Re: #487 Resubmission of 403
"Adrien W. de Croy" <adrien@qbik.com> Mon, 01 July 2013 23:22 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8CC611E82E2 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 1 Jul 2013 16:22:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n+4+F03uDVff for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 1 Jul 2013 16:22:49 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id ED18011E82D7 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 1 Jul 2013 16:22:48 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UtnPM-0003hz-Ud for ietf-http-wg-dist@listhub.w3.org; Mon, 01 Jul 2013 23:21:20 +0000
Resent-Date: Mon, 01 Jul 2013 23:21:20 +0000
Resent-Message-Id: <E1UtnPM-0003hz-Ud@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <adrien@qbik.com>) id 1UtnPH-0003hK-EA for ietf-http-wg@listhub.w3.org; Mon, 01 Jul 2013 23:21:15 +0000
Received: from smtp.qbik.com ([210.55.214.35]) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <adrien@qbik.com>) id 1UtnPE-0004qy-9e for ietf-http-wg@w3.org; Mon, 01 Jul 2013 23:21:15 +0000
Received: From SCREECH.qbik.local (unverified [192.168.0.4]) by SMTP Server [192.168.0.1] (WinGate SMTP Receiver v8.0.0 (Build 4582)) with SMTP id <0019759163@smtp.qbik.com>; Tue, 02 Jul 2013 11:20:43 +1200
Received: From [192.168.0.23] (unverified [192.168.0.23]) by SMTP Server [192.168.0.4] (WinGate SMTP Receiver v8.0.0 (Build 4582)) with SMTP id <0000238996@SCREECH.qbik.local>; Tue, 02 Jul 2013 11:20:42 +1200
From: "Adrien W. de Croy" <adrien@qbik.com>
To: Julian Reschke <julian.reschke@gmx.de>, "Roy T. Fielding" <fielding@gbiv.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Date: Mon, 01 Jul 2013 23:20:42 +0000
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; format="flowed"; charset="utf-8"
In-Reply-To: <51D1E1EE.7020903@gmx.de>
Message-Id: <em8706c24f-a8eb-43a3-bc95-332a608b2594@bodybag>
Mime-Version: 1.0
Reply-To: "Adrien W. de Croy" <adrien@qbik.com>
User-Agent: eM_Client/5.0.18025.0
Received-SPF: pass client-ip=210.55.214.35; envelope-from=adrien@qbik.com; helo=smtp.qbik.com
X-W3C-Hub-Spam-Status: No, score=-4.4
X-W3C-Hub-Spam-Report: AWL=-2.488, BAYES_00=-1.9, RP_MATCHES_RCVD=-0.009, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1UtnPE-0004qy-9e 4f10badb73357b3034b267d53194dd3f
X-Original-To: ietf-http-wg@w3.org
Subject: Re: #487 Resubmission of 403
Archived-At: <http://www.w3.org/mid/em8706c24f-a8eb-43a3-bc95-332a608b2594@bodybag>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18469
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
------ Original Message ------ From: "Julian Reschke" <julian.reschke@gmx.de> To: "Roy T. Fielding" <fielding@gbiv.com> Cc: "HTTP Working Group" <ietf-http-wg@w3.org> Sent: 2/07/2013 8:09:18 a.m. Subject: Re: #487 Resubmission of 403 >On 2013-07-01 19:36, Roy T. Fielding wrote: >> >>On Jun 30, 2013, at 9:17 AM, Julian Reschke wrote: >> >>>On 2013-06-20 17:54, Julian Reschke wrote: >>>> >>>>"If authentication credentials were provided in the request, the >>>>server >>>>considers them insufficient to grant access." >>>> >>>>This implies that *if* credentials have been provided, and the >>>>result is >>>>403, it's due to the credentials. >> >>No, it does not. Such a conclusion is not supportable by logic or >>English, and certainly not in programming languages, so I see no >>reason for a change here. Read the entire paragraph. > > ... > >I did, and I still think it's misleading. Again: If it helps, the way I read it is that the clause doesn't try to provide any insight into how the client may determine if the problem is a credential one or not, except by referring to the payload of the 403. * since it's a 403, the server wasn't prepared to grant access * if it had creds, and yet still got a 403 response, therefore the creds were not enough to change the server's mind * therefore the client shouldn't just try reusing the same creds, since they were insufficient * the client has the option to try with different creds * even new creds may not work, since it may not even be a credential issue The "new or different" is a bit of a distraction IMO. New = different. So it should just be "The client MAY repeat the request with different credentials" Adrien > >"If authentication credentials were provided in the request, the server >considers them insufficient to grant access. The client SHOULD NOT >repeat the request with the same credentials. The client MAY repeat the >request with new or different credentials. However, a request might be >forbidden for reasons unrelated to the credentials." > >So how does the client find out whether the credentials or something >else caused the problem? In the first case, we say it SHOULD NOT repeat >the request with the same credentials, in the second case we leave it >somehow open. > >Best regards, Julian > > >
- #487 Resubmission of 403 Julian Reschke
- Re: #487 Resubmission of 403 Julian Reschke
- Re: #487 Resubmission of 403 Julian Reschke
- Re: #487 Resubmission of 403 Roy T. Fielding
- Re: #487 Resubmission of 403 Adrien W. de Croy