[Ietf-http-auth] Updating RFC 2617 (HTTP Digest) to use UTF-8

Martin Duerst duerst at it.aoyama.ac.jp
Mon Sep 25 18:56:24 PDT 2006 

I agree with Julian and Bjoern here: IN THEORY, RFC 2047
(http://www.ietf.org/rfc/rfc2047.txt) (except for iso-8859-1)
would apply, but:
- it's not a very good theory: outdated because based on a view
  that the Web is basically iso-8859-1, and difficult to implement
- practice is different
- IETF policy is different

Regards,    Martin.

At 09:48 06/09/26, Bjoern Hoehrmann wrote:
>* Julian Reschke wrote:
>>Jim Luther schrieb:
>>> While we're on this subject... In rfc2617 secction 3.2.1, it says:
>>> 
>>>> realm
>>>>      A string to be displayed to users so they know which username and
>>>>      password to use.
>>> 
>>> It would be also nice to define the encoding of the realm string so that 
>>> clients that display the realm to users can display it correctly. We've 
>>> seen realms from servers encoded UTF-8, ISO-8859-1, and with various 
>>> Windows encodings. There's no good way to guess which encoding to use 
>>> and so whatever is used is currently wrong on some servers.
>
>>I was thinking "should be UTF-8, of course". But doesn't really RFC2045 
>>apply here at least in theory?
>
>The realm-value is a quoted-string, and quoted-string is defined as
>
>       quoted-string  = ( <"> *(qdtext | quoted-pair ) <"> )
>       qdtext         = <any TEXT except <">>
>
>and TEXT is
>
>   The TEXT rule is only used for descriptive field contents and values
>   that are not intended to be interpreted by the message parser. Words
>   of *TEXT MAY contain characters from character sets other than ISO-
>   8859-1 [22] only when encoded according to the rules of RFC 2047
>   [14].
>
>       TEXT           = <any OCTET except CTLs,
>                        but including LWS>
>
>So you could use realm="=?utf-8?b?..." or its variants. As you say, in
>theory; I am unaware of any implementation that supports encoded words
>in HTTP headers..
>-- 
>Bj$B‹S(Bn H$B‹I(Brmann $B%-(B mailto:bjoern at hoehrmann.de $B%-(B http://bjoern.hoehrmann.de
>Weinh. Str. 22 $B%-(B Telefon: +49(0)621/4309674 $B%-(B http://www.bjoernsworld.de
>68309 Mannheim $B%-(B PGP Pub. KeyID: 0xA4357E78 $B%-(B http://www.websitedev.de/ 
>_______________________________________________
>Ietf-http-auth mailing list
>Ietf-http-auth at osafoundation.org
>http://lists.osafoundation.org/cgi-bin/mailman/listinfo/ietf-http-auth


#-#-#  Martin J. Du"rst, Assoc. Professor, Aoyama Gakuin University
#-#-#  http://www.sw.it.aoyama.ac.jp       mailto:duerst at it.aoyama.ac.jp

More information about the Ietf-http-auth mailing list