draft-ietf-httpbis-p7-auth-14.txt   draft-ietf-httpbis-p7-auth-15.txt 
HTTPbis Working Group R. Fielding, Ed. HTTPbis Working Group R. Fielding, Ed.
Internet-Draft Adobe Internet-Draft Adobe
Obsoletes: 2616 (if approved) J. Gettys Obsoletes: 2616 (if approved) J. Gettys
Updates: 2617 (if approved) Alcatel-Lucent Updates: 2617 (if approved) Alcatel-Lucent
Intended status: Standards Track J. Mogul Intended status: Standards Track J. Mogul
Expires: October 20, 2011 HP Expires: January 12, 2012 HP
H. Frystyk H. Frystyk
Microsoft Microsoft
L. Masinter L. Masinter
Adobe Adobe
P. Leach P. Leach
Microsoft Microsoft
T. Berners-Lee T. Berners-Lee
W3C/MIT W3C/MIT
Y. Lafon, Ed. Y. Lafon, Ed.
W3C W3C
J. Reschke, Ed. J. Reschke, Ed.
greenbytes greenbytes
April 18, 2011 July 11, 2011
HTTP/1.1, part 7: Authentication HTTP/1.1, part 7: Authentication
draft-ietf-httpbis-p7-auth-14 draft-ietf-httpbis-p7-auth-15
Abstract Abstract
The Hypertext Transfer Protocol (HTTP) is an application-level The Hypertext Transfer Protocol (HTTP) is an application-level
protocol for distributed, collaborative, hypermedia information protocol for distributed, collaborative, hypermedia information
systems. HTTP has been in use by the World Wide Web global systems. HTTP has been in use by the World Wide Web global
information initiative since 1990. This document is Part 7 of the information initiative since 1990. This document is Part 7 of the
seven-part specification that defines the protocol referred to as seven-part specification that defines the protocol referred to as
"HTTP/1.1" and, taken together, obsoletes RFC 2616. Part 7 defines "HTTP/1.1" and, taken together, obsoletes RFC 2616. Part 7 defines
HTTP Authentication. HTTP Authentication.
skipping to change at page 1, line 47 skipping to change at page 1, line 47
Discussion of this draft should take place on the HTTPBIS working Discussion of this draft should take place on the HTTPBIS working
group mailing list (ietf-http-wg@w3.org), which is archived at group mailing list (ietf-http-wg@w3.org), which is archived at
<http://lists.w3.org/Archives/Public/ietf-http-wg/>. <http://lists.w3.org/Archives/Public/ietf-http-wg/>.
The current issues list is at The current issues list is at
<http://tools.ietf.org/wg/httpbis/trac/report/3> and related <http://tools.ietf.org/wg/httpbis/trac/report/3> and related
documents (including fancy diffs) can be found at documents (including fancy diffs) can be found at
<http://tools.ietf.org/wg/httpbis/>. <http://tools.ietf.org/wg/httpbis/>.
The changes in this draft are summarized in Appendix C.15. The changes in this draft are summarized in Appendix C.16.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 20, 2011. This Internet-Draft will expire on January 12, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 50 skipping to change at page 3, line 50
C.6. Since draft-ietf-httpbis-p7-auth-04 . . . . . . . . . . . 14 C.6. Since draft-ietf-httpbis-p7-auth-04 . . . . . . . . . . . 14
C.7. Since draft-ietf-httpbis-p7-auth-05 . . . . . . . . . . . 14 C.7. Since draft-ietf-httpbis-p7-auth-05 . . . . . . . . . . . 14
C.8. Since draft-ietf-httpbis-p7-auth-06 . . . . . . . . . . . 14 C.8. Since draft-ietf-httpbis-p7-auth-06 . . . . . . . . . . . 14
C.9. Since draft-ietf-httpbis-p7-auth-07 . . . . . . . . . . . 15 C.9. Since draft-ietf-httpbis-p7-auth-07 . . . . . . . . . . . 15
C.10. Since draft-ietf-httpbis-p7-auth-08 . . . . . . . . . . . 15 C.10. Since draft-ietf-httpbis-p7-auth-08 . . . . . . . . . . . 15
C.11. Since draft-ietf-httpbis-p7-auth-09 . . . . . . . . . . . 15 C.11. Since draft-ietf-httpbis-p7-auth-09 . . . . . . . . . . . 15
C.12. Since draft-ietf-httpbis-p7-auth-10 . . . . . . . . . . . 15 C.12. Since draft-ietf-httpbis-p7-auth-10 . . . . . . . . . . . 15
C.13. Since draft-ietf-httpbis-p7-auth-11 . . . . . . . . . . . 15 C.13. Since draft-ietf-httpbis-p7-auth-11 . . . . . . . . . . . 15
C.14. Since draft-ietf-httpbis-p7-auth-12 . . . . . . . . . . . 15 C.14. Since draft-ietf-httpbis-p7-auth-12 . . . . . . . . . . . 15
C.15. Since draft-ietf-httpbis-p7-auth-13 . . . . . . . . . . . 16 C.15. Since draft-ietf-httpbis-p7-auth-13 . . . . . . . . . . . 16
C.16. Since draft-ietf-httpbis-p7-auth-14 . . . . . . . . . . . 16
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
1. Introduction 1. Introduction
This document defines HTTP/1.1 access control and authentication. It This document defines HTTP/1.1 access control and authentication. It
includes the relevant parts of RFC 2616 with only minor changes, plus includes the relevant parts of RFC 2616 with only minor changes, plus
the general framework for HTTP authentication, as previously defined the general framework for HTTP authentication, as previously defined
in "HTTP Authentication: Basic and Digest Access Authentication" in "HTTP Authentication: Basic and Digest Access Authentication"
([RFC2617]). ([RFC2617]).
