- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Tue, 04 May 2010 08:57:45 +0200
- To: Adam Barth <ietf@adambarth.com>
- CC: Honza Bambas <hbambas@mozilla.com>, http-state@ietf.org, HTTP Working Group <ietf-http-wg@w3.org>
On 03.05.2010 23:12, Adam Barth wrote: > Hi Honza, > > Thanks for your message, but I think you might have meant to send it to > another mailing list. Perhaps ietf-http-wg@w3.org > <mailto:ietf-http-wg@w3.org>? This working group is about cookies, not > about HTTP authentication. > > Kind regards, > Adam > ... The HTTPbis WG isn't revising the scheme definitions of RFC 2617 (at this point); but of course it's fine to discuss auth related issues on that mailing list. This topic comes up every now and then (lately in Mozilla and Chromium bugs). As far as I understand, Basic authentication *could* be improved by adding a new auth-param, selecting a preferred encoding. In theory, this could be deployed in a backwards-compatible way; old clients will (well, should) just ignore it, new clients can switch to a different encoding. What's needed is a spec, plus volunteers to implement this in at least one server framework and a few UAs. Best regards, Julian
Received on Tuesday, 4 May 2010 06:58:39 UTC