From: Junio C Hamano <gitster@pobox.com>
To: "brian m. carlson" <sandals@crustytoothpaste.net>
Cc: git@vger.kernel.org
Subject: Re: [PATCH 1/1] http: allow authenticating proactively
Date: Fri, 28 Jun 2024 15:18:37 -0700 [thread overview]
Message-ID: <xmqqh6dc1zk2.fsf@gitster.g> (raw)
In-Reply-To: <Zn8yhdN6henrIqgD@tapette.crustytoothpaste.net> (brian m. carlson's message of "Fri, 28 Jun 2024 22:00:37 +0000")
"brian m. carlson" <sandals@crustytoothpaste.net> writes:
>> > +* `basic` - Request Basic authentication from the helper.
>> > +* `auto` - Don't request any scheme from the helper.
>> > +--
>>
>> What does "don't request" exactly mean? It is not like we are
>> telling the helper "Don't give us anything", right? Are we telling
>> the helper "Give us any username/password for the URL in any
>> authentication scheme you know about?"
>
> It means we don't send a `wwwauth[]` entry in the request. We are
> giving the helper carte blanche to decide what scheme is best (maybe it
> knows we want Bearer, for example).
Well, at least I couldn't read the proposed document update and read
that much out of it, and I suspect there may be other readers who
will share my confusion. I think the source of the confusion is
that "don't request" does not automatically imply "allow the helper
to pick any scheme as it sees fit" if you do not know how helper is
designed to behave when it is not requested "any scheme".
`basic` - Request Basic authentication from the helper.
`auto` - Ask the helper to pick an appropriate scheme.
`none` - Disable proactive authentication.
or something, perhaps?
Thanks.
next prev parent reply other threads:[~2024-06-28 22:18 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-28 0:27 [PATCH 0/1] Proactive authentication over HTTP brian m. carlson
2024-06-28 0:27 ` [PATCH 1/1] http: allow authenticating proactively brian m. carlson
2024-06-28 18:16 ` Junio C Hamano
2024-06-28 22:00 ` brian m. carlson
2024-06-28 22:18 ` Junio C Hamano [this message]
2024-06-29 0:23 ` brian m. carlson
2024-07-01 15:26 ` Junio C Hamano
2024-07-04 0:17 ` [PATCH v2 0/1] Proactive authentication over HTTP brian m. carlson
2024-07-04 0:17 ` [PATCH v2 1/1] http: allow authenticating proactively brian m. carlson
2024-07-04 5:49 ` Junio C Hamano
2024-07-10 0:01 ` [PATCH v3 0/1] Proactive authentication over HTTP brian m. carlson
2024-07-10 0:01 ` [PATCH v3 1/1] http: allow authenticating proactively brian m. carlson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqh6dc1zk2.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.