . . . . . . . . . . . .  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
    128128      <tr><td class="lineno" valign="top"></td><td class="lblock">     4.1.  WWW-Authenticate . . . . . . . . . . . . . . . . . . . . .  <span class="delete">8</span></td><td> </td><td class="rblock">     4.1.  WWW-Authenticate . . . . . . . . . . . . . . . . . . . . .  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
    129       <tr><td class="lineno" valign="top"></td><td class="lblock">     4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  <span class="delete">9</span></td><td> </td><td class="rblock">     4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
     129      <tr><td class="lineno" valign="top"></td><td class="lblock">     4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  <span class="delete">9</span></td><td> </td><td class="rblock">     4.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . .  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
    130130      <tr><td class="lineno" valign="top"></td><td class="lblock">     4.3.  Proxy-Authenticate . . . . . . . . . . . . . . . . . . . .  <span class="delete">9</span></td><td> </td><td class="rblock">     4.3.  Proxy-Authenticate . . . . . . . . . . . . . . . . . . . .  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
    131       <tr><td class="lineno" valign="top"></td><td class="lblock">     4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock">     4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
     131      <tr><td class="lineno" valign="top"></td><td class="lblock">     4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock">     4.4.  Proxy-Authorization  . . . . . . . . . . . . . . . . . . .  <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
    132132      <tr><td class="lineno" valign="top"></td><td class="lblock">   5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock">   5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
    133133      <tr><td class="lineno" valign="top"></td><td class="lblock">     5.1.  Authentication Scheme Registry . . . . . . . . . . . . . . <span class="delete">10</span></td><td> </td><td class="rblock">     5.1.  Authentication Scheme Registry . . . . . . . . . . . . . .  <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
     
    141141      <tr><td class="lineno" valign="top"></td><td class="lblock">     6.3.  Protection Spaces  . . . . . . . . . . . . . . . . . . . . <span class="delete">14</span></td><td> </td><td class="rblock">     6.3.  Protection Spaces  . . . . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr>
    142142      <tr><td class="lineno" valign="top"></td><td class="lblock">   7.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">14</span></td><td> </td><td class="rblock">   7.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr>
    143       <tr><td class="lineno" valign="top"></td><td class="lblock">   8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">15</span></td><td> </td><td class="rblock">   8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr>
    144       <tr><td class="lineno" valign="top"></td><td class="lblock">     8.1.  Normative References . . . . . . . . . . . . . . . . . . . <span class="delete">15</span></td><td> </td><td class="rblock">     8.1.  Normative References . . . . . . . . . . . . . . . . . . . <span class="insert">13</span></td><td class="lineno" valign="top"></td></tr>
     143      <tr><td class="lineno" valign="top"></td><td class="lblock">   8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">15</span></td><td> </td><td class="rblock">   8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">14</span></td><td class="lineno" valign="top"></td></tr>
     144      <tr><td class="lineno" valign="top"></td><td class="lblock">     8.1.  Normative References . . . . . . . . . . . . . . . . . . . <span class="delete">15</span></td><td> </td><td class="rblock">     8.1.  Normative References . . . . . . . . . . . . . . . . . . . <span class="insert">14</span></td><td class="lineno" valign="top"></td></tr>
    145145      <tr><td class="lineno" valign="top"></td><td class="lblock">     8.2.  Informative References . . . . . . . . . . . . . . . . . . <span class="delete">15</span></td><td> </td><td class="rblock">     8.2.  Informative References . . . . . . . . . . . . . . . . . . <span class="insert">14</span></td><td class="lineno" valign="top"></td></tr>
    146146      <tr><td class="lineno" valign="top"></td><td class="lblock">   Appendix A.  Changes from RFCs 2616 and 2617 . . . . . . . . . . . <span class="delete">16</span></td><td> </td><td class="rblock">   Appendix A.  Changes from RFCs 2616 and 2617 . . . . . . . . . . . <span class="insert">15</span></td><td class="lineno" valign="top"></td></tr>
     
    156156      <tr><td class="lineno" valign="top"></td><td class="left">   client request and by a client to provide authentication information.</td><td> </td><td class="right">   client request and by a client to provide authentication information.</td><td class="lineno" valign="top"></td></tr>
    157157      <tr><td class="lineno" valign="top"></td><td class="left">   This document defines HTTP/1.1 authentication in terms of the</td><td> </td><td class="right">   This document defines HTTP/1.1 authentication in terms of the</td><td class="lineno" valign="top"></td></tr>
    158       <tr><td><a name="diff0008" /></td></tr>
    159       <tr><td class="lineno" valign="top"></td><td class="lblock">   architecture defined in <span class="delete">"Hypertext Transfer Protocol (HTTP/1.1):</span></td><td> </td><td class="rblock">   architecture defined in [RFC7230], including the general framework</td><td class="lineno" valign="top"></td></tr>
