+1
Am 28.06.2010 07:37, schrieb Dick Hardt:
I vote for (3) unless a good (4) is suggested.
On 2010-06-27, at 6:51 PM, Eran Hammer-Lahav wrote:
Over the past year many people expressed concerns about the use of
the ‘realm’ WWW-Authenticate header parameter. The parameter is
defined in RFC 2617 as required, and is allowed to have
scheme-specific structure.
We have a few options:
1. Leave it as required under the definition of RFC 2617 (i.e.
provide no help, developers will need to ready 2617 and figure out
what to do with it).
2. Update 2617 to remove the requirement – this is not going to be
easy or possible to predict success.
3. Provide specific guidance as to what to do with the realm parameter.
4. Something else.
Comments?
EHL
_______________________________________________
OAuth mailing list
OAuth@ietf.org <mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
