Hypertext Transfer Protocol (HTTP/1.1): Authentication
draft-ietf-httpbis-p7-auth-26
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2014-05-29
|
26 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2014-05-15
|
26 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2014-04-16
|
26 | (System) | RFC Editor state changed to RFC-EDITOR from REF |
2014-04-14
|
26 | (System) | RFC Editor state changed to REF from EDIT |
2014-02-18
|
26 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2014-02-17
|
26 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
2014-02-17
|
26 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2014-02-17
|
26 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2014-02-14
|
26 | (System) | IANA Action state changed to In Progress |
2014-02-12
|
26 | Cindy Morgan | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2014-02-12
|
26 | (System) | RFC Editor state changed to EDIT |
2014-02-12
|
26 | (System) | Announcement was received by RFC Editor |
2014-02-12
|
26 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2014-02-12
|
26 | Amy Vezza | IESG has approved the document |
2014-02-12
|
26 | Amy Vezza | Closed "Approve" ballot |
2014-02-12
|
26 | Amy Vezza | Ballot approval text was generated |
2014-02-12
|
26 | Barry Leiba | IESG state changed to Approved-announcement to be sent from Approved-announcement to be sent::Point Raised - writeup needed |
2014-02-06
|
26 | Julian Reschke | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2014-02-06
|
26 | Julian Reschke | New version available: draft-ietf-httpbis-p7-auth-26.txt |
2013-12-30
|
25 | Gunter Van de Velde | Closed request for Telechat review by OPSDIR with state 'No Response' |
2013-12-19
|
25 | Cindy Morgan | State changed to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation |
2013-12-19
|
25 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2013-12-19
|
25 | Sean Turner | [Ballot comment] *) I'll not repeats the OWS discuss point from p1. If it gets changed there I assume it will get changed here. If … [Ballot comment] *) I'll not repeats the OWS discuss point from p1. If it gets changed there I assume it will get changed here. If not then this can be ignored. 0) Abstract: Maybe would add stateless in front of protocol in the description. 1) So I guess the reason we're not saying TLS is an MTI with basic/digest is that that's getting done in an httpauth draft? It really wouldn't hurt to duplicate that while we're getting the other one done (I know you *don't* want a reference to that draft). |
2013-12-19
|
25 | Sean Turner | [Ballot Position Update] New position, No Objection, has been recorded for Sean Turner |
2013-12-19
|
25 | Jari Arkko | [Ballot comment] Kathleen Moriarty made a Gen-ART review which raised comments which I believe would be useful to consider (but we've not seen a reply … [Ballot comment] Kathleen Moriarty made a Gen-ART review which raised comments which I believe would be useful to consider (but we've not seen a reply yet). Minor issues: In section 2.1, in third to last paragraph, why is ought used here instead of a keyword? This is a point that could help with interoperability, so I think a keyword is important. Unless there is another error message, one should be provided when the role access requirements are not met. Users would expect this functionality. Nits/editorial comments: Section 3.2.1 - please fix the run-on sentence, the first one as it is difficult to read. Suggestion: From: If a server receives a request for an access-protected object, and an acceptable Authorization header is not sent, the server responds with a "401 Unauthorized" status code, and a WWW-Authenticate header as per the framework defined above, which for the digest scheme is utilized as follows: To: If a server receives a request for an access-protected object and an acceptable Authorization header is not sent. The server responds with a "401 Unauthorized" status code and a WWW-Authenticate header as per the framework defined above. For the digest scheme, this is utilized as follows: Section 4.1, second to last paragraph. Please consider rewording the content in parenthesis, it is difficult to read and probably found just be a separate sentence rather than included with the prior sentence in parenthesis. "If a request is authenticated and a realm specified, the same credentials are presumed to be valid for all other requests within this realm (assuming that the authentication scheme itself does not require otherwise, such as credentials that vary according to a challenge value or using synchronized clocks)." Section 4.2, second paragraph, consider breaking the following sentence into two: From: However, if a recipient