[MERGE] authentication ring specification

Alexander Belchenko bialix at ukr.net
Tue Jul 24 17:17:02 BST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I carefully read your document and I think I understand it well.
+1 conditional. See some comments below.

Vincent Ladeuil пишет:
> +  * all connections are done with the same ``user`` (the local one) and the
> +    password is always prompted with some exceptions::
> +
> +        # Pet projects on hobby.net
> +        [hobby]
> +        scheme=https
> +        host=r.hobby.net
> +        self_certified==yes
> +        user=jim
> +        password=obvious1234

^-- probably self_certified=yes with one equal sign?

> +UI Changes
> +----------
> +
> +Depending on the info provided in the URL, bzr will interact with the user in
> +different ways:
> +
> +1. ``user`` and ``password`` given in the URL.
> +
> +  Nothing to do.
> +
> +2. ``user`` given in the URL.
> +
> +  Get a password from ``~/.bazaar/authentication.conf`` or prompt
> +  for one if none is found.
> +
> +3. No ``user`` given in the URL (and no ``password``).
> +
> +  Get a user from ``~/.bazaar/authentication.conf`` or prompt for one if none is
> +  found. Continue as 2.
> +
> +Note: A user will be queried only if the server requires it for ``HTTP``, other
> +protocols always require a user.
> +
> +In any case, if the server refuses the authentication, bzr reports to the user
> +and terminates.

Just one idea, not the real nitpicking.
Can we add global flag --remember-auth or --remember-password,
or --store-password-plain/--store-password-plain-base64 or something similar
to address the question below:

+Questions and Answers
> +---------------------
> +
> +  * Why can't bzr update the authentication file when it queried the user for a
> +    password ?
> +
> +    * a future version may address that but:
> +
> +      1. The user may want to decide which passwords are stored in the file and
> +         which aren't.
> +
> +      2. The user should decide if the passwords are encoded or not.

Because encoding of password with base64 is not simple task, if you're not
programmer, IMO.

[µ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGpiX+zYr338mxwCURAjubAJ987di5cLpyco87tt31wABrYbqOaACeIchs
wBbOVVehPTStt40GhfQpsuk=
=S2b2
-----END PGP SIGNATURE-----

More information about the bazaar mailing list