Re: still more Digest Authentication comments

>>HTTP already uses MIME-64 encoding for converting octects to characters;
>>I'd suggest that re-using the same encoding scheme would make sense
>>(since servers are likely to include the code already, and it's also
>>more compact that 4bits->1octect encoding).
>
>I agree. (and not just because its only a single line change in my code :-)
>
>MD5s are recognisable as base64 objects. Base16 is still appropriate for the
>likes of timestamps and such though since they are genuinely numbers
>rather than
>blocks of random bits.

I disagree.  I think the choice of base64 vs. base16 is purely arbitrary,
since the space savings is hardly significant.  John Franks has already
implemented Digest using base16 in his WN server.  Spyglass has already
implemented Digest using base16 in our client, which is shipping.  My
understanding is that Netscape has implemented Digest using base16 for a
future release of their server.

I see no compelling reason to change to base64.


--
Eric W. Sink, Senior Software Engineer --  eric@spyglass.com

        http://www.spyglass.com/~eric/home.htm

Received on Wednesday, 22 March 1995 12:26:14 UTC