- From: Alexey Melnikov <alexey.melnikov@isode.com>
- Date: Wed, 13 Jun 2007 11:19:53 +0100
- To: Julian Reschke <julian.reschke@gmx.de>
- CC: HTTP Working Group <ietf-http-wg@w3.org>
Julian Reschke wrote:
>
> Hi,
>
> <http://tools.ietf.org/html/rfc2617#section-2> says:
>
> To receive authorization, the client sends the userid and password,
> separated by a single colon (":") character, within a base64 [7]
> encoded string in the credentials.
>
> ...where [7] is a reference to RFC2396 (URI), which IMHO doesn't say
> anything about base64.
>
> Going back to <http://tools.ietf.org/html/rfc2068#section-11.1>, which
> said:
>
> To receive authorization, the client sends the userid and password,
> separated by a single colon (":") character, within a base64 encoded
> string in the credentials.
>
> ...which looks as if the reference was lost there.
>
> Going even further back to
> <http://tools.ietf.org/html/rfc1945#section-11.1>, which said:
>
> To receive authorization, the client sends the user-ID and password,
> separated by a single colon (":") character, within a base64 [5]
> encoded string in the credentials.
>
> Here, [5] refers to RFC1521.
>
> Thus, RFC2617 should be saying:
>
> To receive authorization, the client sends the userid and password,
> separated by a single colon (":") character, within a base64 [4]
> encoded string in the credentials.
>
> ...where [4] refers to RFC2045, which obsoleted RFC1521 later on.
I think this should reference RFC 4648, section 4 instead.
Received on Wednesday, 13 June 2007 13:50:48 UTC