On Wed, 19 Mar 2014, Daniel Stenberg wrote:

> Really? The section for 'nonce' in RFC2831 clearly spells out:
>
> "It is recommended that this string be base64 or hexadecimal data."

Yeah - that's the sort of statement I was looking for in the RFC but
obviously missed it :( Sorry!

> Alternatively, we can base64 encode the 64 bits (which seems a little
> loverkill to me) or just cut off 8 bits and go down to 14 hex digits.

The example the RFC gave, did seem base64'ish - but 14 digits didn't seem
the right length!

> Thoughts?

Base64 does seems more of the right thing to do, to me anyway, plus I've
just seen your follow up email so I will take a look at that in a mo ;-)

Kind Regards

Steve
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-03-20