W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1996

Rev81: CHANGE: Sect. 11.1 Basic Authentication

From: Dave Kristol <dmk@allegra.att.com>
Date: Fri, 31 May 96 12:39:51 EDT
Message-Id: <9605311639.AA16702@zp.tempo.att.com.tempo.att.com>
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Cc: dwmorris@netcom.com
David Morris, dwmorris@netcom.com, asked Jim Gettys:
  > The question for the experts is:  Is there some 
  > protocol reason that userid shouldn't be redefined as
  >  *(TEXTnotCOLON)?
  > 
  > If need be, I or my crew could survey a few more browsers to build the
  > case for current practice. I'll be happy to post a proposed edit to the
  > list if there isn't an obvious reason to not make the change.

I can't think of a *protocol* reason.  Furthermore, I suspect any
robust server is indifferent to what characters precede ':' (including
CTLs!).  That's certainly true of my server and, I think, NCSA and
Apache.

So the question is, what do clients do?  I would welcome David's survey
of current practice before endorsing the change, but I think it's a
reasonable one.

Meanwhile, I offer the following change proposal:

Change:
	userid = [ token ]
To:
	userid = *TEXTnocolon
	TEXTnocolon = <any OCTET except CTLs and ":",
			but including LWS>

Dave Kristol
Received on Friday, 31 May 1996 10:08:16 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:00 EDT