IETF Logo Mail Archive

Re: [http-auth] Last Call: <draft-ietf-httpauth-basicauth-update-05.txt> (The 'Basic' HTTP Authentication Scheme) to Proposed Standard

Benjamin Kaduk <kaduk@MIT.EDU> Tue, 10 February 2015 21:36 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 181E31A6FE7 for <http-auth@ietfa.amsl.com>; Tue, 10 Feb 2015 13:36:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pKdEkuNZsZFp for <http-auth@ietfa.amsl.com>; Tue, 10 Feb 2015 13:36:24 -0800 (PST)
Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu [18.7.68.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D4991A1A2E for <http-auth@ietf.org>; Tue, 10 Feb 2015 13:36:24 -0800 (PST)
X-AuditID: 12074423-f79066d0000058b8-86-54da79d6fca0
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id DE.FB.22712.7D97AD45; Tue, 10 Feb 2015 16:36:23 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id t1ALaM5k013420; Tue, 10 Feb 2015 16:36:22 -0500
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t1ALaJ94024370 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 10 Feb 2015 16:36:20 -0500
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id t1ALaJFo016659; Tue, 10 Feb 2015 16:36:19 -0500 (EST)
Date: Tue, 10 Feb 2015 16:36:18 -0500
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: draft-ietf-httpauth-basicauth-update@tools.ietf.org
In-Reply-To: <20150205161049.4222.88369.idtracker@ietfa.amsl.com>
Message-ID: <alpine.GSO.1.10.1502101635030.3953@multics.mit.edu>
References: <20150205161049.4222.88369.idtracker@ietfa.amsl.com>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrPIsWRmVeSWpSXmKPExsUixG6nrnu98laIwd4tXBZbthxgsfiwfw6T A5PHkiU/mTy+XP7MFsAUxWWTkpqTWZZapG+XwJWx6ddZloJmjoq5zy4zNzAeYuti5OSQEDCR 2HZnOzuELSZx4d56oDgXh5DAYiaJXU9uskA4Gxklup4uZIdwDjFJvH58B6qsgVHiwL/7jCD9 LALaEpvOnQOz2QRUJGa+2Qi2Q0TAXGLDyZlgcWagHS+m/mcFaRYWmMgo8eLhfSaQBKeAo8T0 3atYQGxeAQeJluOvwY4SArLX9s0Bs0UFdCRW758CVSMocXLmExaIoVoSy6dvY5nAKDgLSWoW ktQCRqZVjLIpuVW6uYmZOcWpybrFyYl5ealFumZ6uZkleqkppZsYweHqoryD8c9BpUOMAhyM Sjy8BYk3Q4RYE8uKK3MPMUpyMCmJ8maV3QoR4kvKT6nMSCzOiC8qzUktPsQowcGsJMLrHw+U 401JrKxKLcqHSUlzsCiJ8276wRciJJCeWJKanZpakFoEk5Xh4FCS4LWuAGoULEpNT61Iy8wp QUgzcXCCDOcBGu5TDjK8uCAxtzgzHSJ/ilFRSpw3AqRZACSRUZoH1wtLJ68YxYFeEeaNB6ni AaYiuO5XQIOZgAYXFNwAGVySiJCSamA0qlJI4jj05t1ebpMLZ67k7HdgePZi6xq1qjP7f53r /tO8QnNF4Ou5P9llLhTN/5aj18et+zuuWq7jpP/3i7VX5ra82flk/m0N/T3aatOEk14zleT6 cwmqFV3Q/v9dsYLzae89L8GO7UbCb9zEbiWJzHz79bf4pJ9Bzn8e/kxg6o/zO/oz8IOZEktx RqKhFnNRcSIA5g24xQIDAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/http-auth/sbuA4oe4PdnyZTbByykxbRfShq8>
Cc: http-auth@ietf.org
Subject: Re: [http-auth] Last Call: <draft-ietf-httpauth-basicauth-update-05.txt> (The 'Basic' HTTP Authentication Scheme) to Proposed Standard
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Feb 2015 21:36:27 -0000

On Thu, 5 Feb 2015, The IESG wrote:

>
> The IESG has received a request from the Hypertext Transfer Protocol
> Authentication WG (httpauth) to consider the following document:
> - 'The 'Basic' HTTP Authentication Scheme'
>   <draft-ietf-httpauth-basicauth-update-05.txt> as Proposed Standard
>
> The IESG plans to make a decision in the next few weeks, and solicits
> final comments on this action. Please send substantive comments to the
> ietf@ietf.org mailing lists by 2015-02-19. Exceptionally, comments may be
> sent to iesg@ietf.org instead. In either case, please retain the
> beginning of the Subject line to allow automated sorting.
>
> Abstract
>
>
>    This document defines the "Basic" Hypertext Transfer Protocol (HTTP)
>    Authentication Scheme, which transmits credentials as userid/password
>    pairs, obfuscated by the use of Base64 encoding.

I forget if this was already mentioned, but "local-specific encoding" in
section 2 should probably use "locale" instead of "local".

-Ben

v2.23.0 | Report a Bug | By Email