* Alexey Melnikov wrote: >On 05/02/2015 22:49, Bjoern Hoehrmann wrote: > [snip] >> The realm value is an opaque string >> which can only be compared for equality with other realms on that >> server. >> >> RFC 7235 says "The realm value is a string, generally assigned by the >> origin server, that can have additional semantics specific to the >> authentication scheme." This seems contradictory (perhaps the intent is >> to say that for the particular case of Basic, the realm value is opaque >> in contrast to other schemes where it might not be opaque, but that is >> not clear from the text) and misleading (users make decisions based on >> the string, which often contains human readable text, so it's not really >> opaque to them). > >I think it is opaque to clients and servers, so they shouldn't try to >parse it. A better phrase would be something like "free-form text". -- Björn Höhrmann · mailto:bjoern@xxxxxxxxxxxx · http://bjoern.hoehrmann.de D-10243 Berlin · PGP Pub. KeyID: 0xA4357E78 · http://www.bjoernsworld.de Available for hire in Berlin (early 2015) · http://www.websitedev.de/