proxy needs to obtain its own credentials by requesting them from a further outbound client, it will generate its own 407 response, which might have the appearance of forwarding the Proxy-Authenticate header field if both proxies use the same challenge set. To: However, if a recipient proxy needs to obtain its own credentials by requesting them from a further outbound client, it will generate its own 407 response. This might have the appearance of forwarding the Proxy-Authenticate header field if both proxies use the same challenge set. Section 4.4, the last paragraph could be read more clearly with the following change: From: This header field contains two challenges; one for the "Newauth" scheme with a realm value of "apps", and two additional parameters "type" and "title", and another one for the "Basic" scheme with a realm value of "simple". To: This header field contains two challenges; one for the "Newauth"scheme with a realm value of "apps" and two additional parameters "type" and "title", and the second for the "Basic" scheme with a realm value of "simple". Section 6: Security Considerations Could you add in text to inform developers that content should not be accessed before authentication occurs when required? I know this sounds obvious, but I recently ran into this issue. On a Mac, I am able to see that the application server/database information is actually loaded before I authenticate (sure there is a SQL injection happening here too) and the screen is slightly greyed out. On a PC, it appears to block access, but this is a display thing rather than requiring the authentication to actually work prior to serving content. Perhaps something like the following: When a web service is configured to use authentication, content from the application server requiring authentication MUST not be accessed until the authentication has completed successfully. |
2013-12-19
|
25 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2013-12-19
|
25 | Amanda Baber | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2013-12-18
|
25 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2013-12-18
|
25 | Pete Resnick | [Ballot Position Update] New position, No Objection, has been recorded for Pete Resnick |
2013-12-18
|
25 | Richard Barnes | [Ballot comment] COMMENT 1: In Section 3.1, suggest clarifying: OLD: "The origin server MUST send a WWW-Authenticate ... target resource." NEW: "The origin server MUST … [Ballot comment] COMMENT 1: In Section 3.1, suggest clarifying: OLD: "The origin server MUST send a WWW-Authenticate ... target resource." NEW: "The origin server MUST send a WWW-Authenticate ... target resource. (If the server is unwilling to grant access for any credentials, it should instead use the 403 (Forbidden) status code.)" |
2013-12-18
|
25 | Richard Barnes | [Ballot Position Update] New position, No Objection, has been recorded for Richard Barnes |
2013-12-18
|
25 | Stephen Farrell | [Ballot comment] - 2.2: shouldn't there be some mention of how realms map to web-origins here? I don't necessarily mean in a normative manner, but … [Ballot comment] - 2.2: shouldn't there be some mention of how realms map to web-origins here? I don't necessarily mean in a normative manner, but to explain. - 4.2: I didn't find the description of chains of proxies very clear. An example would help I think. Although it looks like chains of proxies all doing 407 are not very well defined - is that fair? - Please check the secdir review. [1] I agree with the comment that this really should have some mention of using TLS to protect basic/digest, even if that ought also be elsewhere. [1] http://www.ietf.org/mail-archive/web/secdir/current/msg03491.html |
2013-12-18
|
25 | Stephen Farrell | [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell |
2013-12-17
|
25 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
2013-12-17
|
25 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
2013-12-16
|
25 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded for Stewart Bryant |
2013-12-16
|
25 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2013-12-14
|
25 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded for Adrian Farrel |
2013-12-12
|
25 | Jean Mahoney | Request for Telechat review by GENART is assigned to Kathleen Moriarty |
2013-12-12
|
25 | Jean Mahoney | Request for Telechat review by GENART is assigned to Kathleen Moriarty |
2013-11-17
|
25 | Julian Reschke | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2013-11-17
|
25 | Julian Reschke | New version available: draft-ietf-httpbis-p7-auth-25.txt |
2013-11-11
|
24 | (System) | IANA Review state changed to IANA OK - Actions Needed from IANA - Not OK |
2013-11-11
|