    160       <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Message Syntax and Routing"</span> [RFC7230], including the general</td><td> </td><td class="rblock">   previously described in [RFC2617] and the related fields and status</td><td class="lineno" valign="top"></td></tr>
    161       <tr><td class="lineno" valign="top"></td><td class="lblock">   framework previously described in <span class="delete">"HTTP Authentication: Basic and</span></td><td> </td><td class="rblock">   codes previously defined in [RFC2616].</td><td class="lineno" valign="top"></td></tr>
    162       <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Digest Access Authentication"</span> [RFC2617] and the related fields and</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
    163       <tr><td class="lineno" valign="top"></td><td class="lblock">   status codes previously defined in <span class="delete">"Hypertext Transfer Protocol --</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
    164       <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   HTTP/1.1"</span> [RFC2616].</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
    165       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    166       <tr><td class="lineno" valign="top"></td><td class="left">   The IANA Authentication Scheme Registry (Section 5.1) lists</td><td> </td><td class="right">   The IANA Authentication Scheme Registry (Section 5.1) lists</td><td class="lineno" valign="top"></td></tr>
    167       <tr><td class="lineno" valign="top"></td><td class="left">   registered authentication schemes and their corresponding</td><td> </td><td class="right">   registered authentication schemes and their corresponding</td><td class="lineno" valign="top"></td></tr>
    168       <tr><td class="lineno" valign="top"></td><td class="left">   specifications, including the "basic" and "digest" authentication</td><td> </td><td class="right">   specifications, including the "basic" and "digest" authentication</td><td class="lineno" valign="top"></td></tr>
    169       <tr><td class="lineno" valign="top"></td><td class="left">   schemes previously defined by RFC 2617.</td><td> </td><td class="right">   schemes previously defined by RFC 2617.</td><td class="lineno" valign="top"></td></tr>
    170       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    171       <tr><td class="lineno" valign="top"></td><td class="left">1.1.  Conformance and Error Handling</td><td> </td><td class="right">1.1.  Conformance and Error Handling</td><td class="lineno" valign="top"></td></tr>
    172       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    173       <tr><td class="lineno" valign="top"></td><td class="left">   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",</td><td> </td><td class="right">   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",</td><td class="lineno" valign="top"></td></tr>
    174       <tr><td class="lineno" valign="top"></td><td class="left">   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this</td><td> </td><td class="right">   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this</td><td class="lineno" valign="top"></td></tr>
    175       <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    176       <tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 10, line 28</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 9, line 15</em></th><td></td></tr>
    177       <tr><td class="lineno" valign="top"></td><td class="left">   the Proxy-Authorization header field is consumed by the first inbound</td><td> </td><td class="right">   the Proxy-Authorization header field is consumed by the first inbound</td><td class="lineno" valign="top"></td></tr>
    178       <tr><td class="lineno" valign="top"></td><td class="left">   proxy that was expecting to receive credentials.  A proxy MAY relay</td><td> </td><td class="right">   proxy that was expecting to receive credentials.  A proxy MAY relay</td><td class="lineno" valign="top"></td></tr>
     158      <tr><td class="lineno" valign="top"></td><td class="left">   architecture defined in "Hypertext Transfer Protocol (HTTP/1.1):</td><td> </td><td class="right">   architecture defined in "Hypertext Transfer Protocol (HTTP/1.1):</td><td class="lineno" valign="top"></td></tr>
     159      <tr><td class="lineno" valign="top"></td><td class="left">   Message Syntax and Routing" [RFC7230], including the general</td><td> </td><td class="right">   Message Syntax and Routing" [RFC7230], including the general</td><td class="lineno" valign="top"></td></tr>
     160      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
     161      <tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 10, line 30</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 9, line 30</em></th><td></td></tr>
    179162      <tr><td class="lineno" valign="top"></td><td class="left">   the credentials from the client request to the next proxy if that is</td><td> </td><td class="right">   the credentials from the client request to the next proxy if that is</td><td class="lineno" valign="top"></td></tr>
    180163      <tr><td class="lineno" valign="top"></td><td class="left">   the mechanism by which the proxies cooperatively authenticate a given</td><td> </td><td class="right">   the mechanism by which the proxies cooperatively authenticate a given</td><td class="lineno" valign="top"></td></tr>
     
    185168      <tr><td class="lineno" valign="top"></td><td class="left">5.1.  Authentication Scheme Registry</td><td> </td><td class="right">5.1.  Authentication Scheme Registry</td><td class="lineno" valign="top"></td></tr>
    186169      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    187       <tr><td><a name="diff0009" /></td></tr>
