W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2003

Re: RFC 2617 Authentication and character sets revisited

From: Yngve Nysaeter Pettersen <yngve@opera.com>
Date: Wed, 26 Nov 2003 19:46:44 +0100
To: Scott Lawrence <scott-http@skrb.org>, ietf-http-wg@w3.org
Cc: Adam Roach <adam@dynamicsoft.com>
Message-ID: <opry9c360bx6onhr@localhost>

On Wed, 26 Nov 2003 12:09:08 -0500, Scott Lawrence <scott-http@skrb.org> 
wrote:
>    The passwd value SHOULD be encoded using UTF-8 [ref] for input to
>    the hash.  The encoding of the passwd value was not specified by
>    [RFC 2616], so for backward compatibility, servers MAY also

RFC 2616 or FRC 2617?

>    calculate the A1 value using any convention used prior to this
>    specification.

I think this will resolve the situation about passwords in digest 
authentication.

Should similar language be added about the digest username as well? Or 
should the RFC 2047 encoding be required for the username?

-- 
Sincerely,
Yngve N. Pettersen

********************************************************************
Senior Developer		             Email: yngve@opera.com
Opera Software ASA                   http://www.opera.com/
Phone:  +47 24 16 42 60              Fax:    +47 24 16 40 01
********************************************************************
Received on Wednesday, 26 November 2003 13:45:12 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:25 GMT