- From: Larry Masinter <masinter@parc.xerox.com>
- Date: Mon, 21 Sep 1998 01:10:26 PDT
- To: paulle@microsoft.com
- Cc: http-wg@hplb.hpl.hp.com, Chris.Newman@innosoft.com
TEXT is inappropriate for user name and password, since:
# The TEXT rule is only used for descriptive field contents and values
# that are not intended to be interpreted by the message parser.
Whether or not it's typed, it's still a string that has to be parsed
and interpreted by the server.
The problem is that UTF-8 doesn't quite have a well-defined
'canonical' form yet, either, although one is being developed, the
canonicalization algorithm won't be at "draft standard". So you might
have two browsers that would enter the same user name with different
UTF-8 encodings, too.
And we're not normally requiring clients to implement UTF-8
transformations of user type-in at all so this will be a big problem.
On the other hand, it seems inappropriate to restrict user *names* to
US-ASCII. I wonder if we could change the BNF and description text
from "user name" and "username" to "user id", even if we leave
username = "username" "=" user-id
Larry
Received on Monday, 21 September 1998 01:14:24 UTC