- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Wed, 09 Dec 2009 18:49:19 +0100
- To: Eran Hammer-Lahav <eran@hueniverse.com>
- CC: "HTTP Working Group (ietf-http-wg@w3.org)" <ietf-http-wg@w3.org>
Eran Hammer-Lahav wrote: > >> -----Original Message----- >> From: Julian Reschke [mailto:julian.reschke@gmx.de] >> Sent: Wednesday, December 09, 2009 9:15 AM >> To: Eran Hammer-Lahav >> Cc: HTTP Working Group (ietf-http-wg@w3.org) >> Subject: Re: Proposed RFC 2617 erratum, Re: Backwards definition of >> authentication header >> >> Eran Hammer-Lahav wrote: >>>> OK, >>>> >>>> so let's report an erratum against RFC 2617 to get this on the record: >>>> >>>> -- snip -- >>>> Section 1.2, paragraph 4: >>>> OLD: >>>> >>>> challenge = auth-scheme 1*SP 1#auth-param >>>> >>>> NEW: >>>> >>>> credentials = basic-credentials | auth-scheme #auth-param >>> Don't you need the 1*SP in there? >>> >>> EHL >>> ... >> Not really, the "#" construct already allows leading linear white space >> (otherwise RFC 2068 would have been incorrect as well :-). > > Allows or requires it? Allows. You win. So, updated proposal: -- snip -- Section 1.2, paragraph 4: OLD: challenge = auth-scheme 1*SP 1#auth-param NEW: credentials = basic-credentials | auth-scheme 1*SP #auth-param Note: for historic reasons, the "Basic" authentication scheme (see Section 2) uses a different format, thus the special case in the ABNF. -- snip -- Thanks, Eran. Best regards, Julian
Received on Wednesday, 9 December 2009 17:50:03 UTC