Re: HTTP/1.0 Review Plan

Eric W. Sink (eric@rafiki.spyglass.com)
Wed, 9 Aug 1995 11:15:40 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: lilley: "Re: HTTP/1.0 Internet-Draft 01 Available"
Previous message: Jim Seidman: "Re: Negotiation in draft 01"
Maybe in reply to: Roy Fielding: "HTTP/1.0 Review Plan"
Next in thread: Roy Fielding: "Re: HTTP/1.0 Review Plan"
Reply: Roy Fielding: "Re: HTTP/1.0 Review Plan"

>I would like to avoid getting too involved in
>the debate over portions of the 1.0 draft, except where it becomes
>necessary to describe the thinking behind some of the recent changes.

Given the number of surprise changes and objectionable ones at that, I
believe this is unrealistic.

>3) WWW-Authenticate
>
>   The new spec now uses semicolon to separate parameters -- keeping
>   it as comma-separated would prevent people from using more than
>   one AA scheme per resource.  This will break existing implementations
>   of Digest and PGP AA.  One alternative is to leave WWW-Authenticate
>   as a fixed field (i.e., only describe it for Basic), and define a
>   new syntax for an Authenticate header.
>
>   The same applies to Authorization.

Let's go for the alternative.  Breaking all existing implementations of
something like this seems unnecessary.  If you *must* go for semicolons,
define a new header.

--
Eric W. Sink
Senior Software Engineer, Spyglass
eric@spyglass.com

Next message: lilley: "Re: HTTP/1.0 Internet-Draft 01 Available"
Previous message: Jim Seidman: "Re: Negotiation in draft 01"
Maybe in reply to: Roy Fielding: "HTTP/1.0 Review Plan"
Next in thread: Roy Fielding: "Re: HTTP/1.0 Review Plan"
Reply: Roy Fielding: "Re: HTTP/1.0 Review Plan"