Non 8859/1 in Basic Auth

Are non Latin1 characters allowed in Basic Auth. The spec is a little 
ambigous - HTTP 1.1 defines 

       basic-credentials = "Basic" SP basic-cookie
       basic-cookie   = <base64 [7] encoding of user-pass,
                        except not limited to 76 char/line>
       user-pass   = userid ":" password
       userid      = *<TEXT excluding ":">
       password    = *TEXT

Userids might be case sensitive.

where TEXT is formally defined as any octet, but with a caveat.

" Words of
*TEXT may contain characters from character sets other than ISO 8859-1
[22] only when encoded according to the rules of RFC 1522 [14].

       TEXT           = <any OCTET except CTLs,
                        but including LWS>

SinceBasic Auth is uuencoded there is no good reason to restrict it.


Tim Greenwood        Open Market Inc
617 679 0320

Received on Friday, 13 September 1996 15:28:48 UTC