24 | Pearl Liang | acker. IANA Actions - YES NOTE: The authors have confirmed that the new requested registry is a new top-level registry. The new URL will be: … acker. IANA Actions - YES NOTE: The authors have confirmed that the new requested registry is a new top-level registry. The new URL will be: http://www.iana.org/assignments/http-authschemes Thank you, Pearl Liang ICANN/IANA On Tue Nov 05 08:59:31 2013, iesg-secretary@ietf.org wrote: > Evaluation for can be found at > http://datatracker.ietf.org/doc/draft-ietf-httpbis-p7-auth/ > > Last call to expire on: 2013-11-04 00:00 > > > Please return the full line with your position. > > Yes No-Objection Discuss Abstain > Barry Leiba [ X ] [ ] [ ] [ ] > > > "Yes" or "No-Objection" positions from 2/3 of non-recused ADs, > with no "Discuss" positions, are needed for approval. > > DISCUSSES AND COMMENTS > =========== > ? > ---- following is a DRAFT of message to be sent AFTER approval --- > From: The IESG > To: IETF-Announce > Cc: RFC Editor , > httpbis mailing list , > httpbis chair > Subject: Protocol Action: 'Hypertext Transfer Protocol (HTTP/1.1): > Authentication' to Proposed Standard (draft-ietf-httpbis-p7-auth- > 24.txt) > > The IESG has approved the following document: > - 'Hypertext Transfer Protocol (HTTP/1.1): Authentication' > (draft-ietf-httpbis-p7-auth-24.txt) as Proposed Standard > > This document is the product of the Hypertext Transfer Protocol Bis > Working Group. > > The IESG contact persons are Barry Leiba and Pete Resnick. > > A URL of this Internet Draft is: > http://datatracker.ietf.org/doc/draft-ietf-httpbis-p7-auth/ > > > > > Technical Summary > > The Hypertext Transfer Protocol (HTTP) is an application-level > protocol for > distributed, collaborative, hypermedia information systems. This > document > defines the HTTP Authentication framework. > > Note that this document is part of a set, which should be reviewed > together: > > * draft-ietf-httpbis-p1-messaging > * draft-ietf-httpbis-p2-semantics > * draft-ietf-httpbis-p4-conditional > * draft-ietf-httpbis-p5-range > * draft-ietf-httpbis-p6-cache > * draft-ietf-httpbis-p7-auth > * draft-ietf-httpbis-method-registrations > * draft-ietf-httpbis-authscheme-registrations > > > Review and Consensus > > As chartered, this work was very constrained; the WG sought only to > clarify > RFC2616, making significant technical changes only where there were > considerably interoperability or security issues. > > While the bulk of the work was done by a core team of editors, it has > been > reviewed by a substantial number of implementers, and design issues > enjoyed > input from many of them. > > It has been through two Working Group Last Calls, with multiple > reviewers each > time. We have also discussed this work with external groups (e.g., the > W3C TAG). > > > Personnel > > Document Shepherd: Mark Nottingham > Responsible Area Director: Barry Leiba > > |
2013-11-11
|
24 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Peter Schoenmaker |
2013-11-11
|
24 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Peter Schoenmaker |
2013-11-05
|
24 | Barry Leiba | Ballot has been issued |
2013-11-05
|
24 | Barry Leiba | Ballot has been issued |
2013-11-05
|
24 | Barry Leiba | [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba |
2013-11-05
|
24 | Barry Leiba | Created "Approve" ballot |
2013-11-05
|
24 | Barry Leiba | Placed on agenda for telechat - 2013-12-19 |
2013-11-05
|
24 | Barry Leiba | State changed to IESG Evaluation from Waiting for AD Go-Ahead |
2013-11-05
|
24 | Barry Leiba | Changed consensus to Yes from Unknown |
2013-11-04
|
24 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call (ends 2013-11-04) |
2013-10-31
|
24 | (System) | IANA Review state changed to IANA - Not OK from IANA - Review Needed |
2013-10-31
|
24 | Amanda Baber | IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-httpbis-p7-auth-24. Authors should review the comments and/or questions below. Please report any inaccuracies and respond to any questions as soon … IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-httpbis-p7-auth-24. Authors should review the comments and/or questions below. Please report any inaccuracies and respond to any questions as soon as possible. IANA's reviewer has the following comments/questions: IANA understands that, upon approval of this document, there are three actions which IANA must complete. The designated expert for Permanent Message Header Field Names must approve the new action. First, a new registry called the HTTP Authentication Scheme Registry will be created at http://www.iana.org/assignments/http-authschemes The registration rule for this name space is IETF Review as defined in RFC 5226. Each