* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Changeset 1999


Ignore:
Timestamp:
2012-11-26 19:10:52 (23 months ago)
Author:
mnot@pobox.com
Message:

Replace caching details with reference to p6; addresses #403.

Location:
draft-ietf-httpbis/latest
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p7-auth.html

    r1974 r1999  
    449449  }  
    450450  @bottom-center { 
    451        content: "Expires May 8, 2013";  
     451       content: "Expires May 31, 2013";  
    452452  }  
    453453  @bottom-right { 
     
    484484      <link rel="Appendix" title="D Change Log (to be removed by RFC Editor before publication)" href="#rfc.section.D"> 
    485485      <link href="p6-cache.html" rel="prev"> 
    486       <meta name="generator" content="http://greenbytes.de/tech/webdav/rfc2629.xslt, Revision 1.588, 2012-08-25 12:28:24, XSLT vendor: SAXON 8.9 from Saxonica http://www.saxonica.com/"> 
     486      <meta name="generator" content="http://greenbytes.de/tech/webdav/rfc2629.xslt, Revision 1.588, 2012-08-25 12:28:24, XSLT vendor: SAXON 9.1.0.8 from Saxonica http://www.saxonica.com/"> 
    487487      <link rel="schema.dct" href="http://purl.org/dc/terms/"> 
    488488      <meta name="dct.creator" content="Fielding, R."> 
    489489      <meta name="dct.creator" content="Reschke, J. F."> 
    490490      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p7-auth-latest"> 
    491       <meta name="dct.issued" scheme="ISO8601" content="2012-11-04"> 
     491      <meta name="dct.issued" scheme="ISO8601" content="2012-11-27"> 
    492492      <meta name="dct.replaces" content="urn:ietf:rfc:2616"> 
    493493      <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. This document defines the HTTP Authentication framework."> 
     
    517517            <tr> 
    518518               <td class="left">Intended status: Standards Track</td> 
    519                <td class="right">November 4, 2012</td> 
     519               <td class="right">November 27, 2012</td> 
    520520            </tr> 
    521521            <tr> 
    522                <td class="left">Expires: May 8, 2013</td> 
     522               <td class="left">Expires: May 31, 2013</td> 
    523523               <td class="right"></td> 
    524524            </tr> 
     
    546546         in progress”. 
    547547      </p> 
    548       <p>This Internet-Draft will expire on May 8, 2013.</p> 
     548      <p>This Internet-Draft will expire on May 31, 2013.</p> 
    549549      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 
    550550      <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p> 
     
    799799         such as credentials that vary according to a challenge value or using synchronized clocks). 
    800800      </p> 
    801       <p id="rfc.section.4.1.p.4">When a shared cache (see <a href="p6-cache.html#shared.and.non-shared.caches">Section 1.2</a> of <a href="#Part6" id="rfc.xref.Part6.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>) receives a request containing an Authorization field, it <em class="bcp14">MUST NOT</em> return the corresponding response as a reply to any other request, unless one of the following specific exceptions holds: 
    802       </p> 
    803       <p id="rfc.section.4.1.p.5"> </p> 
    804       <ol> 
    805          <li>If the response includes the "s-maxage" cache-control directive, the cache <em class="bcp14">MAY</em> use that response in replying to a subsequent request. But (if the specified maximum age has passed) a proxy cache <em class="bcp14">MUST</em> first revalidate it with the origin server, using the header fields from the new request to allow the origin server to authenticate 
    806             the new request. (This is the defined behavior for s-maxage.) If the response includes "s-maxage=0", the proxy <em class="bcp14">MUST</em> always revalidate it before re-using it. 
    807          </li> 
    808          <li>If the response includes the "must-revalidate" cache-control directive, the cache <em class="bcp14">MAY</em> use that response in replying to a subsequent request. But if the response is stale, all caches <em class="bcp14">MUST</em> first revalidate it with the origin server, using the header fields from the new request to allow the origin server to authenticate 
    809             the new request. 
    810          </li> 
    811          <li>If the response includes the "public" cache-control directive, it <em class="bcp14">MAY</em> be returned in reply to any subsequent request. 
    812          </li> 
    813       </ol> 
     801      <p id="rfc.section.4.1.p.4">See <a href="p6-cache.html#caching.authenticated.responses" title="Storing Responses to Authenticated Requests">Section 3.2</a> of <a href="#Part6" id="rfc.xref.Part6.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a> for details of and requirements pertaining to handling of the Authorization field by HTTP caches. 
     802      </p> 
    814803      <div id="rfc.iref.p.2"></div> 
    815804      <h2 id="rfc.section.4.2"><a href="#rfc.section.4.2">4.2</a>&nbsp;<a id="header.proxy-authenticate" href="#header.proxy-authenticate">Proxy-Authenticate</a></h2> 
     
    11811170                  </li> 
    11821171                  <li><em>Part6</em>&nbsp;&nbsp;<a href="#rfc.xref.Part6.1">4.1</a>, <a href="#Part6"><b>8.1</b></a><ul> 
    1183                         <li><em>Section 1.2</em>&nbsp;&nbsp;<a href="#rfc.xref.Part6.1">4.1</a></li> 
     1172                        <li><em>Section 3.2</em>&nbsp;&nbsp;<a href="#rfc.xref.Part6.1">4.1</a></li> 
    11841173                     </ul> 
    11851174                  </li> 
  • draft-ietf-httpbis/latest/p7-auth.xml

    r1963 r1999  
    2828  <!ENTITY end-to-end.and-hop-by-hop    "<xref target='Part1' x:rel='#end-to-end.and.hop-by-hop.header-fields' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 
    2929  <!ENTITY status.403                   "<xref target='Part2' x:rel='#status.403' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 
    30   <!ENTITY shared-and-non-shared-caches "<xref target='Part6' x:rel='#shared.and.non-shared.caches' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 
     30  <!ENTITY caching-authenticated-responses "<xref target='Part6' x:rel='#caching.authenticated.responses' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 
    3131]> 
    3232<?rfc toc="yes" ?> 
     
    482482</t> 
    483483<t> 
    484       When a shared cache (see &shared-and-non-shared-caches;) receives a request 
    485       containing an Authorization field, it &MUST-NOT; return the 
    486       corresponding response as a reply to any other request, unless one 
    487       of the following specific exceptions holds: 
    488 </t> 
    489 <t> 
    490   <list style="numbers"> 
    491       <t>If the response includes the "s-maxage" cache-control 
    492          directive, the cache &MAY; use that response in replying to a 
    493          subsequent request. But (if the specified maximum age has 
    494          passed) a proxy cache &MUST; first revalidate it with the origin 
    495          server, using the header fields from the new request to allow 
    496          the origin server to authenticate the new request. (This is the 
    497          defined behavior for s-maxage.) If the response includes "s-maxage=0", 
    498          the proxy &MUST; always revalidate it before re-using 
    499          it.</t> 
    500  
    501       <t>If the response includes the "must-revalidate" cache-control 
    502          directive, the cache &MAY; use that response in replying to a 
    503          subsequent request. But if the response is stale, all caches 
    504          &MUST; first revalidate it with the origin server, using the 
    505          header fields from the new request to allow the origin server 
    506          to authenticate the new request.</t> 
    507  
    508       <t>If the response includes the "public" cache-control directive, 
    509          it &MAY; be returned in reply to any subsequent request.</t> 
    510   </list> 
     484   See &caching-authenticated-responses; for details of and requirements 
     485   pertaining to handling of the Authorization field by HTTP caches. 
    511486</t> 
    512487</section> 
Note: See TracChangeset for help on using the changeset viewer.