    188       <tr><td class="lineno" valign="top"></td><td class="lblock">   The <span class="delete">"Hypertext Transfer Protocol (HTTP)</span> Authentication <span class="delete">Scheme</span></td><td> </td><td class="rblock">   The <span class="insert">"HTTP</span> Authentication <span class="insert">Schemes" registry</span> defines the <span class="insert">name space</span> for</td><td class="lineno" valign="top"></td></tr>
    189       <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   Registry"</span> defines the <span class="delete">namespace</span> for the authentication schemes in</td><td> </td><td class="rblock">   the authentication schemes in challenges and credentials.  <span class="insert">The</span></td><td class="lineno" valign="top"></td></tr>
    190       <tr><td class="lineno" valign="top"></td><td class="lblock">   challenges and credentials.  <span class="delete">It will</span> has been created and is now</td><td> </td><td class="rblock"><span class="insert">   registry</span> has been created and is now maintained at</td><td class="lineno" valign="top"></td></tr>
    191       <tr><td class="lineno" valign="top"></td><td class="lblock">   maintained at &lt;http://www.iana.org/assignments/http-authschemes&gt;.</td><td> </td><td class="rblock">  &lt;http://www.iana.org/assignments/http-authschemes&gt;.</td><td class="lineno" valign="top"></td></tr>
     170      <tr><td class="lineno" valign="top"></td><td class="left">   The "Hypertext Transfer Protocol (HTTP) Authentication Scheme</td><td> </td><td class="right">   The "Hypertext Transfer Protocol (HTTP) Authentication Scheme</td><td class="lineno" valign="top"></td></tr>
     171      <tr><td class="lineno" valign="top"></td><td class="left">   Registry" defines the namespace for the authentication schemes in</td><td> </td><td class="right">   Registry" defines the namespace for the authentication schemes in</td><td class="lineno" valign="top"></td></tr>
     172      <tr><td><a name="diff0008" /></td></tr>
     173      <tr><td class="lineno" valign="top"></td><td class="lblock">   challenges and credentials.  It <span class="delete">will </span>has been created and is now</td><td> </td><td class="rblock">   challenges and credentials.  It has been created and is now</td><td class="lineno" valign="top"></td></tr>
     174      <tr><td class="lineno" valign="top"></td><td class="left">   maintained at &lt;http://www.iana.org/assignments/http-authschemes&gt;.</td><td> </td><td class="right">   maintained at &lt;http://www.iana.org/assignments/http-authschemes&gt;.</td><td class="lineno" valign="top"></td></tr>
    192175      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    193176      <tr><td class="lineno" valign="top"></td><td class="left">5.1.1.  Procedure</td><td> </td><td class="right">5.1.1.  Procedure</td><td class="lineno" valign="top"></td></tr>
     
    199182      <tr><td class="lineno" valign="top"></td><td class="left">   o  Pointer to specification text</td><td> </td><td class="right">   o  Pointer to specification text</td><td class="lineno" valign="top"></td></tr>
    200183      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    201       <tr><td class="lineno" valign="top"></td><td class="left">   o  Notes (optional)</td><td> </td><td class="right">   o  Notes (optional)</td><td class="lineno" valign="top"></td></tr>
    202       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    203       <tr><td><a name="diff0010" /></td></tr>
    204       <tr><td class="lineno" valign="top"></td><td class="lblock">   Values to be added to this namespace require IETF Review (see</td><td> </td><td class="rblock">   Values to be added to this name<span class="insert"> </span>space require IETF Review (see</td><td class="lineno" valign="top"></td></tr>
    205       <tr><td class="lineno" valign="top"></td><td class="left">   [RFC5226], Section 4.1).</td><td> </td><td class="right">   [RFC5226], Section 4.1).</td><td class="lineno" valign="top"></td></tr>
    206       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    207       <tr><td class="lineno" valign="top"></td><td class="left">5.1.2.  Considerations for New Authentication Schemes</td><td> </td><td class="right">5.1.2.  Considerations for New Authentication Schemes</td><td class="lineno" valign="top"></td></tr>
    208       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    209       <tr><td class="lineno" valign="top"></td><td class="left">   There are certain aspects of the HTTP Authentication Framework that</td><td> </td><td class="right">   There are certain aspects of the HTTP Authentication Framework that</td><td class="lineno" valign="top"></td></tr>
    210       <tr><td class="lineno" valign="top"></td><td class="left">   put constraints on how new authentication schemes can work:</td><td> </td><td class="right">   put constraints on how new authentication schemes can work:</td><td class="lineno" valign="top"></td></tr>
    211       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    212       <tr><td class="lineno" valign="top"></td><td class="left">   o  HTTP authentication is presumed to be stateless: all of the</td><td> </td><td class="right">   o  HTTP authentication is presumed to be stateless: all of the</td><td class="lineno" valign="top"></td></tr>
    213       <tr><td class="lineno" valign="top"></td><td class="left">      information necessary to authenticate a request MUST be provided</td><td> </td><td class="right">      information necessary to authenticate a request MUST be provided</td><td class="lineno" valign="top"></td></tr>
    214       <tr><td class="lineno" valign="top"></td><td class="left">      in the request, rather than be dependent on the server remembering</td><td> </td><td class="right">      in the request, rather than be dependent on the server remembering</td><td class="lineno" valign="top"></td></tr>
    215       <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    216       <tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 12, line 15</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 11, line 7</em></th><td></td></tr>