skipping to change at page 11, line 51 skipping to change at page 11, line 51
[[acks: HTTPbis acknowledgements.]] [[acks: HTTPbis acknowledgements.]]
8. References 8. References
8.1. Normative References 8.1. Normative References
[Part1] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H., [Part1] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed., Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,
and J. Reschke, Ed., "HTTP/1.1, part 1: URIs, Connections, and J. Reschke, Ed., "HTTP/1.1, part 1: URIs, Connections,
and Message Parsing", draft-ietf-httpbis-p1-messaging-14 and Message Parsing", draft-ietf-httpbis-p1-messaging-15
(work in progress), April 2011. (work in progress), July 2011.
[Part6] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H., [Part6] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed., Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,
Nottingham, M., Ed., and J. Reschke, Ed., "HTTP/1.1, part Nottingham, M., Ed., and J. Reschke, Ed., "HTTP/1.1, part
6: Caching", draft-ietf-httpbis-p6-cache-14 (work in 6: Caching", draft-ietf-httpbis-p6-cache-15 (work in
progress), April 2011. progress), July 2011.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", STD 68, RFC 5234, January 2008. Specifications: ABNF", STD 68, RFC 5234, January 2008.
8.2. Informative References 8.2. Informative References
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
skipping to change at page 15, line 25 skipping to change at page 15, line 25
C.11. Since draft-ietf-httpbis-p7-auth-09 C.11. Since draft-ietf-httpbis-p7-auth-09
Partly resolved issues: Partly resolved issues:
o <http://tools.ietf.org/wg/httpbis/trac/ticket/196>: "Term for the o <http://tools.ietf.org/wg/httpbis/trac/ticket/196>: "Term for the
requested resource's URI" requested resource's URI"
C.12. Since draft-ietf-httpbis-p7-auth-10 C.12. Since draft-ietf-httpbis-p7-auth-10
None yet. None.
C.13. Since draft-ietf-httpbis-p7-auth-11 C.13. Since draft-ietf-httpbis-p7-auth-11
Closed issues: Closed issues:
o <http://tools.ietf.org/wg/httpbis/trac/ticket/130>: "introduction o <http://tools.ietf.org/wg/httpbis/trac/ticket/130>: "introduction
to part 7 is work-in-progress" to part 7 is work-in-progress"
o <http://tools.ietf.org/wg/httpbis/trac/ticket/195>: "auth-param o <http://tools.ietf.org/wg/httpbis/trac/ticket/195>: "auth-param
syntax" syntax"
skipping to change at page 16, line 12 skipping to change at page 16, line 12
None. None.
C.15. Since draft-ietf-httpbis-p7-auth-13 C.15. Since draft-ietf-httpbis-p7-auth-13
Closed issues: Closed issues:
o <http://tools.ietf.org/wg/httpbis/trac/ticket/276>: "untangle o <http://tools.ietf.org/wg/httpbis/trac/ticket/276>: "untangle
ABNFs for header fields" ABNFs for header fields"
C.16. Since draft-ietf-httpbis-p7-auth-14
None.
Index Index
4 4
401 Unauthorized (status code) 7 401 Unauthorized (status code) 7
407 Proxy Authentication Required (status code) 7 407 Proxy Authentication Required (status code) 7
A A
auth-param 5 auth-param 5
auth-scheme 5 auth-scheme 5
Authorization header field 8 Authorization header field 8
 End of changes. 10 change blocks. 
10 lines changed or deleted 15 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/