Re: [apps-discuss] I-D Action: draft-nottingham-http-new-status-02.txt
Yutaka OIWA <y.oiwa@aist.go.jp> Mon, 14 November 2011 08:19 UTC
Return-Path: <yutaka-oiwa-aist-temp@g.oiwa.jp>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53C4011E80B9 for <apps-discuss@ietfa.amsl.com>; Mon, 14 Nov 2011 00:19:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.477
X-Spam-Level:
X-Spam-Status: No, score=-6.477 tagged_above=-999 required=5 tests=[AWL=-3.500, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eYkHlYd+XE1Q for <apps-discuss@ietfa.amsl.com>; Mon, 14 Nov 2011 00:19:39 -0800 (PST)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id BFE6E11E80C5 for <apps-discuss@ietf.org>; Mon, 14 Nov 2011 00:19:38 -0800 (PST)
Received: by gye5 with SMTP id 5so5607515gye.31 for <apps-discuss@ietf.org>; Mon, 14 Nov 2011 00:19:38 -0800 (PST)
MIME-Version: 1.0
Received: by 10.236.156.5 with SMTP id l5mr12542310yhk.29.1321258776703; Mon, 14 Nov 2011 00:19:36 -0800 (PST)
Sender: yutaka@g.oiwa.jp
X-Google-Sender-Delegation: yutaka@g.oiwa.jp
Received: by 10.150.197.13 with HTTP; Mon, 14 Nov 2011 00:19:36 -0800 (PST)
In-Reply-To: <3615F3CCD55F054395A882F51C6E5FDA181FFC67@szxeml513-mbx.china.huawei.com>
References: <20111018234005.22724.87290.idtracker@ietfa.amsl.com> <FEB7C839-4210-4CC9-BD1F-8A9C53790BD4@mnot.net> <p06240627cae62cecfbf0@172.21.1.9> <C28A7D4D-607A-4969-9B6A-4CFCDDE0E845@mnot.net> <3615F3CCD55F054395A882F51C6E5FDA181FFC67@szxeml513-mbx.china.huawei.com>
Date: Mon, 14 Nov 2011 17:19:36 +0900
X-Google-Sender-Auth: bkNi1GsUF3s9GxIBzRCPoCOKVFo
Message-ID: <CAL8DUN8EwiAxt+vdDv5LT3hC1pBDQhCJgg2mwWWy_y1dn9oRQg@mail.gmail.com>
From: Yutaka OIWA <y.oiwa@aist.go.jp>
To: TianLinyi <tianlinyi@huawei.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: httpbis Group <ietf-http-wg@w3.org>, Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] I-D Action: draft-nottingham-http-new-status-02.txt
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2011 08:19:43 -0000
401 is a specific status code for kicking in *HTTP* authentication. It requires servers to supply an appropriate WWW-Authenticate header. It seems to be not a "general status code" of your sense. The proposed 511 is a status code in general 5XX category, indicating that there is no way at HTTP level to successfully complete the request at this moment, due to some server-side reason. The 511 status carries a "hint", in addition to usual 5XX statuses, to clients that the provided response is not supplied directly from the requested peer, and some man-in-the-middle has refused to forward a request without some more user interactions (usually an application-level authentication or payments). Such interactions are performed in some higher protocol layer than HTTP. 2011/11/14 TianLinyi <tianlinyi@huawei.com>: > Hi, Mark > > I am wondering the relationship betwen "511 Network Authentication Required" and " 401 Unauthorized". 401 is a general status code for requiring user authentication. However "requiring network access" may be part of the sementics of user authentication. How to clearly distinguish them? > > In the description it mentioned the following sentence: > The response representation SHOULD indicate how to do this; e.g., > with an HTML form for submitting credentials. > However it is clear how to do this? Will it be leaving to implementation (e.g. the parameters included in the HTML form)? > > Cheers, > Linyi > > On 13/11/2011, at 8:33 PM, Randall Gellens wrote: > >> In today's APPAREA/APPSWG session, Mark briefly talked about this >> draft, and when mentioning the 511 code, said that his intent was not >> to encourage captive portal interception as a technique for network >> access authorization or authentication, but rather to reduce the harm >> that such mechanisms cause. >> >> I agree with all these goals, but in looking at >> draft-nottingham-http-new-status-03.txt, I wonder if it would be >> helpful to add some text in section 6 that mentions some of the ill >> effects of the method, and mentions or points to a few better >> alternative mechanisms for authorizing network access. > > >> >> -- >> Randall Gellens >> Opinions are personal; facts are suspect; I speak for myself only >> -------------- Randomly selected tag: --------------- >> Hofstadter's Law: >> It always takes longer than you expect, even when you take >> Hofstadter's Law into account. > > -- > Mark Nottingham > http://www.mnot.net/ > > > > > _______________________________________________ > apps-discuss mailing list > apps-discuss@ietf.org > https://www.ietf.org/mailman/listinfo/apps-discuss > _______________________________________________ > apps-discuss mailing list > apps-discuss@ietf.org > https://www.ietf.org/mailman/listinfo/apps-discuss > -- -- Yutaka OIWA, Ph.D. Research Scientist Research Center for Information Security (RCIS) National Institute of Advanced Industrial Science and Technology (AIST) Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp> OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D 3139 8677 9BD2 4405 46B5]
- [apps-discuss] Fwd: I-D Action: draft-nottingham-… Mark Nottingham
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Mykyta Yevstifeyev
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Mark Nottingham
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Julian Reschke
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mark Nottingham
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Randall Gellens
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mark Nottingham
- Re: [apps-discuss] I-D Action: draft-nottingham-h… TianLinyi
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Yutaka OIWA