* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Changeset 1669


Ignore:
Timestamp:
2012-06-05 01:27:19 (3 years ago)
Author:
julian.reschke@gmx.de
Message:

Tune the requirements wrt selecting the strongest auth schemes (fixes #349)

Location:
draft-ietf-httpbis/latest
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p7-auth.html

    r1667 r1669  
    449449  }  
    450450  @bottom-center { 
    451        content: "Expires December 3, 2012";  
     451       content: "Expires December 7, 2012";  
    452452  }  
    453453  @bottom-right { 
     
    489489      <meta name="dct.creator" content="Reschke, J. F."> 
    490490      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p7-auth-latest"> 
    491       <meta name="dct.issued" scheme="ISO8601" content="2012-06-01"> 
     491      <meta name="dct.issued" scheme="ISO8601" content="2012-06-05"> 
    492492      <meta name="dct.replaces" content="urn:ietf:rfc:2616"> 
    493493      <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 7 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 7 defines the HTTP Authentication framework."> 
     
    520520            </tr> 
    521521            <tr> 
    522                <td class="left">Expires: December 3, 2012</td> 
     522               <td class="left">Expires: December 7, 2012</td> 
    523523               <td class="right">greenbytes</td> 
    524524            </tr> 
    525525            <tr> 
    526526               <td class="left"></td> 
    527                <td class="right">June 1, 2012</td> 
     527               <td class="right">June 5, 2012</td> 
    528528            </tr> 
    529529         </tbody> 
     
    553553         in progress”. 
    554554      </p> 
    555       <p>This Internet-Draft will expire on December 3, 2012.</p> 
     555      <p>This Internet-Draft will expire on December 7, 2012.</p> 
    556556      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 
    557557      <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p> 
     
    704704         Required) — can do so by including a Proxy-Authorization header field with the request. 
    705705      </p> 
    706       <p id="rfc.section.2.1.p.12">Both the Authorization field value and the Proxy-Authorization field value consist of credentials containing the authentication 
    707          information of the client for the realm of the resource being requested. The user agent <em class="bcp14">MUST</em> choose to use one of the challenges with the strongest auth-scheme it understands and request credentials from the user based 
    708          upon that challenge. 
     706      <p id="rfc.section.2.1.p.12">Both the Authorization field value and the Proxy-Authorization field value contain the client's credentials for the realm 
     707         of the resource being requested, based upon a challenge received from the server (possibly at some point in the past). When 
     708         creating their values, the user agent ought to do so by selecting the challenge with what it considers to be the most secure 
     709         auth-scheme that it understands, obtaining credentials from the user as appropriate. 
    709710      </p> 
    710711      <div id="rfc.figure.u.4"></div><pre class="inline"><span id="rfc.iref.c.2"></span><span id="rfc.iref.g.5"></span>  <a href="#challenge.and.response" class="smpl">credentials</a> = <a href="#challenge.and.response" class="smpl">auth-scheme</a> [ 1*<a href="#notation" class="smpl">SP</a> ( <a href="#challenge.and.response" class="smpl">b64token</a> / #<a href="#challenge.and.response" class="smpl">auth-param</a> ) ] 
     
    11271128      </p> 
    11281129      <h2 id="rfc.section.C.1"><a href="#rfc.section.C.1">C.1</a>&nbsp;<a id="changes.since.19" href="#changes.since.19">Since draft-ietf-httpbis-p7-auth-19</a></h2> 
    1129       <p id="rfc.section.C.1.p.1">None yet.</p> 
     1130      <p id="rfc.section.C.1.p.1">Closed issues: </p> 
     1131      <ul> 
     1132         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/349">http://tools.ietf.org/wg/httpbis/trac/ticket/349</a>&gt;: "Strength" 
     1133         </li> 
     1134      </ul> 
    11301135      <h1 id="rfc.index"><a href="#rfc.index">Index</a></h1> 
    11311136      <p class="noprint"><a href="#rfc.index.4">4</a> <a href="#rfc.index.A">A</a> <a href="#rfc.index.B">B</a> <a href="#rfc.index.C">C</a> <a href="#rfc.index.G">G</a> <a href="#rfc.index.H">H</a> <a href="#rfc.index.P">P</a> <a href="#rfc.index.R">R</a> <a href="#rfc.index.S">S</a> <a href="#rfc.index.W">W</a>  
  • draft-ietf-httpbis/latest/p7-auth.xml

    r1667 r1669  
    299299   request. 
    300300</t> 
    301 <t>    
     301<t> 
    302302   Both the Authorization field value and the Proxy-Authorization field value 
    303    consist of credentials containing the authentication information of the 
    304    client for the realm of the resource being requested. The user agent &MUST; 
    305    choose to use one of the challenges with the strongest auth-scheme it 
    306    understands and request credentials from the user based upon that challenge. 
     303   contain the client's credentials for the realm of the resource being 
     304   requested, based upon a challenge received from the server (possibly at 
     305   some point in the past). When creating their values, the user agent ought to 
     306   do so by selecting the challenge with what it considers to be the most 
     307   secure auth-scheme that it understands, obtaining credentials from the user 
     308   as appropriate. 
    307309</t> 
    308310<figure><artwork type="abnf2616"><iref item="credentials" primary="true"/><iref primary="true" item="Grammar" subitem="credentials"/> 
     
    11231125<section title="Since draft-ietf-httpbis-p7-auth-19" anchor="changes.since.19"> 
    11241126<t> 
    1125   None yet. 
     1127  Closed issues: 
     1128  <list style="symbols"> 
     1129    <t> 
     1130      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/349"/>: 
     1131      "Strength" 
     1132    </t> 
     1133  </list> 
    11261134</t> 
    11271135</section> 
Note: See TracChangeset for help on using the changeset viewer.