- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Thu, 07 Jun 2007 20:14:17 +0200
- To: HTTP Working Group <ietf-http-wg@w3.org>
Hi,
<http://tools.ietf.org/html/rfc2617#section-2> says:
To receive authorization, the client sends the userid and password,
separated by a single colon (":") character, within a base64 [7]
encoded string in the credentials.
...where [7] is a reference to RFC2396 (URI), which IMHO doesn't say
anything about base64.
Going back to <http://tools.ietf.org/html/rfc2068#section-11.1>, which said:
To receive authorization, the client sends the userid and password,
separated by a single colon (":") character, within a base64 encoded
string in the credentials.
...which looks as if the reference was lost there.
Going even further back to
<http://tools.ietf.org/html/rfc1945#section-11.1>, which said:
To receive authorization, the client sends the user-ID and password,
separated by a single colon (":") character, within a base64 [5]
encoded string in the credentials.
Here, [5] refers to RFC1521.
Thus, RFC2617 should be saying:
To receive authorization, the client sends the userid and password,
separated by a single colon (":") character, within a base64 [4]
encoded string in the credentials.
...where [4] refers to RFC2045, which obsoleted RFC1521 later on.
Best regards, Julian
Received on Thursday, 7 June 2007 18:14:32 UTC