registration is made up of an authentication scheme name, notes and a reference. There are no initial registrations in this new registry. Second, in the HTTP Status Code Registry, located at: http://www.iana.org/assignments/http-status-codes/ these values will be updated as follows: +-------+-------------------------------+-------------+ | Value | Description | Reference | +-------+-------------------------------+-------------+ | 401 | Unauthorized |[ RFC-to-be ]| | 407 | Proxy Authentication Required |[ RFC-to-be ]| +-------+-------------------------------+-------------+ Third, in the Permanent Message Header Field Names registry in the Message Headers page at http://www.iana.org/assignments/message-headers/ the following message headers will be updated to reflect the new information provided below: +---------------------+----------+----------+-------------+ | Header Field Name | Protocol | Status | Reference | +---------------------+----------+----------+-------------+ | Authorization | http | standard |[ RFC-to-be ]| | Proxy-Authenticate | http | standard |[ RFC-to-be ]| | Proxy-Authorization | http | standard |[ RFC-to-be ]| | WWW-Authenticate | http | standard |[ RFC-to-be ]| +---------------------+----------+----------+-------------+ IANA understands that these actions are the only ones required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. |
2013-10-31
|
24 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Has Issues. Reviewer: Stephen Kent. |
2013-10-24
|
24 | Jean Mahoney | Request for Last Call review by GENART is assigned to Kathleen Moriarty |
2013-10-24
|
24 | Jean Mahoney | Request for Last Call review by GENART is assigned to Kathleen Moriarty |
2013-10-24
|
24 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Stephen Kent |
2013-10-24
|
24 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Stephen Kent |
2013-10-21
|
24 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2013-10-21
|
24 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Hypertext Transfer Protocol (HTTP/1.1): Authentication) … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Hypertext Transfer Protocol (HTTP/1.1): Authentication) to Proposed Standard The IESG has received a request from the Hypertext Transfer Protocol Bis WG (httpbis) to consider the following document: - 'Hypertext Transfer Protocol (HTTP/1.1): Authentication' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2013-11-04. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. This document defines the HTTP Authentication framework. Note that this document is part of a set, which should be reviewed together: * draft-ietf-httpbis-p1-messaging * draft-ietf-httpbis-p2-semantics * draft-ietf-httpbis-p4-conditional * draft-ietf-httpbis-p5-range * draft-ietf-httpbis-p6-cache * draft-ietf-httpbis-p7-auth * draft-ietf-httpbis-method-registrations * draft-ietf-httpbis-authscheme-registrations The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-httpbis-p7-auth/ Once IESG evaluation begins, IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-httpbis-p7-auth/ballot/ The following IPR Declarations may be related to this I-D: http://datatracker.ietf.org/ipr/1398/ |
2013-10-21
|
24 | Amy Vezza | State changed to In Last Call from Last Call Requested |
2013-10-21
|
24 | Barry Leiba | Last call was requested |
2013-10-21
|
24 | Barry Leiba | Ballot approval text was generated |
2013-10-21
|
24 | Barry Leiba | State changed to Last Call Requested from AD Evaluation |
2013-10-21
|
24 | Barry Leiba | Last call announcement was changed |
2013-10-21
|
24 | Barry Leiba | Last call announcement was generated |
2013-10-19
|
24 | Barry Leiba | Ballot writeup was changed |
2013-10-19
|
24 | Barry Leiba | Ballot writeup was generated |
2013-10-18
|
24 | Barry Leiba | State changed to AD Evaluation from Publication Requested |
2013-10-07
|
24 | Cindy Morgan | 1. Summary Document: draft-ietf-httpbis-p7-auth-24 Document Shepherd: Mark Nottingham Responsible Area Director: Barry Leiba Publication Type: Proposed Standard The Hypertext Transfer Protocol (HTTP) is an application-level … 1. Summary Document: draft-ietf-httpbis-p7-auth-24 Document Shepherd: Mark Nottingham Responsible Area Director: Barry Leiba Publication Type: Proposed Standard The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. This document defines the HTTP Authentication framework. Note that this document is part of a set, which should be reviewed together: * draft-ietf-httpbis-p1-messaging * draft-ietf-httpbis-p2-semantics * draft-ietf-httpbis-p4-conditional * draft-ietf-httpbis-p5-range * draft-ietf-httpbis-p6-cache * draft-ietf-httpbis-p7-auth * draft-ietf-httpbis-method-registrations * draft-ietf-httpbis-authscheme-registrations 2. Review and Consensus As chartered, this work was very constrained; the WG sought only to clarify RFC2616, making significant technical changes only where there were considerably interoperability or security issues. While the bulk of the work was done by a core team of editors, it has been reviewed by a substantial number of implementers, and design issues enjoyed input from many of them. It has been through two Working Group Last Calls, with multiple reviewers each time. We have also discussed this work with external groups (e.g., the W3C TAG). 