W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2008

Re: PROPOSAL: i74: Encoding for non-ASCII headers

From: Stefan Eissing <stefan.eissing@greenbytes.de>
Date: Fri, 28 Mar 2008 16:09:10 +0100
Message-Id: <F9E38343-AEC1-439C-A53A-A7A92F9C8F7D@greenbytes.de>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
To: Jamie Lokier <jamie@shareable.org>


Am 28.03.2008 um 15:17 schrieb Jamie Lokier:
> Stefan Eissing wrote:
>> You are correct that the information would still be there. And it is
>> tempting to shoot for UTF-8.
> ...
>> And everyone will keep their fingers crossed
>> that they do not encounter an intermediary that makes some "security
>> filtering" on HTTP headers and screws it up.
>
> I'm thinking the same applies to RFC2047, if that becomes actually
> implemented in practice (it currently isn't).
>
> Surely the security issues with RFC2047 decoding among different
> implementations are _much_ more likely than those of binary UTF-8?

I totally agree with you here. We just seem to differ on the question  
if it is worthwhile to introduce UTF-8 headers or go back to ASCII  
and go the AtomPub "Slug" header way.

//Stefan

--
<green/>bytes GmbH, Hafenweg 16, D-48155 Münster, Germany
Amtsgericht Münster: HRB5782
Received on Friday, 28 March 2008 15:09:56 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:37 GMT