W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1996

Re: Rev81: CHANGE: Sect. 11.1 Basic Authentication

From: barili systems limited <dwmorris@netcom.com>
Date: Fri, 31 May 1996 21:39:10 -0700 (PDT)
To: Dave Kristol <dmk@allegra.att.com>
Cc: dwm@shell.portal.com, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <Pine.3.89.9605312116.A27538-0100000@netcom>


On Fri, 31 May 1996, Dave Kristol wrote:

> David Morris, dwmorris@netcom.com, asked Jim Gettys:
>   > The question for the experts is:  Is there some 
>   > protocol reason that userid shouldn't be redefined as
>   >  *(TEXTnotCOLON)?
>   > 
>   > If need be, I or my crew could survey a few more browsers to build the
>   > case for current practice. I'll be happy to post a proposed edit to the
>   > list if there isn't an obvious reason to not make the change.
> 
> I can't think of a *protocol* reason.  Furthermore, I suspect any
> robust server is indifferent to what characters precede ':' (including
> CTLs!).  That's certainly true of my server and, I think, NCSA and
> Apache.
> 
> So the question is, what do clients do?  I would welcome David's survey
> of current practice before endorsing the change, but I think it's a
> reasonable one.

OK, I have now also tried UNIX/Mosaic 2.74b and MS InternetExp 2.0
and both also accept blanks, etc. I didn't check these, but
I discovered Netscape 2.xx even allows a ":" in the name field.
Perhaps not really a problem since the server is either going to
accept the uid/pw or reject it.

Dave Morris
Received on Friday, 31 May 1996 21:43:59 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:01 EDT