IETF Logo Mail Archive

Re: [http-auth] Working Group Last Call for draft-ietf-httpauth-basicauth-update-03.txt

Yoav Nir <ynir.ietf@gmail.com> Wed, 03 December 2014 19:43 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 599881A8A59 for <http-auth@ietfa.amsl.com>; Wed, 3 Dec 2014 11:43:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F6IFQOJCSTCW for <http-auth@ietfa.amsl.com>; Wed, 3 Dec 2014 11:43:17 -0800 (PST)
Received: from mail-wg0-x232.google.com (mail-wg0-x232.google.com [IPv6:2a00:1450:400c:c00::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43E171A90D8 for <http-auth@ietf.org>; Wed, 3 Dec 2014 11:43:15 -0800 (PST)
Received: by mail-wg0-f50.google.com with SMTP id k14so20601287wgh.23 for <http-auth@ietf.org>; Wed, 03 Dec 2014 11:43:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=E4E4FkW9X1TWZtPAfpYNUO4pyoGGCbOFnaGy3k9z/8g=; b=NYyeEV21ipQCY2oqRephw+MBdpbh8Tb4txa0Lw9gYoBAZXoInCGa+lbs2evieNzod1 NbKDSfWEIBcL0IVzgiq5fiIAhhwoLuufzPQChhrC6QeVBJROn/TmU7YZdCFXyp96Ja04 nAkcXRlVrJP/weEAIOv7fE455tKaC2my6k9YfoXmrjm6E4pzzcOy0EpkeiO5R8GzRqCq pmtXmqcRZ+9yQkIyuOiz+XVNo9GHlIyiTknVtmci/7buxOZ6H15RaLs2UIntp0Y9fzmW od448QVyGJY8eOiWiaZqjuI69qb4afVylFLjB1NA4XPk/UQP5DMGYPGDUrLfUOf6Gfbd QYXQ==
X-Received: by 10.180.73.108 with SMTP id k12mr6691533wiv.24.1417635794121; Wed, 03 Dec 2014 11:43:14 -0800 (PST)
Received: from [192.168.1.104] (IGLD-84-229-24-231.inter.net.il. [84.229.24.231]) by mx.google.com with ESMTPSA id j9sm5511184wjb.38.2014.12.03.11.43.13 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 03 Dec 2014 11:43:13 -0800 (PST)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <547F61B3.5020206@gmx.de>
Date: Wed, 03 Dec 2014 21:43:11 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <0506394F-FF36-4A8B-BD32-7F75718A3F35@gmail.com>
References: <20141202111608.27803.85751.idtracker@ietfa.amsl.com> <60D2DF51-5CD9-4A55-8031-4F974C0F8DF9@gmail.com> <61D95DD7-42F3-4483-8C72-E29C16180C56@apple.com> <547F3958.4020005@gmx.de> <1EB23215-FEFE-48D1-B634-04E6485A899F@apple.com> <547F468A.2000209@gmx.de> <85038266-014D-4528-A7AF-2201AB146835@gmail.com> <547F61B3.5020206@gmx.de>
To: Julian Reschke <julian.reschke@gmx.de>
X-Mailer: Apple Mail (2.1993)
Archived-At: http://mailarchive.ietf.org/arch/msg/http-auth/A-H2khUOq71McYADqXUYTksOZ7U
Cc: IETF HTTP Auth <http-auth@ietf.org>
Subject: Re: [http-auth] Working Group Last Call for draft-ietf-httpauth-basicauth-update-03.txt
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Dec 2014 19:43:18 -0000

> On Dec 3, 2014, at 9:17 PM, Julian Reschke <julian.reschke@gmx.de> wrote:
> 
> On 2014-12-03 20:05, Yoav Nir wrote:
>> [no hats]
>> 
>> Sure we can. This is a new specification. Some implementations will keep implementing the old, obsolete spec. This is no different from clients and servers continuing to use TLS 1.0 and 1.1 now that 1.2 has obsoleted them.
> 
> It's certainly very different from the way httpbis has revised RFC 2616, and my assumption was that we're doing the same thing here.

So for those servers that don’t send the charset parameter, what is changed from RFC 2616?

v2.23.0 | Report a Bug | By Email