> The only statement on reauthentication in the RFC is the following:
So the RFC language permits either an a priori 482 return or a
re-authentication.
> I chose to implement the specified behavior,
> because that's what is discussed in the RFC.
Is there any additional language that refers to a prefered solution, or to
any additional semantics for re-authentication? Without the RFC specifying
a preference, or common practice if the RFC is neutral, I don't particularly
care which optional behavior is manifested in the code, so long as it works.
Do anyone else? Harmeet seems to have a preference.
> This is a MAY, not a MUST, so it is indeed optional.
I generally find that MAY is used to specify minimally required behavior,
when alternatives are more complex and not universally necessary.
> Note that this is not a regression.
We know.
--- Noel
--
To unsubscribe, e-mail: <mailto:james-dev-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:james-dev-help@;jakarta.apache.org>