3. Intellectual Property There are no IPR disclosures against this document (one was previously made, but "removed at the submitter's request"). The authors have confirmed that they have no direct, personal knowledge of IPR related to this document that has not been disclosed. 4. Other Points Downward references: None. New registries created: * The Authentication Scheme Registry policy is IETF Review. This policy was chosen to ensure adequate security review. Updated registries: None. |
2013-10-07
|
24 | Mark Nottingham | IETF WG state changed to Submitted to IESG for Publication |
2013-10-07
|
24 | Mark Nottingham | IESG state changed to Publication Requested |
2013-10-07
|
24 | Mark Nottingham | Working group state set to Submitted to IESG for Publication |
2013-10-07
|
24 | Mark Nottingham | IESG state set to Publication Requested |
2013-10-07
|
24 | Mark Nottingham | Changed document writeup |
2013-10-07
|
24 | Mark Nottingham | Document shepherd changed to Mark Nottingham |
2013-09-25
|
24 | Julian Reschke | New version available: draft-ietf-httpbis-p7-auth-24.txt |
2013-07-15
|
23 | Julian Reschke | New version available: draft-ietf-httpbis-p7-auth-23.txt |
2013-02-23
|
22 | Julian Reschke | New version available: draft-ietf-httpbis-p7-auth-22.txt |
2012-10-04
|
21 | Julian Reschke | New version available: draft-ietf-httpbis-p7-auth-21.txt |
2012-08-24
|
20 | Tero Kivinen | Request for Early review by SECDIR Completed: Ready with Nits. Reviewer: Stephen Kent. |
2012-08-21
|
20 | Samuel Weiler | Request for Early review by SECDIR is assigned to Stephen Kent |
2012-08-21
|
20 | Samuel Weiler | Request for Early review by SECDIR is assigned to Stephen Kent |
2012-08-15
|
20 | Samuel Weiler | Assignment of request for Early review by SECDIR to Glen Zorn was rejected |
2012-07-16
|
20 | Julian Reschke | New version available: draft-ietf-httpbis-p7-auth-20.txt |
2012-07-05
|
19 | Barry Leiba | Responsible AD changed to Barry Leiba from Peter Saint-Andre |
2012-03-20
|
19 | Samuel Weiler | Request for Early review by SECDIR is assigned to Glen Zorn |
2012-03-20
|
19 | Samuel Weiler | Request for Early review by SECDIR is assigned to Glen Zorn |
2012-03-12
|
19 | Roy Fielding | New version available: draft-ietf-httpbis-p7-auth-19.txt |
2012-01-03
|
18 | (System) | New version available: draft-ietf-httpbis-p7-auth-18.txt |
2011-11-14
|
18 | Peter Saint-Andre | Intended Status has been changed to Proposed Standard from Standard |
2011-10-31
|
17 | (System) | New version available: draft-ietf-httpbis-p7-auth-17.txt |
2011-10-17
|
18 | Peter Saint-Andre | Draft added in state AD is watching |
2011-08-24
|
16 | (System) | New version available: draft-ietf-httpbis-p7-auth-16.txt |
2011-07-11
|
15 | (System) | New version available: draft-ietf-httpbis-p7-auth-15.txt |
2011-04-18
|
14 | (System) | New version available: draft-ietf-httpbis-p7-auth-14.txt |
2011-03-14
|
13 | (System) | New version available: draft-ietf-httpbis-p7-auth-13.txt |
2010-10-25
|
12 | (System) | New version available: draft-ietf-httpbis-p7-auth-12.txt |
2010-08-04
|
11 | (System) | New version available: draft-ietf-httpbis-p7-auth-11.txt |
2010-07-12
|
10 | (System) | New version available: draft-ietf-httpbis-p7-auth-10.txt |
2010-03-08
|
09 | (System) | New version available: draft-ietf-httpbis-p7-auth-09.txt |
2009-10-26
|
08 | (System) | New version available: draft-ietf-httpbis-p7-auth-08.txt |
2009-07-13
|
07 | (System) | New version available: draft-ietf-httpbis-p7-auth-07.txt |
2009-03-09
|
06 | (System) | New version available: draft-ietf-httpbis-p7-auth-06.txt |
2008-11-17
|
05 | (System) | New version available: draft-ietf-httpbis-p7-auth-05.txt |
2008-08-29
|
04 | (System) | New version available: draft-ietf-httpbis-p7-auth-04.txt |
2008-06-17
|
03 | (System) | New version available: draft-ietf-httpbis-p7-auth-03.txt |
2008-02-25
|
02 | (System) | New version available: draft-ietf-httpbis-p7-auth-02.txt |
2008-01-13
|
01 | (System) | New version available: draft-ietf-httpbis-p7-auth-01.txt |
2007-12-21
|
00 | (System) | New version available: draft-ietf-httpbis-p7-auth-00.txt |