Re: [apps-discuss] I-D Action: draft-nottingham-http-new-status-02.txt

TianLinyi <tianlinyi@huawei.com> Mon, 14 November 2011 05:03 UTC

Return-Path: <tianlinyi@huawei.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5BFF11E81D5 for <apps-discuss@ietfa.amsl.com>; Sun, 13 Nov 2011 21:03:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.606
X-Spam-Level:
X-Spam-Status: No, score=-2.606 tagged_above=-999 required=5 tests=[AWL=3.994, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AFS7e-AJ+W+2 for <apps-discuss@ietfa.amsl.com>; Sun, 13 Nov 2011 21:03:51 -0800 (PST)
Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [119.145.14.64]) by ietfa.amsl.com (Postfix) with ESMTP id F297F11E81D3 for <apps-discuss@ietf.org>; Sun, 13 Nov 2011 21:03:50 -0800 (PST)
Received: from huawei.com (szxga05-in [172.24.2.49]) by szxga05-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LUM00E98WOQRR@szxga05-in.huawei.com> for apps-discuss@ietf.org; Mon, 14 Nov 2011 13:02:50 +0800 (CST)
Received: from szxrg02-dlp.huawei.com ([172.24.2.119]) by szxga05-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LUM004PPWONE1@szxga05-in.huawei.com> for apps-discuss@ietf.org; Mon, 14 Nov 2011 13:02:50 +0800 (CST)
Received: from szxeml206-edg.china.huawei.com ([172.24.2.119]) by szxrg02-dlp.huawei.com (MOS 4.1.9-GA) with ESMTP id AEY78906; Mon, 14 Nov 2011 13:02:48 +0800
Received: from SZXEML406-HUB.china.huawei.com (10.82.67.93) by szxeml206-edg.china.huawei.com (172.24.2.58) with Microsoft SMTP Server (TLS) id 14.1.323.3; Mon, 14 Nov 2011 13:02:46 +0800
Received: from SZXEML513-MBX.china.huawei.com ([169.254.8.59]) by szxeml406-hub.china.huawei.com ([10.82.67.93]) with mapi id 14.01.0323.003; Mon, 14 Nov 2011 13:02:41 +0800
Date: Mon, 14 Nov 2011 05:02:40 +0000
From: TianLinyi <tianlinyi@huawei.com>
In-reply-to: <C28A7D4D-607A-4969-9B6A-4CFCDDE0E845@mnot.net>
X-Originating-IP: [172.24.2.40]
To: Mark Nottingham <mnot@mnot.net>, Randall Gellens <rg+ietf@qualcomm.com>
Message-id: <3615F3CCD55F054395A882F51C6E5FDA181FFC67@szxeml513-mbx.china.huawei.com>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii
Content-language: zh-CN
Content-transfer-encoding: 7BIT
Accept-Language: zh-CN, en-US
Thread-topic: [apps-discuss] I-D Action: draft-nottingham-http-new-status-02.txt
Thread-index: AQHMontARCaQnFCFfUWvAeIRwf4ZNZWrzDsk
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
X-CFilter-Loop: Reflected
References: <20111018234005.22724.87290.idtracker@ietfa.amsl.com> <FEB7C839-4210-4CC9-BD1F-8A9C53790BD4@mnot.net> <p06240627cae62cecfbf0@[172.21.1.9]> <C28A7D4D-607A-4969-9B6A-4CFCDDE0E845@mnot.net>
Cc: Jan Algermissen <algermissen1971@me.com>, Apps Discuss <apps-discuss@ietf.org>, httpbis Group <ietf-http-wg@w3.org>
Subject: Re: [apps-discuss] I-D Action: draft-nottingham-http-new-status-02.txt
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2011 05:03:51 -0000

Hi, Mark

I am wondering the relationship betwen "511 Network Authentication Required" and " 401 Unauthorized". 401 is a general status code for requiring user authentication. However "requiring network access" may be part of the sementics of user authentication. How to clearly distinguish them?

In the description it mentioned the following sentence:
The response representation SHOULD indicate how to do this; e.g.,
   with an HTML form for submitting credentials.
However it is clear how to do this? Will it be leaving to implementation (e.g. the parameters included in the HTML form)?

Cheers,
Linyi

On 13/11/2011, at 8:33 PM, Randall Gellens wrote:

> In today's APPAREA/APPSWG session, Mark briefly talked about this
> draft, and when mentioning the 511 code, said that his intent was not
> to encourage captive portal interception as a technique for network
> access authorization or authentication, but rather to reduce the harm
> that such mechanisms cause.
>
> I agree with all these goals, but in looking at
> draft-nottingham-http-new-status-03.txt, I wonder if it would be
> helpful to add some text in section 6 that mentions some of the ill
> effects of the method, and mentions or points to a few better
> alternative mechanisms for authorizing network access.


>
> --
> Randall Gellens
> Opinions are personal;    facts are suspect;    I speak for myself only
> -------------- Randomly selected tag: ---------------
> Hofstadter's Law:
>   It always takes longer than you expect, even when you take
>   Hofstadter's Law into account.

--
Mark Nottingham
http://www.mnot.net/




_______________________________________________
apps-discuss mailing list
apps-discuss@ietf.org
https://www.ietf.org/mailman/listinfo/apps-discuss