Re: PATCH: Proxy Authentication patches

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 07 May 1999 11:21:00 +0200

Arjan de Vet wrote:

> The problem with making it a third argument is that you cannot have
> spaces in your password anymore. The initial design I made assumes that
> everything after the first space is the password, so you cannot have
> more fields without breaking compatibility.

The initial design is flawed I would say.. The draft standard allows
usernames and passwords to include CRLF (username and password is
defined as TEXT, TEXT includes LWS and LWS is whitespace including
CRLF). So these in my opinion these should be URL encoded.

> What could be useful is making the authentication programs accept multi-line
> requests (one item per line) and send multi-line responses. Example:
>
> command: authenticate
> username: myname
> password: sec ret password
> ipaddress: 1.2.3.4

I think requests should be one single line to simplify the writing of a
redirector/authenticator. In most languages is is easy to split a single
line, but comparably harder to parse a multiline request. Having
multiline responses is fine but may be incompatible with available
redirectors/authenticators.

/Henrik
Received on Tue Jul 29 2003 - 13:15:58 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:07 MST