    217       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    218       <tr><td class="lineno" valign="top"></td><td class="left">      Therefore, new authentication schemes that choose not to carry</td><td> </td><td class="right">      Therefore, new authentication schemes that choose not to carry</td><td class="lineno" valign="top"></td></tr>
    219       <tr><td class="lineno" valign="top"></td><td class="left">      credentials in the Authorization header field (e.g., using a newly</td><td> </td><td class="right">      credentials in the Authorization header field (e.g., using a newly</td><td class="lineno" valign="top"></td></tr>
    220       <tr><td class="lineno" valign="top"></td><td class="left">      defined header field) will need to explicitly disallow caching, by</td><td> </td><td class="right">      defined header field) will need to explicitly disallow caching, by</td><td class="lineno" valign="top"></td></tr>
    221       <tr><td class="lineno" valign="top"></td><td class="left">      mandating the use of either Cache-Control request directives</td><td> </td><td class="right">      mandating the use of either Cache-Control request directives</td><td class="lineno" valign="top"></td></tr>
    222       <tr><td class="lineno" valign="top"></td><td class="left">      (e.g., "no-store", Section 5.2.1.5 of [RFC7234]) or response</td><td> </td><td class="right">      (e.g., "no-store", Section 5.2.1.5 of [RFC7234]) or response</td><td class="lineno" valign="top"></td></tr>
    223       <tr><td class="lineno" valign="top"></td><td class="left">      directives (e.g., "private").</td><td> </td><td class="right">      directives (e.g., "private").</td><td class="lineno" valign="top"></td></tr>
    224       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    225       <tr><td class="lineno" valign="top"></td><td class="left">5.2.  Status Code Registration</td><td> </td><td class="right">5.2.  Status Code Registration</td><td class="lineno" valign="top"></td></tr>
    226       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    227       <tr><td><a name="diff0011" /></td></tr>
    228       <tr><td class="lineno" valign="top"></td><td class="lblock">   The <span class="delete">"Hypertext Transfer Protocol (HTTP)</span> Status Code <span class="delete">Registry"</span> located</td><td> </td><td class="rblock">   The <span class="insert">HTTP</span> Status Code <span class="insert">Registry</span> located at</td><td class="lineno" valign="top"></td></tr>
    229       <tr><td class="lineno" valign="top"></td><td class="lblock">   at &lt;http://www.iana.org/assignments/http-status-codes&gt; <span class="delete">has been</span></td><td> </td><td class="rblock">   &lt;http://www.iana.org/assignments/http-status-codes&gt; <span class="insert">shall be</span> updated</td><td class="lineno" valign="top"></td></tr>
    230       <tr><td class="lineno" valign="top"></td><td class="lblock">   updated with the registrations below:</td><td> </td><td class="rblock">   with the registrations below:</td><td class="lineno" valign="top"></td></tr>
    231       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    232       <tr><td class="lineno" valign="top"></td><td class="left">   +-------+-------------------------------+-------------+</td><td> </td><td class="right">   +-------+-------------------------------+-------------+</td><td class="lineno" valign="top"></td></tr>
    233       <tr><td class="lineno" valign="top"></td><td class="left">   | Value | Description                   | Reference   |</td><td> </td><td class="right">   | Value | Description                   | Reference   |</td><td class="lineno" valign="top"></td></tr>
    234       <tr><td class="lineno" valign="top"></td><td class="left">   +-------+-------------------------------+-------------+</td><td> </td><td class="right">   +-------+-------------------------------+-------------+</td><td class="lineno" valign="top"></td></tr>
    235       <tr><td class="lineno" valign="top"></td><td class="left">   | 401   | Unauthorized                  | Section 3.1 |</td><td> </td><td class="right">   | 401   | Unauthorized                  | Section 3.1 |</td><td class="lineno" valign="top"></td></tr>
    236       <tr><td class="lineno" valign="top"></td><td class="left">   | 407   | Proxy Authentication Required | Section 3.2 |</td><td> </td><td class="right">   | 407   | Proxy Authentication Required | Section 3.2 |</td><td class="lineno" valign="top"></td></tr>
    237       <tr><td class="lineno" valign="top"></td><td class="left">   +-------+-------------------------------+-------------+</td><td> </td><td class="right">   +-------+-------------------------------+-------------+</td><td class="lineno" valign="top"></td></tr>
    238       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    239       <tr><td class="lineno" valign="top"></td><td class="left">5.3.  Header Field Registration</td><td> </td><td class="right">5.3.  Header Field Registration</td><td class="lineno" valign="top"></td></tr>
    240       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    241       <tr><td><a name="diff0012" /></td></tr>
    242       <tr><td class="lineno" valign="top"></td><td class="lblock">   HTTP header fields are registered within the <span class="delete">"Message Headers"</span></td><td> </td><td class="rblock">   HTTP header fields are registered within the <span class="insert">Message Header Field</span></td><td class="lineno" valign="top"></td></tr>
    243       <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   registry</span> maintained at</td><td> </td><td class="rblock"><span class="insert">   Registry</span> maintained at</td><td class="lineno" valign="top"></td></tr>
