Re: ISSUE PROXY-AUTHORIZATION: Proposal wording
rlgray@raleigh.ibm.com
Thu, 10 Jul 1997 14:21:16 EST
I support this rewording.
It may be worth making an implementation note about this discussion
(that sometimes a proxy may find it desirable to replace end-to-end
headers).
** Reply to note from Henrik Frystyk Nielsen <frystyk@w3.org> Tue, 08 Jul 1997 18:36:59 -0400
..
> What about simply saying that
>
> The WWW-Authenticate and Authorization header fields are end-to-end
> headers
> following the rules found in section 14.8 and 14.46. Both the Proxy-
> Authenticate and the Proxy-Authorization header fields are hop-by-hop
> headers (see section 13.5.1).
>
> instead of
>
> Proxies MUST be completely transparent regarding user agent authentication
> by origin servers. That is, they MUST forward the WWW-Authenticate and
> Authorization headers untouched, and follow the rules found in section
> 14.8.
> Both the Proxy-Authenticate and the Proxy-Authorization header fields are
> hop-by-hop headers (see section 13.5.1).
>
> Section 13.5.1 gives us the flexibility to leave open who is the "ultimate
> recipient":
>
> o End-to-end headers, which must be transmitted to the
> ultimate recipient of a request or response. End-to-end
> headers in responses must be stored as part of a cache entry
> and transmitted in any response formed from a cache entry.
>
> Henrik
> --
> Henrik Frystyk Nielsen, <frystyk@w3.org>
> World Wide Web Consortium
> http://www.w3.org/People/Frystyk
>
> �
Richard L. Gray
chocolate - the One True food group