- From: Eran Hammer-Lahav <eran@hueniverse.com>
- Date: Fri, 4 Dec 2009 10:22:19 -0700
- To: Thomas Maslen <Thomas.Maslen@quest.com>, Julian Reschke <julian.reschke@gmx.de>
- CC: "HTTP Working Group (ietf-http-wg@w3.org)" <ietf-http-wg@w3.org>
Is there a list somewhere of all existing HTTP auth schemes and their specifications? EHL > -----Original Message----- > From: Thomas Maslen [mailto:Thomas.Maslen@quest.com] > Sent: Friday, December 04, 2009 9:04 AM > To: Eran Hammer-Lahav; Julian Reschke > Cc: HTTP Working Group (ietf-http-wg@w3.org) > Subject: RE: Backwards definition of authentication header > > [...] > >> Is there anything *except* for the broken ABNF with respect to Basic > >> that makes you think the definition isn't binding? > > > > No. But since Basic is 50% of 2617, it is a pretty big exception... > > :-) > > For what it's worth, the "Negotiate" and :"NTLM" auth schemes are like Basic > inasmuch as they just have the scheme name followed by a Base64 blob. > > (Perhaps schemes such as Digest that actually satisfy the ABNF are in the > minority?)
Received on Friday, 4 December 2009 17:22:39 UTC