    244       <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">&lt;http://www.iana.org/assignments/message-headers/&gt;.</span></td><td> </td><td class="rblock">   <span class="insert">&lt;http://www.iana.org/assignments/message-headers&gt;.</span></td><td class="lineno" valign="top"></td></tr>
    245       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    246       <tr><td><a name="diff0013" /></td></tr>
    247       <tr><td class="lineno" valign="top"></td><td class="lblock">   This document defines the following HTTP header fields, so <span class="delete">the</span></td><td> </td><td class="rblock">   This document defines the following HTTP header fields, so <span class="insert">their</span></td><td class="lineno" valign="top"></td></tr>
    248       <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">   "Permanent Message Header Field Names"</span> registry <span class="delete">has</span> been updated</td><td> </td><td class="rblock"><span class="insert">   associated</span> registry <span class="insert">entries have</span> been updated <span class="insert">according to the</span></td><td class="lineno" valign="top"></td></tr>
    249       <tr><td class="lineno" valign="top"></td><td class="lblock">   <span class="delete">accordingly</span> (see <span class="delete">[BCP90]).</span></td><td> </td><td class="rblock"><span class="insert">   permanent registrations below</span> (see <span class="insert">[BCP90]):</span></td><td class="lineno" valign="top"></td></tr>
    250       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    251       <tr><td class="lineno" valign="top"></td><td class="left">   +---------------------+----------+----------+-------------+</td><td> </td><td class="right">   +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
    252       <tr><td class="lineno" valign="top"></td><td class="left">   | Header Field Name   | Protocol | Status   | Reference   |</td><td> </td><td class="right">   | Header Field Name   | Protocol | Status   | Reference   |</td><td class="lineno" valign="top"></td></tr>
    253       <tr><td class="lineno" valign="top"></td><td class="left">   +---------------------+----------+----------+-------------+</td><td> </td><td class="right">   +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
    254       <tr><td class="lineno" valign="top"></td><td class="left">   | Authorization       | http     | standard | Section 4.2 |</td><td> </td><td class="right">   | Authorization       | http     | standard | Section 4.2 |</td><td class="lineno" valign="top"></td></tr>
    255       <tr><td class="lineno" valign="top"></td><td class="left">   | Proxy-Authenticate  | http     | standard | Section 4.3 |</td><td> </td><td class="right">   | Proxy-Authenticate  | http     | standard | Section 4.3 |</td><td class="lineno" valign="top"></td></tr>
    256       <tr><td class="lineno" valign="top"></td><td class="left">   | Proxy-Authorization | http     | standard | Section 4.4 |</td><td> </td><td class="right">   | Proxy-Authorization | http     | standard | Section 4.4 |</td><td class="lineno" valign="top"></td></tr>
    257       <tr><td class="lineno" valign="top"></td><td class="left">   | WWW-Authenticate    | http     | standard | Section 4.1 |</td><td> </td><td class="right">   | WWW-Authenticate    | http     | standard | Section 4.1 |</td><td class="lineno" valign="top"></td></tr>
    258       <tr><td class="lineno" valign="top"></td><td class="left">   +---------------------+----------+----------+-------------+</td><td> </td><td class="right">   +---------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr>
    259       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    260       <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    261       <tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 13, line 33</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 12, line 23</em></th><td></td></tr>
    262       <tr><td class="lineno" valign="top"></td><td class="left">   authentication scheme defines how the credentials are encoded prior</td><td> </td><td class="right">   authentication scheme defines how the credentials are encoded prior</td><td class="lineno" valign="top"></td></tr>
    263       <tr><td class="lineno" valign="top"></td><td class="left">   to transmission.  While this provides flexibility for the development</td><td> </td><td class="right">   to transmission.  While this provides flexibility for the development</td><td class="lineno" valign="top"></td></tr>
    264       <tr><td class="lineno" valign="top"></td><td class="left">   of future authentication schemes, it is inadequate for the protection</td><td> </td><td class="right">   of future authentication schemes, it is inadequate for the protection</td><td class="lineno" valign="top"></td></tr>
    265       <tr><td class="lineno" valign="top"></td><td class="left">   of existing schemes that provide no confidentiality on their own, or</td><td> </td><td class="right">   of existing schemes that provide no confidentiality on their own, or</td><td class="lineno" valign="top"></td></tr>
    266       <tr><td class="lineno" valign="top"></td><td class="left">   that do not sufficiently protect against replay attacks.</td><td> </td><td class="right">   that do not sufficiently protect against replay attacks.</td><td class="lineno" valign="top"></td></tr>
    267       <tr><td class="lineno" valign="top"></td><td class="left">   Furthermore, if the server expects credentials that are specific to</td><td> </td><td class="right">   Furthermore, if the server expects credentials that are specific to</td><td class="lineno" valign="top"></td></tr>
    268       <tr><td class="lineno" valign="top"></td><td class="left">   each individual user, the exchange of those credentials will have the</td><td> </td><td class="right">   each individual user, the exchange of those credentials will have the</td><td class="lineno" valign="top"></td></tr>
