Opened 8 years ago

Closed 7 years ago

#321 closed design (fixed)

Repeating auth-params

Reported by: julian.reschke@… Owned by: draft-ietf-httpbis-p7-auth@…
Priority: normal Milestone: 18
Component: p7-auth Severity: Active WG Document
Keywords: Cc:

Description

We need to add a statement about what it means if a specific auth-param occurs more than once in a challenge; in particular for "realm" (ack James Manger)

Attachments (1)

321.diff (1.6 KB) - added by julian.reschke@… 8 years ago.
Proposed patch

Download all attachments as: .zip

Change History (9)

comment:1 Changed 8 years ago by julian.reschke@…

comment:2 Changed 8 years ago by mnot@…

There seems to be little interop. Can we engage Chrome and see what they think about changing?

Depending upon that, we can either

  1. say there's no interop explicitly
  2. specify that the first one is to be used

If we can get interop, it'd be nice to define this generically for parameters -- but that's a bigger ask...

comment:3 Changed 8 years ago by julian.reschke@…

I don't think it'll be easy to get interop for this, because:

a) in practice, it doesn't matter (nobody relies on it),

b) it's easy to break unintentionally (in FF, the behavior for C-d/filename changed twice over the last four releases due to other changes)

So I believe this is one of those where we should just state it's invalid.

comment:4 Changed 8 years ago by mnot@…

OK, why don't we:

  1. state that it's invalid
  2. add a note to the parameters micro syntax (#266) stating that each parameter should only occur once, and that there isn't interop when implementations receive multiple parameters with the same name

Changed 8 years ago by julian.reschke@…

Proposed patch

comment:5 Changed 8 years ago by julian.reschke@…

From [1473]:

State that auth param names are case-insensitive, and that each name must only occur once per challenge (see #321)

comment:6 Changed 8 years ago by julian.reschke@…

  • Milestone changed from unassigned to 18
  • Resolution set to incorporated
  • Status changed from new to closed

comment:7 Changed 7 years ago by mnot@…

  • Resolution incorporated deleted
  • Status changed from closed to reopened

comment:8 Changed 7 years ago by mnot@…

  • Resolution set to fixed
  • Status changed from reopened to closed
Note: See TracTickets for help on using tickets.