W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2013

Re: WGLC issue: token68 in p7

From: Ken Murchison <murch@andrew.cmu.edu>
Date: Thu, 21 Mar 2013 07:42:42 -0400
Message-ID: <514AF232.1070206@andrew.cmu.edu>
To: Julian Reschke <julian.reschke@gmx.de>
CC: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Julian Reschke wrote:
> On 2013-03-20 01:46, Manger, James H wrote:
>> Björn,
>>
>> '=' is only allowed at the end to ensure the syntax is unambiguous.
>> A token68 value can only be distinguished from an auth-param
>> (token = (token / quoted-string)) due to this restriction.
>>
>> Let's keep token68 as it is.
>>
>> -- 
>> James Manger
>> ...
> 
> As far as I can tell, if a given scheme always uses token68 (such as the 
> Basic credentials), it's not necessary to be able to distinguish.
> 
> We added token68 for "Basic". Basic only needs token68 for credentials. 
> Can somebody recall why we added it for challenges as well?

It looks like Bearer is the scheme that screwed this up by using chars 
outside of the base64 alphabet.

-- 
Kenneth Murchison
Principal Systems Software Engineer
Carnegie Mellon University
Received on Thursday, 21 March 2013 11:43:16 GMT

This archive was generated by hypermail 2.3.1 : Thursday, 21 March 2013 11:43:17 GMT