[MERGE] Authentication Ring spec
Martin Pool
mbp at canonical.com
Wed Sep 19 02:35:35 BST 2007
Martin Pool has voted approve.
Status is now: Approved
Comment:
+for users handling a lot of passwords and need to update them on a
regular
(trivial) should be 'who need to update them' (or 'and who need to').
It's out of the scope of this spec but it would be good to have -Dauth
show a description of why we chose a particular authentication. Maybe
we should always (when not quiet) show "using saved password for
http://blah". We can tweak it when we get it going.
+Also note that an optional ``self_certified`` field will be allowed to
force
+the connection to ``HTTPS`` hosts that provides a self certified
certificate
+(the default should be to refuse the connection and inform the user).
I think this should be updated to verify_certificate as you did in other
places.
Aside from that it looks great, thanks for drafting such a careful spec.
I'm looking forward to having it running! Please merge it into the doc
directory.
For details, see:
http://bundlebuggy.aaronbentley.com/request/%3Cm2ps0nst2j.fsf%40free.fr%3E
More information about the bazaar
mailing list