Martin v. Löwis <[EMAIL PROTECTED]> added the comment: Encoding of basic auth has a loooong story. I keep forgetting the details, but one interpretation is that the it needs to be MIME B or Q encoded first (i.e. through a header encoding), which then needs to be base64 encoded. For B or Q, you can chose any IANA-registered encoding.
This is not directly specified, but rather an implicit interpretation of RFC2617, through reference to RFC2616 by using the TEXT production, which is defined (in 2.2 of 2616) to be either Q or B encoded, unless it is iso-8859-1 (which apparently can pass unencoded). Another interpretation is that it should be UTF-8, based on the general policy of RFC 2277 mandates UTF-8 for all new protocols. Yet another interpretation is that RFC2617 just doesn't support non-ASCII user names and passwords. It is the latter interpretation that we should implement (perhaps with a comment that this interpretation is debated). However, it does have the advantage of being a subset of the two other interpretations (which otherwise contradict each other). For PyPI, I believe it is safe to assume that both usernames and passwords are restricted to ASCII. ---------- nosy: +loewis _______________________________________ Python tracker <[EMAIL PROTECTED]> <http://bugs.python.org/issue4338> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
