W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1998

authentication-02: digest-challenge order

From: Dave Kristol <dmk@research.bell-labs.com>
Date: Thu, 20 Aug 1998 15:00:48 -0400 (EDT)
Message-Id: <199808201900.PAA24827@aleatory.research.bell-labs.com>
To: http-wg@hplb.hpl.hp.com
     digest-challenge  = 1#( realm | [ domain ] | nonce |
                         [ opaque ] |[ stale ] | [ algorithm ] |
                         [ qop-options ] | [auth-param] )

I'm just a tad nervous that an implementor might assume that "realm"
will be the first auth-param in a digest-challenge, based on

- analogy to Basic (which has only one auth-param)
- the fact that "realm" is listed first in the syntax

Is it worth adding a note that the syntax for digest-challenge allows
the auth-param's to appear in any order?  There other places in this
spec. where we say, in effect, "don't be stupid", so there is precedent.

Dave Kristol
Received on Thursday, 20 August 1998 12:03:40 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:20 EDT