Re: [http-auth] Last Call: <draft-ietf-httpauth-basicauth-update-05.txt> (The 'Basic' HTTP Authentication Scheme) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Tue, Feb 10, 2015 at 4:59 PM, Julian Reschke <julian.reschke@xxxxxx> wrote:
On 2015-02-10 22:46, Bjoern Hoehrmann wrote:
* Julian Reschke wrote:
On 2015-02-10 20:57, Tony Hansen wrote:
On 2/6/15 1:43 AM, Julian Reschke wrote:
On 2015-02-05 23:49, Bjoern Hoehrmann wrote:
* The IESG wrote:
Abstract

    This document defines the "Basic" Hypertext Transfer Protocol (HTTP)
    Authentication Scheme, which transmits credentials as
userid/password
    pairs, obfuscated by the use of Base64 encoding.

How is the intent actually relevant here?

According to the Abstract the intent is obfuscation. If the intent is
not relevant, then the Abstract should not draw attention to it. That
is pretty much why I brought this up.

I don't see anything about intent here. It's simply a statement of facts.

With no hat on - 
I wouldn't call an encoding obfuscation either.  It looks like this text is specific to this draft and was not in RFC2617.  It doesn't really help anything IMO, could you instead just state that Base64 encoding is used?

Thanks,
Kathleen

Best regards, Julian


_______________________________________________
http-auth mailing list
http-auth@xxxxxxxx
https://www.ietf.org/mailman/listinfo/http-auth



--

Best regards,
Kathleen

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]