* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Ticket #177 (closed design: fixed)

Opened 5 years ago

Last modified 3 years ago

Realm required on challenges

Reported by: mnot@pobox.com Owned by: julian.reschke@gmx.de
Priority: normal Milestone: 16
Component: p7-auth Severity: Active WG Document
Keywords: Cc:
Origin:

Description

p7 defers to RFC2617 for the definition of challenge.

RFC 2617, section 1.2 says:

challenge = auth-scheme 1*SP 1#auth-param ... The authentication parameter realm is defined for all authentication schemes:

realm = "realm" "=" realm-value realm-value = quoted-string

The realm directive (case-insensitive) is required for all authentication schemes that issue a challenge.

The interpretation being that challenges (which is what www- authenticate is defined as) MUST contain at least one parameter and that parameter MUST be a realm.

Is it truly necessary for all authentication schemes to include a 'realm' paramter? If so, it should be documented (e.g., in the section about extension authentication schemes).

Attachments

177.diff (2.0 KB) - added by julian.reschke@gmx.de 3 years ago.
proposed change for p7

Change History

comment:1 Changed 5 years ago by mnot@pobox.com

  • Priority set to blocked

Blocked until we actually take responsibility for this text in 2617...

comment:2 Changed 4 years ago by julian.reschke@gmx.de

  • Owner set to julian.reschke@gmx.de

comment:3 Changed 4 years ago by julian.reschke@gmx.de

  • Priority changed from blocked to normal

comment:4 Changed 3 years ago by julian.reschke@gmx.de

Proposal:

  • make realm optional for schemes

Q:

  • what about existing schemes? (for instance, Basic)?

comment:5 Changed 3 years ago by julian.reschke@gmx.de

  • Milestone changed from unassigned to 16

Changed 3 years ago by julian.reschke@gmx.de

proposed change for p7

comment:6 Changed 3 years ago by julian.reschke@gmx.de

From [1354]:

Realm is optional in new schemes (see #177)

comment:7 Changed 3 years ago by julian.reschke@gmx.de

  • Status changed from new to closed
  • Resolution set to incorporated

comment:8 Changed 3 years ago by julian.reschke@gmx.de

From [1385]:

note change on realm requirement in Changes section, fix ABNF for challenge not to insist on auth-params (see #177)

comment:9 Changed 3 years ago by mnot@pobox.com

  • Status changed from closed to reopened
  • Resolution incorporated deleted

comment:10 Changed 3 years ago by mnot@pobox.com

  • Status changed from reopened to closed
  • Resolution set to fixed
Note: See TracTickets for help on using tickets.