Re: [Ietf-http-auth] Updating RFC 2617 (HTTP Digest) to use UTF-8

On 9/25/06, Lisa Dusseault <> wrote:
> I agree it would be good to update RFC2617.  Is anybody going to take
> a stab at it?

As a data point, Mozilla always uses a lossy UTF16-to-ASCII conversion
for Basic [1] and always uses UTF-8 for Digest [2]. Both
implementations date from 2001. We have no bugs filed on Digest
authentication charsets, and one bug on Basic that's been filed
several times.[3]

I don't think a 2617 update is a good use of time, but I will update
our networking code in the event an update is completed. MD5-sess is
essentially unused. An update should drop it.



Robert Sayre

Received on Sunday, 15 October 2006 01:53:30 UTC