RFC2617 specifically allows http authentication with no username and or no password.
ie the following are valid: user "" password "joe" user "joe" password "" and user "" password "" Rob
- setup.exe and empty proxy password field - was "Re: BU... Pavel Tsekov
- Robert Collins
