Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#516 closed editorial (incorporated)

note about WWW-A parsing potentially misleading

Reported by: julian.reschke@… Owned by: draft-ietf-httpbis-p7-auth@…
Priority: normal Milestone: 25
Component: p7-auth Severity: In IETF LC
Keywords: Cc:

Description (last modified by julian.reschke@…)

<http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p7-auth-24.html#rfc.section.4.4>:

"User agents are advised to take special care in parsing the WWW-Authenticate field value as it might contain more than one challenge, or if more than one WWW-Authenticate header field is provided, the contents of a challenge itself can contain a comma-separated list of authentication parameters."

This is text that we copied from RFC 2616 (<http://greenbytes.de/tech/webdav/rfc2616.html#rfc.section.14.47>). However, isn't the

"...if more than one WWW-Authenticate header field is provided..."

incorrect?

What's contained in a challenge does not depend on the number of header field instances, after all.

(note that similar text appears one more time; we should also look into reducing duplication)

Change History (4)

comment:1 Changed 6 years ago by julian.reschke@…

  • Description modified (diff)

comment:2 Changed 6 years ago by julian.reschke@…

see [2455]

comment:3 Changed 6 years ago by julian.reschke@…

  • Milestone changed from unassigned to 25
  • Resolution set to incorporated
  • Status changed from new to closed

comment:4 Changed 6 years ago by julian.reschke@…

  • Severity changed from In WG Last Call to In IETF LC
Note: See TracTickets for help on using tickets.