* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Changeset 1324


Ignore:
Timestamp:
2011-07-04 09:12:46 (3 years ago)
Author:
julian.reschke@gmx.de
Message:

mention NTLM as something that violates the stalessness requirement (see #288)

Location:
draft-ietf-httpbis/latest
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p1-messaging.html

    r1323 r1324  
    359359  }  
    360360  @bottom-center { 
    361        content: "Expires January 2, 2012";  
     361       content: "Expires January 5, 2012";  
    362362  }  
    363363  @bottom-right { 
     
    410410      <meta name="dct.creator" content="Reschke, J. F."> 
    411411      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p1-messaging-latest"> 
    412       <meta name="dct.issued" scheme="ISO8601" content="2011-07-01"> 
     412      <meta name="dct.issued" scheme="ISO8601" content="2011-07-04"> 
    413413      <meta name="dct.replaces" content="urn:ietf:rfc:2145"> 
    414414      <meta name="dct.replaces" content="urn:ietf:rfc:2616"> 
     
    442442            </tr> 
    443443            <tr> 
    444                <td class="left">Expires: January 2, 2012</td> 
     444               <td class="left">Expires: January 5, 2012</td> 
    445445               <td class="right">HP</td> 
    446446            </tr> 
     
    495495            <tr> 
    496496               <td class="left"></td> 
    497                <td class="right">July 1, 2011</td> 
     497               <td class="right">July 4, 2011</td> 
    498498            </tr> 
    499499         </tbody> 
     
    525525         in progress”. 
    526526      </p> 
    527       <p>This Internet-Draft will expire on January 2, 2012.</p> 
     527      <p>This Internet-Draft will expire on January 5, 2012.</p> 
    528528      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 
    529529      <p>Copyright © 2011 IETF Trust and the persons identified as the document authors. All rights reserved.</p> 
     
    938938      </p> 
    939939      <p id="rfc.section.2.2.p.3">Recipients <em class="bcp14">MUST</em> consider every message in a connection in isolation; because HTTP is a stateless protocol, it cannot be assumed that two requests 
    940          on the same connection are from the same client or share any other common attributes. 
     940         on the same connection are from the same client or share any other common attributes. In particular, intermediaries might 
     941         mix requests from different clients into a single server connection. Note that some existing HTTP extensions (e.g., <a href="#RFC4559" id="rfc.xref.RFC4559.1"><cite title="SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows">[RFC4559]</cite></a>) violate this requirement, thereby potentially causing interoperability and security problems. 
    941942      </p> 
    942943      <h2 id="rfc.section.2.3"><a href="#rfc.section.2.3">2.3</a>&nbsp;<a id="transport-independence" href="#transport-independence">Connections and Transport Independence</a></h2> 
     
    28492850      <h2 id="rfc.references.2"><a href="#rfc.section.13.2" id="rfc.section.13.2">13.2</a> Informative References 
    28502851      </h2> 
    2851       <table>                                                   
     2852      <table>                                                     
    28522853         <tr> 
    28532854            <td class="reference"><b id="BCP97">[BCP97]</b></td> 
     
    29492950            <td class="reference"><b id="RFC4395">[RFC4395]</b></td> 
    29502951            <td class="top"><a href="mailto:tony+urireg@maillennium.att.com" title="AT&amp;T Laboratories">Hansen, T.</a>, <a href="mailto:hardie@qualcomm.com" title="Qualcomm, Inc.">Hardie, T.</a>, and <a href="mailto:LMM@acm.org" title="Adobe Systems">L. Masinter</a>, “<a href="http://tools.ietf.org/html/rfc4395">Guidelines and Registration Procedures for New URI Schemes</a>”, BCP&nbsp;115, RFC&nbsp;4395, February&nbsp;2006. 
     2952            </td> 
     2953         </tr> 
     2954         <tr> 
     2955            <td class="reference"><b id="RFC4559">[RFC4559]</b></td> 
     2956            <td class="top">Jaganathan, K., Zhu, L., and J. Brezak, “<a href="http://tools.ietf.org/html/rfc4559">SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows</a>”, RFC&nbsp;4559, June&nbsp;2006. 
    29512957            </td> 
    29522958         </tr> 
     
    39223928                  <li><em>RFC4288</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC4288.1">10.3</a>, <a href="#RFC4288"><b>13.2</b></a></li> 
    39233929                  <li><em>RFC4395</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC4395.1">10.2</a>, <a href="#RFC4395"><b>13.2</b></a></li> 
     3930                  <li><em>RFC4559</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC4559.1">2.2</a>, <a href="#RFC4559"><b>13.2</b></a></li> 
    39243931                  <li><em>RFC5226</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC5226.1">6.2.3</a>, <a href="#rfc.xref.RFC5226.2">9.8.1</a>, <a href="#RFC5226"><b>13.2</b></a><ul> 
    39253932                        <li><em>Section 4.1</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC5226.1">6.2.3</a>, <a href="#rfc.xref.RFC5226.2">9.8.1</a></li> 
  • draft-ietf-httpbis/latest/p1-messaging.xml

    r1323 r1324  
    644644   because HTTP is a stateless protocol, it cannot be assumed that two requests 
    645645   on the same connection are from the same client or share any other common 
    646    attributes.  
     646   attributes. In particular, intermediaries might mix requests from different 
     647   clients into a single server connection. Note that some existing HTTP 
     648   extensions (e.g., <xref target="RFC4559"/>) violate this requirement, thereby 
     649   potentially causing interoperability and security problems. 
    647650</t> 
    648651</section> 
     
    47994802</reference> 
    48004803 
     4804<reference anchor='RFC4559'> 
     4805  <front> 
     4806    <title>SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows</title> 
     4807    <author initials='K.' surname='Jaganathan' fullname='K. Jaganathan'/> 
     4808    <author initials='L.' surname='Zhu' fullname='L. Zhu'/> 
     4809    <author initials='J.' surname='Brezak' fullname='J. Brezak'/> 
     4810    <date year='2006' month='June' /> 
     4811  </front> 
     4812  <seriesInfo name='RFC' value='4559' /> 
     4813</reference> 
     4814 
    48014815<reference anchor='RFC5226'> 
    48024816  <front> 
Note: See TracChangeset for help on using the changeset viewer.