W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2009

Re: Proposed RFC 2617 erratum, Re: Backwards definition of authentication header

From: Julian Reschke <julian.reschke@gmx.de>
Date: Tue, 15 Dec 2009 13:31:56 +0100
Message-ID: <4B2781BC.60200@gmx.de>
To: "Manger, James H" <James.H.Manger@team.telstra.com>
CC: Eran Hammer-Lahav <eran@hueniverse.com>, "HTTP Working Group (ietf-http-wg@w3.org)" <ietf-http-wg@w3.org>
Julian Reschke wrote:
> ...
> So, let's restart. What's broken in RFC 2617 is:
> 
>   credentials = auth-scheme #auth-param
> 
> because that ABNF does not allow basic credentials.
> 
> This one used to be in RFC 2068:
> 
>   credentials    = basic-credentials
>                  | auth-scheme #auth-param
> 
> which special cases "Basic", but does so incorrectly (because 
> basic-credentials doesn't contain the scheme name).
> 
> A fix for that (and *only* for that) would be:
> 
>   credentials = "Basic" basic-credentials
>               | auth-scheme #auth-param
> ...

So, last call: should I report this erratum? (I don't think I can update 
the bad one I already sent...)

Best regards, Julian
Received on Tuesday, 15 December 2009 12:32:40 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:14 GMT