* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Ticket #320: 320.diff

File 320.diff, 2.1 KB (added by julian.reschke@gmx.de, 4 years ago)

Proposed patch

  • p7-auth.xml

    508508    </x:lt> 
    509509    <x:lt> 
    510510    <t> 
     511      The parsing of challenges and credentials is defined by this specification, 
     512      and cannot be modified by new authentication schemes. When the auth-param 
     513      syntax is used, all parameters ought to support both token and 
     514      quoted-string syntax, and syntactical constraints ought to be defined on 
     515      the field value after parsing (i.e., quoted-string processing). This is 
     516      necessary so that recipients can use a generic parser that applies to 
     517      all authentication schemes. 
     518    </t> 
     519    <t> 
     520      <x:h>Note:</x:h> the fact that the value syntax for the "realm" parameter 
     521      is restricted to quoted-string was a bad design choice not to be repeated 
     522      for new parameters. 
     523    </t> 
     524    </x:lt> 
     525    <x:lt> 
     526    <t> 
    511527      Authentication schemes need to document whether they are usable in 
    512528      origin-server authentication (i.e., using WWW-Authenticate), and/or 
    513529      proxy authentication (i.e., using Proxy-Authenticate). 
    700716   contents of a challenge itself can contain a comma-separated list of 
    701717   authentication parameters. 
     720  <preamble>For instance:</preamble> 
     721  <artwork type="example"> 
     722  WWW-Authenticate: Newauth realm="apps", type=1, 
     723                    title="Login to \"apps\"", Basic realm="simple" 
     725  <postamble> 
     726  This header field contains two challenges; one for the "Newauth" scheme 
     727  with a realm value of "apps", and two additional parameters "type" and 
     728  "title", and another one for the "Basic" scheme with a realm value of "simple". 
    14121439      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/186"/>: 
    14131440      "Document HTTP's error-handling philosophy" 
    14141441    </t> 
     1442    <t> 
     1443      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/320"/>: 
     1444      "add advice on defining auth scheme parameters" 
     1445    </t> 
    14151446  </list>