[MERGE] authentication ring specification

[Aaron Bentley]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Vincent Ladeuil wrote:
> +.. [#ignored_realm] The true purpose of realms is to allow the same credentials
> +   to be reused for disjoint hierarchies. Ignoring them in this specifications
> +   aims to simplify the user experience.

I don't really see a simplification in ignoring realm.  I think it would
be a much better identifier than "path".

> +  * while ``locations.conf`` is intended to describe *local* branches,
> +    ``authentication.conf`` is intended to describe *remote* branches or
> +    servers.

locations.conf is intended to describe both local and remote branches.
In particular, it provides a way to override the branch.conf settings in
a remote branch that you do not have write access to.


> +  * What about using ``seahorse`` on Ubuntu or ``KeyChain Access`` on Mac OS X ?
> +
> +    * ``svn`` use some native APIs to encode its cached credentials, that may
> +      provides examples on how this can be done for bzr, then these services
> +      could be used to encrypt the passwords and define a new
> +      ``password_encoding``.

It seems worth investigating the seahorse or KeyChain Access APIs before
finalizing this spec.  Such analysis would ensure that our spec is
compatible with them, and reading about their APIs could reveal issues
that we need to address.

Aaron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGpktE0F+nu1YWqI0RAtaPAJ92+AiMG24lElZaPSYje+VloXf5SgCfU6Jl
t+kdTYE1JewWjeb7YZrAtlc=
=9h3Z
-----END PGP SIGNATURE-----