On Sat, 22 Apr 2006, [ISO-8859-2] Asia G?siewska wrote:
during digest- response. After reading RFC2831 I just don' t understand
this part:
passwd = *OCTET
The "username-value", "realm-value" and "passwd" are encoded
according to the value of the "charset" directive. If "charset=UTF-8"
is present, and all the characters of either "username-value" or
"passwd" are in the ISO 8859-1 character set, then it must be
converted to ISO 8859-1 before being hashed.
What does it mean *OCTET
'*OCTET' - as many octets (bytes, 8 bits) as required for the password.
and should I change everything everytime to iso
8859-1 ?
The whole reference to ISO 8859-1 is to maintain compatibility with HTTP.
The way it works is that for the 'username-value' and 'password' fields,
you scan through the field looking for any characters that are _not_ in
ISO 8859-1 . If there are no characters outside ISO 8859-1 in the field,
you send that field in ISO 8859-1, assuming that the value of the
'charset' directive is 'ISO 8859-1' for that specific field.
So, if you have a username of 'ez$' with a password of '¥$¢£??' (Yen
Dollar Cents Pounds Francs Euro), the 'username-value' only contains
characters in ISO 8859-1, and should be sent in ISO 8859-1. The
'password' contains characters outside of ISO 8859-1, and should be sent
in 'UTF-8', _but_ only if the 'charset' directive is already set to
'UTF-8'.
Section 8 of 2831 contains a snippet of C which will do all of this for
you.
--
Bruce Campbell
