Re: [Ietf-http-auth] Updating RFC 2617 (HTTP Digest) to use UTF-8

• From: Martin Duerst <duerst@it.aoyama.ac.jp>
• Date: Tue, 26 Sep 2006 10:56:24 +0900
• To: Bjoern Hoehrmann <derhoermi@gmx.net>, Julian Reschke <julian.reschke@gmx.de>
• Cc: ietf-http-auth@osafoundation.org, ietf-http-wg@w3.org
• Message-Id: <6.0.0.20.2.20060926104807.073dc250@localhost>

I agree with Julian and Bjoern here: IN THEORY, RFC 2047
(http://www.ietf.org/rfc/rfc2047.txt) (except for iso-8859-1)
would apply, but:
- it's not a very good theory: outdated because based on a view
  that the Web is basically iso-8859-1, and difficult to implement
- practice is different
- IETF policy is different

Regards,    Martin.

At 09:48 06/09/26, Bjoern Hoehrmann wrote:
>* Julian Reschke wrote:
>>Jim Luther schrieb:
>>> While we're on this subject... In rfc2617 secction 3.2.1, it says:
>>> 
>>>> realm
>>>>      A string to be displayed to users so they know which username and
>>>>      password to use.
>>> 
>>> It would be also nice to define the encoding of the realm string so that 
>>> clients that display the realm to users can display it correctly. We've 
>>> seen realms from servers encoded UTF-8, ISO-8859-1, and with various 
>>> Windows encodings. There's no good way to guess which encoding to use 
>>> and so whatever is used is currently wrong on some servers.
>
>>I was thinking "should be UTF-8, of course". But doesn't really RFC2045 
>>apply here at least in theory?
>
>The realm-value is a quoted-string, and quoted-string is defined as
>
>       quoted-string  = ( <"> *(qdtext | quoted-pair ) <"> )
>       qdtext         = <any TEXT except <">>
>
>and TEXT is
>
>   The TEXT rule is only used for descriptive field contents and values
>   that are not intended to be interpreted by the message parser. Words
>   of *TEXT MAY contain characters from character sets other than ISO-
>   8859-1 [22] only when encoded according to the rules of RFC 2047
>   [14].
>
>       TEXT           = <any OCTET except CTLs,
>                        but including LWS>
>
>So you could use realm="=?utf-8?b?..." or its variants. As you say, in
>theory; I am unaware of any implementation that supports encoded words
>in HTTP headers..
>-- 
>Bj$B‹S(Bn H$B‹I(Brmann $B%-(B mailto:bjoern@hoehrmann.de $B%-(B http://bjoern.hoehrmann.de
>Weinh. Str. 22 $B%-(B Telefon: +49(0)621/4309674 $B%-(B http://www.bjoernsworld.de
>68309 Mannheim $B%-(B PGP Pub. KeyID: 0xA4357E78 $B%-(B http://www.websitedev.de/ 
>_______________________________________________
>Ietf-http-auth mailing list
>Ietf-http-auth@osafoundation.org
>http://lists.osafoundation.org/cgi-bin/mailman/listinfo/ietf-http-auth


#-#-#  Martin J. Du"rst, Assoc. Professor, Aoyama Gakuin University
#-#-#  http://www.sw.it.aoyama.ac.jp       mailto:duerst@it.aoyama.ac.jp     

Received on Tuesday, 26 September 2006 06:35:35 UTC