W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2013

Re: WGLC issue: token68 in p7

From: Ken Murchison <murch@andrew.cmu.edu>
Date: Thu, 21 Mar 2013 10:42:34 -0400
Message-ID: <514B1C5A.7030605@andrew.cmu.edu>
To: "Manger, James H" <James.H.Manger@team.telstra.com>
CC: Bjoern Hoehrmann <derhoermi@gmx.net>, Julian Reschke <julian.reschke@gmx.de>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
At this point I agree with James, just leave it as is.

The auth scheme specs that use token68 (Basic, NTLM, Negotiate, Bearer) 
can further detail the content of token68 that is acceptable for the 
given scheme.

I withdraw my issue with token68 in p7.


Manger, James H wrote:
> Björn,
> 
> '=' is only allowed at the end to ensure the syntax is unambiguous.
> A token68 value can only be distinguished from an auth-param
> (token = (token / quoted-string)) due to this restriction.
> 
> Let's keep token68 as it is.
> 
> --
> James Manger
> 
>> -----Original Message-----
>> From: Bjoern Hoehrmann [mailto:derhoermi@gmx.net]
>> Sent: Wednesday, 20 March 2013 11:37 AM
>> To: Julian Reschke
>> Cc: Ken Murchison; ietf-http-wg@w3.org
>> Subject: Re: WGLC issue: token68 in p7
>>
>> * Julian Reschke wrote:
>>> On 2013-03-19 14:59, Ken Murchison wrote:
>>>> Since the ABNF for token68 appears to only use "=" as padding for
>>>> base64 and base32 encoding, I would suggest changing
>>>>
>>>> *"="
>>>>
>>>> to
>>>>
>>>> *6"="
>>>>
>>>> since base64 requires no more than 2 padding chars and base32
>>>> requires no more than 6.
>>>> ...
>>> We probably could. On the other hand, I'd like to avoid the impression
>>> that parsing per ABNF is sufficient to check validity of arguments;
>>> therefore, I'm reluctant to put even more information into the ABNF.
>> Since the exact number depends on the scheme, I see no reason to define
>> any maximum here, especially because they would have other constraints.
>> That said, right below the definition of token68 it would be useful to
>> have a reference to "Considerations for New Authentication Schemes" as
>> that explains why token68 exists (and I would probably allow the `=`
>> character anywhere in token68 instead of just the end if that is only
>> due to baseX constraints, precisely to avoid the impression that it is
>> baseX-specific rather than scheme-specific).
>> --
>> Björn Höhrmann · mailto:bjoern@hoehrmann.de ·
>> http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681
>> · http://www.bjoernsworld.de
>> 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
> 


-- 
Kenneth Murchison
Principal Systems Software Engineer
Carnegie Mellon University
Received on Thursday, 21 March 2013 14:43:15 GMT

This archive was generated by hypermail 2.3.1 : Thursday, 21 March 2013 14:43:17 GMT