W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2022

Re: [Privacy-pass] Working Group Last Call for the Privacy Pass HTTP Authentication Scheme

From: Julian Reschke <julian.reschke@gmx.de>
Date: Fri, 28 Oct 2022 15:56:45 +0200
Message-ID: <89c51a1f-c474-48c4-7fca-8e31d0f62187@gmx.de>
To: ietf-http-wg@w3.org
On 28.10.2022 06:00, Tommy Pauly wrote:
> Hi HTTP WG,
>
> The Privacy Pass WG placed its HTTP authentication scheme document in
> last call. As a co-author of that document, I’d appreciate if people in
> this group could also review the document during this time!
>
> Best,
> Tommy

Just a few quick observations:

1. HTTP auth nowadays is defined in RFC 9110.

2. auth parameters are token or quoted-string. If you use base64-url
encoding with "=" for padding, the token variant would not work, thus
the abbreviated examples are extremely misleading (might be good to
insert complete message examples...).

Best regards, Julian
Received on Friday, 28 October 2022 13:57:00 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:44:08 UTC