Re: [Ietf-http-auth] Updating RFC 2617 (HTTP Digest) to use UTF-8

On 10/15/06, Ingo Struck <> wrote:
> Using such a metric would mean to drop usage of rfc 2616 / 2617
> completely (nearly any implementation out there is "broken" in
> the sense of complying to the rfc in some way or other.
> Especially the implementations of the prevalently used browsers
> out there are an utter mess -- I guess I do not have to specify
> the details here).

No, it's a feature by feature test. Basic works for some people some
of the time, and MD5-sess doesn't. The cause is irrelevant. It could
be that the spec is too difficult to implement, the spec is not worth
implementing, the specified protocol doesn't work at all, or that
browser engineers are dumb. It doesn't really matter--the document is
really old by now, and the workable parts are clear.


Robert Sayre

Received on Monday, 16 October 2006 08:52:03 UTC