Ignore:
Timestamp:
Sep 26, 2009, 3:09:09 AM (10 years ago)
Author:
julian.reschke@…
Message:

editorial: enhance readability of header introductions

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p7-auth.xml

    r697 r698  
    342342  <x:anchor-alias value="Authorization-v"/>
    343343<t>
    344    A user agent that wishes to authenticate itself with a server--
    345    usually, but not necessarily, after receiving a 401 response--does
    346    so by including an "Authorization" request-header field with the
    347    request.  The field value consists of credentials
    348    containing the authentication information of the user agent for
    349    the realm of the resource being requested.
     344   The "Authorization" request-header field allows a user agent to authenticate
     345   itself with a server -- usually, but not necessary, after receiving a 401
     346   (Unauthorized) response. Its value consists of credentials containing
     347   information of the user agent for the realm of the resource being
     348   requested.
    350349</t>
    351350<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Authorization"/><iref primary="true" item="Grammar" subitem="Authorization-v"/>
     
    354353</artwork></figure>
    355354<t>
    356       HTTP access authentication is described in "HTTP Authentication:
    357       Basic and Digest Access Authentication" <xref target="RFC2617"/>. If a request is
    358       authenticated and a realm specified, the same credentials &SHOULD;
    359       be valid for all other requests within this realm (assuming that
    360       the authentication scheme itself does not require otherwise, such
    361       as credentials that vary according to a challenge value or using
    362       synchronized clocks).
     355   HTTP access authentication is described in "HTTP Authentication:
     356   Basic and Digest Access Authentication" <xref target="RFC2617"/>. If a request is
     357   authenticated and a realm specified, the same credentials &SHOULD;
     358   be valid for all other requests within this realm (assuming that
     359   the authentication scheme itself does not require otherwise, such
     360   as credentials that vary according to a challenge value or using
     361   synchronized clocks).
    363362</t>
    364363<t>
     
    399398  <x:anchor-alias value="Proxy-Authenticate-v"/>
    400399<t>
    401    The "Proxy-Authenticate" response-header field &MUST; be included as part
    402    of a 407 (Proxy Authentication Required) response. The field value
    403    consists of a challenge that indicates the authentication scheme and
    404    parameters applicable to the proxy for this request-target.
     400   The "Proxy-Authenticate" response-header field consists of a challenge that
     401   indicates the authentication scheme and parameters applicable to the proxy
     402   for this request-target. It &MUST; be included as part
     403   of a 407 (Proxy Authentication Required) response.
    405404</t>
    406405<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Proxy-Authenticate"/><iref primary="true" item="Grammar" subitem="Proxy-Authenticate-v"/>
     
    429428   The "Proxy-Authorization" request-header field allows the client to
    430429   identify itself (or its user) to a proxy which requires
    431    authentication. The Proxy-Authorization field value consists of
     430   authentication. Its value consists of
    432431   credentials containing the authentication information of the user
    433432   agent for the proxy and/or realm of the resource being requested.
     
    458457  <x:anchor-alias value="WWW-Authenticate-v"/>
    459458<t>
    460    The "WWW-Authenticate" response-header field &MUST; be included in 401
    461    (Unauthorized) response messages. The field value consists of at
    462    least one challenge that indicates the authentication scheme(s) and
    463    parameters applicable to the request-target.
     459   The "WWW-Authenticate" response-header field consists of at least one
     460   challenge that indicates the authentication scheme(s) and parameters
     461   applicable to the request-target. It &MUST; be included in 401
     462   (Unauthorized) response messages.
    464463</t>
    465464<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="WWW-Authenticate"/><iref primary="true" item="Grammar" subitem="WWW-Authenticate-v"/>
Note: See TracChangeset for help on using the changeset viewer.