- From: Stefan Eissing <stefan.eissing@greenbytes.de>
- Date: Tue, 26 Sep 2006 09:42:08 +0200
- To: Stefan Eissing <stefan.eissing@greenbytes.de>
- Cc: Martin Duerst <duerst@it.aoyama.ac.jp>, ietf-http-auth@osafoundation.org, ietf-http-wg@w3.org
Am 26.09.2006 um 09:39 schrieb Stefan Eissing: > > Am 26.09.2006 um 03:56 schrieb Martin Duerst: > >> >> I agree with Julian and Bjoern here: IN THEORY, RFC 2047 >> (http://www.ietf.org/rfc/rfc2047.txt) (except for iso-8859-1) >> would apply, but: >> - it's not a very good theory: outdated because based on a view >> that the Web is basically iso-8859-1, and difficult to implement >> - practice is different >> - IETF policy is different > > For interoperability, the encoding of usernames and passwords seems > to be most interesting. If the encoding of the realm is > misunderstood by the client (in a deterministic way) then interop > could still be achieved, right? To answer myself: not in digest authentication, stupid. //Stefan > //Stefan > >> Regards, Martin. >> >> At 09:48 06/09/26, Bjoern Hoehrmann wrote: >>> * Julian Reschke wrote: >>>> Jim Luther schrieb: >>>>> While we're on this subject... In rfc2617 secction 3.2.1, it says: >>>>> >>>>>> realm >>>>>> A string to be displayed to users so they know which >>>>>> username and >>>>>> password to use. >>>>> >>>>> It would be also nice to define the encoding of the realm >>>>> string so that >>>>> clients that display the realm to users can display it >>>>> correctly. We've >>>>> seen realms from servers encoded UTF-8, ISO-8859-1, and with >>>>> various >>>>> Windows encodings. There's no good way to guess which encoding >>>>> to use >>>>> and so whatever is used is currently wrong on some servers. >>> >>>> I was thinking "should be UTF-8, of course". But doesn't really >>>> RFC2045 >>>> apply here at least in theory? >>> >>> The realm-value is a quoted-string, and quoted-string is defined as >>> >>> quoted-string = ( <"> *(qdtext | quoted-pair ) <"> ) >>> qdtext = <any TEXT except <">> >>> >>> and TEXT is >>> >>> The TEXT rule is only used for descriptive field contents and >>> values >>> that are not intended to be interpreted by the message parser. >>> Words >>> of *TEXT MAY contain characters from character sets other than >>> ISO- >>> 8859-1 [22] only when encoded according to the rules of RFC 2047 >>> [14]. >>> >>> TEXT = <any OCTET except CTLs, >>> but including LWS> >>> >>> So you could use realm="=?utf-8?b?..." or its variants. As you >>> say, in >>> theory; I am unaware of any implementation that supports encoded >>> words >>> in HTTP headers.. >>> -- >>> Bj�n H�rmann キ mailto:bjoern@hoehrmann.de キ http:// >>> bjoern.hoehrmann.de >>> Weinh. Str. 22 キ Telefon: +49(0)621/4309674 キ http:// >>> www.bjoernsworld.de >>> 68309 Mannheim キ PGP Pub. KeyID: 0xA4357E78 キ http:// >>> www.websitedev.de/ >>> _______________________________________________ >>> Ietf-http-auth mailing list >>> Ietf-http-auth@osafoundation.org >>> http://lists.osafoundation.org/cgi-bin/mailman/listinfo/ietf-http- >>> auth >> >> >> #-#-# Martin J. Du"rst, Assoc. Professor, Aoyama Gakuin University >> #-#-# http://www.sw.it.aoyama.ac.jp >> mailto:duerst@it.aoyama.ac.jp >> >> > > _______________________________________________ > Ietf-http-auth mailing list > Ietf-http-auth@osafoundation.org > http://lists.osafoundation.org/cgi-bin/mailman/listinfo/ietf-http-auth
Received on Tuesday, 26 September 2006 07:42:17 UTC