Re: Proposed RFC 2617 erratum, Re: Backwards definition of authentication header from Julian Reschke on 2009-12-09 (ietf-http-wg@w3.org from October to December 2009)

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 09 Dec 2009 18:49:19 +0100
To: Eran Hammer-Lahav <eran@hueniverse.com>
CC: "HTTP Working Group (ietf-http-wg@w3.org)" <ietf-http-wg@w3.org>
Message-ID: <4B1FE31F.8030909@gmx.de>

Eran Hammer-Lahav wrote:
> 
>> -----Original Message-----
>> From: Julian Reschke [mailto:julian.reschke@gmx.de]
>> Sent: Wednesday, December 09, 2009 9:15 AM
>> To: Eran Hammer-Lahav
>> Cc: HTTP Working Group (ietf-http-wg@w3.org)
>> Subject: Re: Proposed RFC 2617 erratum, Re: Backwards definition of
>> authentication header
>>
>> Eran Hammer-Lahav wrote:
>>>> OK,
>>>>
>>>> so let's report an erratum against RFC 2617 to get this on the record:
>>>>
>>>> -- snip --
>>>> Section 1.2, paragraph 4:
>>>> OLD:
>>>>
>>>>         challenge   = auth-scheme 1*SP 1#auth-param
>>>>
>>>> NEW:
>>>>
>>>>         credentials = basic-credentials | auth-scheme #auth-param
>>> Don't you need the 1*SP in there?
>>>
>>> EHL
>>> ...
>> Not really, the "#" construct already allows leading linear white space
>> (otherwise RFC 2068 would have been incorrect as well :-).
> 
> Allows or requires it?

Allows. You win.

So, updated proposal:

-- snip --
Section 1.2, paragraph 4:
OLD:

        challenge   = auth-scheme 1*SP 1#auth-param

NEW:

        credentials = basic-credentials | auth-scheme 1*SP #auth-param

     Note: for historic reasons, the "Basic" authentication scheme (see
     Section 2) uses a different format, thus the special case in the
     ABNF.

-- snip --

Thanks, Eran.

Best regards, Julian

Received on Wednesday, 9 December 2009 17:50:03 UTC