* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Ticket #357 (closed design: fixed)

Opened 3 years ago

Last modified 2 years ago

Authentication exchanges

Reported by: mnot@pobox.com Owned by: draft-ietf-httpbis-p7-auth@tools.ietf.org
Priority: normal Milestone: 20
Component: p7-auth Severity: In WG Last Call
Keywords: Cc:
Origin: http://www.w3.org/mid/4FA97B08.4040009@isode.com

Description

If the origin server does not wish to accept the credentials sent with a request, it SHOULD return a 401 (Unauthorized) response. The response MUST include a WWW-Authenticate header field containing at least one (possibly new) challenge applicable to the requested resource.

If a proxy does not accept the credentials sent with a request, it SHOULD return a 407 (Proxy Authentication Required). The response MUST include a Proxy-Authenticate header field containing a (possibly new) challenge applicable to the proxy for the requested resource.

I think this is a bit misleading. Can an authentication exchange include more than one round trip? I think you need to be explicit one way or another. (If it can, then "does not accept" is not necessarily correct.)

Attachments

357.diff (2.4 KB) - added by julian.reschke@gmx.de 2 years ago.
Proposed patch

Change History

Changed 2 years ago by julian.reschke@gmx.de

Proposed patch

comment:1 Changed 2 years ago by julian.reschke@gmx.de

From [1681]:

Clarify authentication exchanges (see #357)

comment:2 Changed 2 years ago by julian.reschke@gmx.de

  • Status changed from new to closed
  • Resolution set to incorporated
  • Milestone changed from unassigned to 20

comment:3 Changed 2 years ago by julian.reschke@gmx.de

From [1693]:

add ref to Part2 because of mention of status code 403 (see #357)

comment:4 Changed 2 years ago by mnot@pobox.com

  • Status changed from closed to reopened
  • Resolution incorporated deleted

comment:5 Changed 2 years ago by mnot@pobox.com

  • Status changed from reopened to closed
  • Resolution set to fixed
Note: See TracTickets for help on using tickets.