- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Mon, 06 Feb 2012 19:28:57 +0100
- To: Henrik Nordström <henrik@henriknordstrom.net>
- CC: Willy Tarreau <w@1wt.eu>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
On 2012-02-06 19:02, Henrik Nordström wrote: > mån 2012-02-06 klockan 10:07 +0100 skrev Julian Reschke: > >> It doesn't affect Basic auth at all, because Basic uses plain-ASCII (so >> the encoding happens on a different layer). > > True. But it does affect Digest auth, and can't be recoded there without > breaking the digest. Plus that browsers vary greatly in what encoding > they use within basic auth before base64-encoding so in a sense it does > affect basic auth as well. I agree that Basic auth has a problem, but it's not going to be fixed by changing the encoding default for field values. See <http://greenbytes.de/tech/webdav/draft-reschke-basicauth-enc-latest.html>. Best regards, Julian
Received on Monday, 6 February 2012 19:29:29 UTC