    269       <tr><td class="lineno" valign="top"></td><td class="left">   effect of identifying that user even if the content within</td><td> </td><td class="right">   effect of identifying that user even if the content within</td><td class="lineno" valign="top"></td></tr>
    270       <tr><td class="lineno" valign="top"></td><td class="left">   credentials remains confidential.</td><td> </td><td class="right">   credentials remains confidential.</td><td class="lineno" valign="top"></td></tr>
    271       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    272       <tr><td><a name="diff0014" /></td></tr>
    273       <tr><td class="lineno" valign="top"></td><td class="lblock">   HTTP depends on the security properties of the underlying transport<span class="delete">-</span></td><td> </td><td class="rblock">   HTTP depends on the security properties of the underlying transport</td><td class="lineno" valign="top"></td></tr>
    274       <tr><td class="lineno" valign="top"></td><td class="left">   or session-level connection to provide confidential transmission of</td><td> </td><td class="right">   or session-level connection to provide confidential transmission of</td><td class="lineno" valign="top"></td></tr>
    275       <tr><td class="lineno" valign="top"></td><td class="left">   header fields.  In other words, if a server limits access to</td><td> </td><td class="right">   header fields.  In other words, if a server limits access to</td><td class="lineno" valign="top"></td></tr>
    276       <tr><td class="lineno" valign="top"></td><td class="left">   authenticated users using this framework, the server needs to ensure</td><td> </td><td class="right">   authenticated users using this framework, the server needs to ensure</td><td class="lineno" valign="top"></td></tr>
    277       <tr><td class="lineno" valign="top"></td><td class="left">   that the connection is properly secured in accordance with the nature</td><td> </td><td class="right">   that the connection is properly secured in accordance with the nature</td><td class="lineno" valign="top"></td></tr>
    278       <tr><td class="lineno" valign="top"></td><td class="left">   of the authentication scheme used.  For example, services that depend</td><td> </td><td class="right">   of the authentication scheme used.  For example, services that depend</td><td class="lineno" valign="top"></td></tr>
    279       <tr><td class="lineno" valign="top"></td><td class="left">   on individual user authentication often require a connection to be</td><td> </td><td class="right">   on individual user authentication often require a connection to be</td><td class="lineno" valign="top"></td></tr>
    280       <tr><td class="lineno" valign="top"></td><td class="left">   secured with TLS ("Transport Layer Security", [RFC5246]) prior to</td><td> </td><td class="right">   secured with TLS ("Transport Layer Security", [RFC5246]) prior to</td><td class="lineno" valign="top"></td></tr>
    281       <tr><td class="lineno" valign="top"></td><td class="left">   exchanging any credentials.</td><td> </td><td class="right">   exchanging any credentials.</td><td class="lineno" valign="top"></td></tr>
    282       <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    283       <tr><td class="lineno" valign="top"></td><td class="left">6.2.  Authentication Credentials and Idle Clients</td><td> </td><td class="right">6.2.  Authentication Credentials and Idle Clients</td><td class="lineno" valign="top"></td></tr>
    284       <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    285       <tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 15, line 14</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 14, line 5</em></th><td></td></tr>
     184      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
     185      <tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 15, line 14</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 14, line 14</em></th><td></td></tr>
    286186      <tr><td class="lineno" valign="top"></td><td class="left">8.1.  Normative References</td><td> </td><td class="right">8.1.  Normative References</td><td class="lineno" valign="top"></td></tr>
    287187      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     
    294194      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td> </td><td class="right">   [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td class="lineno" valign="top"></td></tr>
    295195      <tr><td class="lineno" valign="top"></td><td class="left">              Protocol (HTTP/1.1): Message Syntax and Routing",</td><td> </td><td class="right">              Protocol (HTTP/1.1): Message Syntax and Routing",</td><td class="lineno" valign="top"></td></tr>
    296       <tr><td><a name="diff0015" /></td></tr>
     196      <tr><td><a name="diff0009" /></td></tr>
    297197      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">draft-ietf-httpbis-p1-messaging-latest (work in progress),</span></td><td> </td><td class="rblock">              <span class="insert">RFC 7230,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
    298198      <tr><td class="lineno" valign="top"></td><td class="lblock">              May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
    299199      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    300200      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7231]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td> </td><td class="right">   [RFC7231]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer</td><td class="lineno" valign="top"></td></tr>
    301       <tr><td><a name="diff0016" /></td></tr>
     201      <tr><td><a name="diff0010" /></td></tr>
