Skip to main content

Acknowledgements

This specification takes over the definition of the "Basic" HTTP Authentication Scheme, previously defined in RFC 2617. We thank John Franks, Phillip M. Hallam-Baker, Jeffery L. Hostetler, Scott D. Lawrence, Paul J. Leach, Ari Luotonen, and Lawrence C. Stewart for their work on that specification, from which significant amounts of text were borrowed. See Section 6 of [RFC2617] for further acknowledgements.

The internationalization problem with respect to the character encoding scheme used for user-pass was reported as a Mozilla bug back in the year 2000 (see \`https://bugzilla.mozilla.org/show_bug.cgi?id=41489\```` and also the more recent `https://bugzilla.mozilla.org/show_bug.cgi?id=656213\````). It was Andrew Clover's idea to address it using a new auth-param.

We also thank the members of the HTTPAUTH Working Group and other reviewers, namely, Stephen Farrell, Roy Fielding, Daniel Kahn Gillmor, Tony Hansen, Bjoern Hoehrmann, Kari Hurtta, Amos Jeffries, Benjamin Kaduk, Michael Koeller, Eric Lawrence, Barry Leiba, James Manger, Alexey Melnikov, Kathleen Moriarty, Juergen Schoenwaelder, Yaron Sheffer, Meral Shirazipour, Michael Sweet, and Martin Thomson for feedback on this revision.

Last updated on