Re: Rev81: CHANGE: Sect. 11.1 Basic Authentication

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Larry Masinter: "revision of "content coding" and "advise to RFC Editor""
• Previous message: jg@w3.org: "Re: Section 4.2 :determining length"
• In reply to: Dave Kristol: "Rev81: CHANGE: Sect. 11.1 Basic Authentication"

On Fri, 31 May 1996, Dave Kristol wrote:

> David Morris, dwmorris@netcom.com, asked Jim Gettys:
>   > The question for the experts is:  Is there some 
>   > protocol reason that userid shouldn't be redefined as
>   >  *(TEXTnotCOLON)?
>   > 
>   > If need be, I or my crew could survey a few more browsers to build the
>   > case for current practice. I'll be happy to post a proposed edit to the
>   > list if there isn't an obvious reason to not make the change.
> 
> I can't think of a *protocol* reason.  Furthermore, I suspect any
> robust server is indifferent to what characters precede ':' (including
> CTLs!).  That's certainly true of my server and, I think, NCSA and
> Apache.
> 
> So the question is, what do clients do?  I would welcome David's survey
> of current practice before endorsing the change, but I think it's a
> reasonable one.

OK, I have now also tried UNIX/Mosaic 2.74b and MS InternetExp 2.0
and both also accept blanks, etc. I didn't check these, but
I discovered Netscape 2.xx even allows a ":" in the name field.
Perhaps not really a problem since the server is either going to
accept the uid/pw or reject it.

Dave Morris

• Next message: Larry Masinter: "revision of "content coding" and "advise to RFC Editor""
• Previous message: jg@w3.org: "Re: Section 4.2 :determining length"
• In reply to: Dave Kristol: "Rev81: CHANGE: Sect. 11.1 Basic Authentication"