    302202      <tr><td class="lineno" valign="top"></td><td class="lblock">              Protocol (HTTP/1.1): Semantics and Content",</td><td> </td><td class="rblock">              Protocol (HTTP/1.1): Semantics and Content", <span class="insert">RFC 7231,</span></td><td class="lineno" valign="top"></td></tr>
    303203      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">draft-ietf-httpbis-p2-semantics-latest (work in progress),</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
     
    306206      <tr><td class="lineno" valign="top"></td><td class="left">   [RFC7234]  Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,</td><td> </td><td class="right">   [RFC7234]  Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,</td><td class="lineno" valign="top"></td></tr>
    307207      <tr><td class="lineno" valign="top"></td><td class="left">              Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",</td><td> </td><td class="right">              Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",</td><td class="lineno" valign="top"></td></tr>
    308       <tr><td><a name="diff0017" /></td></tr>
     208      <tr><td><a name="diff0011" /></td></tr>
    309209      <tr><td class="lineno" valign="top"></td><td class="lblock">              <span class="delete">draft-ietf-httpbis-p6-cache-latest (work in progress),</span></td><td> </td><td class="rblock">              <span class="insert">RFC 7234,</span> May 2014.</td><td class="lineno" valign="top"></td></tr>
    310210      <tr><td class="lineno" valign="top"></td><td class="lblock">              May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
     
    320220      <tr><td class="lineno" valign="top"></td><td class="left">              Security Project (OWASP) 2.0.1, July 2005,</td><td> </td><td class="right">              Security Project (OWASP) 2.0.1, July 2005,</td><td class="lineno" valign="top"></td></tr>
    321221      <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
    322       <tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 17, line 35</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 16, line 35</em></th><td></td></tr>
     222      <tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 17, line 35</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 16, line 35</em></th><td></td></tr>
    323223      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    324224      <tr><td class="lineno" valign="top"></td><td class="left">   quoted-string = &lt;quoted-string, see [RFC7230], Section 3.2.6&gt;</td><td> </td><td class="right">   quoted-string = &lt;quoted-string, see [RFC7230], Section 3.2.6&gt;</td><td class="lineno" valign="top"></td></tr>
     
    331231      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    332232      <tr><td class="lineno" valign="top"></td><td class="left">   4</td><td> </td><td class="right">   4</td><td class="lineno" valign="top"></td></tr>
    333       <tr><td><a name="diff0018" /></td></tr>
     233      <tr><td><a name="diff0012" /></td></tr>
    334234      <tr><td class="lineno" valign="top"></td><td class="lblock">      401 Unauthorized (status code)  <span class="delete">7</span></td><td> </td><td class="rblock">      401 Unauthorized (status code)  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
    335235      <tr><td class="lineno" valign="top"></td><td class="lblock">      407 Proxy Authentication Required (status code)  <span class="delete">7</span></td><td> </td><td class="rblock">      407 Proxy Authentication Required (status code)  <span class="insert">6</span></td><td class="lineno" valign="top"></td></tr>
    336236      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    337237      <tr><td class="lineno" valign="top"></td><td class="left">   A</td><td> </td><td class="right">   A</td><td class="lineno" valign="top"></td></tr>
    338       <tr><td><a name="diff0019" /></td></tr>
    339       <tr><td class="lineno" valign="top"></td><td class="lblock">      Authorization header field  <span class="delete">9</span></td><td> </td><td class="rblock">      Authorization header field  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
     238      <tr><td><a name="diff0013" /></td></tr>
     239      <tr><td class="lineno" valign="top"></td><td class="lblock">      Authorization header field  <span class="delete">9</span></td><td> </td><td class="rblock">      Authorization header field  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
    340240      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    341241      <tr><td class="lineno" valign="top"></td><td class="left">   C</td><td> </td><td class="right">   C</td><td class="lineno" valign="top"></td></tr>
    342       <tr><td><a name="diff0020" /></td></tr>
     242      <tr><td><a name="diff0014" /></td></tr>
    343243      <tr><td class="lineno" valign="top"></td><td class="lblock">      Canonical Root URI  <span class="delete">6</span></td><td> </td><td class="rblock">      Canonical Root URI  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
    344244      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    345245      <tr><td class="lineno" valign="top"></td><td class="left">   G</td><td> </td><td class="right">   G</td><td class="lineno" valign="top"></td></tr>
    346246      <tr><td class="lineno" valign="top"></td><td class="left">      Grammar</td><td> </td><td class="right">      Grammar</td><td class="lineno" valign="top"></td></tr>
    347       <tr><td><a name="diff0021" /></td></tr>
     247      <tr><td><a name="diff0015" /></td></tr>
    348248      <tr><td class="lineno" valign="top"></td><td class="lblock">         auth-param  <span class="delete">5</span></td><td> </td><td class="rblock">         auth-param  <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
    349249      <tr><td class="lineno" valign="top"></td><td class="lblock">         auth-scheme  <span class="delete">5</span></td><td> </td><td class="rblock">         auth-scheme  <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
