Jeffrey M Vinocur <jeff at litech.org> writes: > Which raises a followup question. > Is the server permitted to return 480 to a client that has already > authenticated? No, I think 502 is the right return code at that point. -- Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>