Author is Julian Reschke. Kathleen Moriarty is the responsible Area
Director. Yoav Nir is the document shepherd.
This document defines the "Basic" Hypertext Transfer Protocol (HTTP)
Authentication Scheme, which transmits credentials as userid/password
pairs, obfuscated by the use of Base64 encoding.
Review and Consensus
This document is (along with Digest) part of a set of documents that
will collectively replace RFC 2617. As such, for the most part it
describes existing practice, with the addition of support for
o A new charset parameter with UTF-8 as the only valid value.
o A normative reference to the precis draft for valid characters.
o Appendix B with deployment considerations for co-existing with
With version -07 it is the consensus of the HTTP-Auth working group
that this document is fit to be published as a standards-track RFC.
There are a few implementations of this specification, and they have
been tested and shown to interoperate with the large install base of
web browsers and web servers.
All authors have confirmed that they are not aware of any undisclosed
IPR associated with this document. There have been no IPR disclosures.