    350       <tr><td class="lineno" valign="top"></td><td class="lblock">         Authorization  <span class="delete">9</span></td><td> </td><td class="rblock">         Authorization  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
     250      <tr><td class="lineno" valign="top"></td><td class="lblock">         Authorization  <span class="delete">9</span></td><td> </td><td class="rblock">         Authorization  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
    351251      <tr><td class="lineno" valign="top"></td><td class="lblock">         challenge  <span class="delete">5</span></td><td> </td><td class="rblock">         challenge  <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
    352252      <tr><td class="lineno" valign="top"></td><td class="lblock">         credentials  <span class="delete">6</span></td><td> </td><td class="rblock">         credentials  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
    353253      <tr><td class="lineno" valign="top"></td><td class="lblock">         Proxy-Authenticate  <span class="delete">9</span></td><td> </td><td class="rblock">         Proxy-Authenticate  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
    354       <tr><td class="lineno" valign="top"></td><td class="lblock">         Proxy-Authorization  <span class="delete">10</span></td><td> </td><td class="rblock">         Proxy-Authorization  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
     254      <tr><td class="lineno" valign="top"></td><td class="lblock">         Proxy-Authorization  <span class="delete">10</span></td><td> </td><td class="rblock">         Proxy-Authorization  <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
    355255      <tr><td class="lineno" valign="top"></td><td class="lblock">         token68  <span class="delete">5</span></td><td> </td><td class="rblock">         token68  <span class="insert">4</span></td><td class="lineno" valign="top"></td></tr>
    356256      <tr><td class="lineno" valign="top"></td><td class="lblock">         WWW-Authenticate  <span class="delete">8</span></td><td> </td><td class="rblock">         WWW-Authenticate  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
    357257      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    358258      <tr><td class="lineno" valign="top"></td><td class="left">   P</td><td> </td><td class="right">   P</td><td class="lineno" valign="top"></td></tr>
    359       <tr><td><a name="diff0022" /></td></tr>
     259      <tr><td><a name="diff0016" /></td></tr>
    360260      <tr><td class="lineno" valign="top"></td><td class="lblock">      Protection Space  <span class="delete">6</span></td><td> </td><td class="rblock">      Protection Space  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
    361261      <tr><td class="lineno" valign="top"></td><td class="lblock">      Proxy-Authenticate header field  <span class="delete">9</span></td><td> </td><td class="rblock">      Proxy-Authenticate header field  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
    362       <tr><td class="lineno" valign="top"></td><td class="lblock">      Proxy-Authorization header field  <span class="delete">10</span></td><td> </td><td class="rblock">      Proxy-Authorization header field  <span class="insert">8</span></td><td class="lineno" valign="top"></td></tr>
     262      <tr><td class="lineno" valign="top"></td><td class="lblock">      Proxy-Authorization header field  <span class="delete">10</span></td><td> </td><td class="rblock">      Proxy-Authorization header field  <span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
    363263      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    364264      <tr><td class="lineno" valign="top"></td><td class="left">   R</td><td> </td><td class="right">   R</td><td class="lineno" valign="top"></td></tr>
    365       <tr><td><a name="diff0023" /></td></tr>
     265      <tr><td><a name="diff0017" /></td></tr>
    366266      <tr><td class="lineno" valign="top"></td><td class="lblock">      Realm  <span class="delete">6</span></td><td> </td><td class="rblock">      Realm  <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
    367267      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
    368268      <tr><td class="lineno" valign="top"></td><td class="left">   W</td><td> </td><td class="right">   W</td><td class="lineno" valign="top"></td></tr>
    369       <tr><td><a name="diff0024" /></td></tr>
     269      <tr><td><a name="diff0018" /></td></tr>
    370270      <tr><td class="lineno" valign="top"></td><td class="lblock">      WWW-Authenticate header field  <span class="delete">8</span></td><td> </td><td class="rblock">      WWW-Authenticate header field  <span class="insert">7</span></td><td class="lineno" valign="top"></td></tr>
    371271      <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
     
    381281
    382282     <tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr>
    383      <tr bgcolor="gray"><th colspan="5" align="center"><a name="end">&nbsp;End of changes. 24 change blocks.&nbsp;</a></th></tr>
    384      <tr class="stats"><td></td><th><i>110 lines changed or deleted</i></th><th><i> </i></th><th><i>86 lines changed or added</i></th><td></td></tr>
     283     <tr bgcolor="gray"><th colspan="5" align="center"><a name="end">&nbsp;End of changes. 18 change blocks.&nbsp;</a></th></tr>
     284     <tr class="stats"><td></td><th><i>90 lines changed or deleted</i></th><th><i> </i></th><th><i>69 lines changed or added</i></th><td></td></tr>
    385285     <tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.38. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr>
    386286   </table>
Note: See TracChangeset for help on using the changeset viewer.