From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: M Hickford <mirth.hickford@gmail.com>
Cc: git@vger.kernel.org, gitster@pobox.com, mjcheetham@outlook.com
Subject: Re: [PATCH 06/13] docs: indicate new credential protocol fields
Date: Mon, 25 Mar 2024 23:37:12 +0000 [thread overview]
Message-ID: <ZgIKqJaE79-Erzif@tapette.crustytoothpaste.net> (raw)
In-Reply-To: <20240325231609.284-1-mirth.hickford@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1846 bytes --]
On 2024-03-25 at 23:16:09, M Hickford wrote:
> > +`authtype`::
> > + This indicates that the authentication scheme in question should be used.
> > + Common values for HTTP and HTTPS include `basic`, `digest`, and `ntlm`,
> > + although the latter two are insecure and should not be used. If `credential`
> > + is used, this may be set to an arbitrary string suitable for the protocol in
> > + question (usually HTTP).
>
> How about adding 'bearer' to this list? Popular hosts Bitbucket
> https://bitbucket.org and Gitea/Forgejo (such as https://codeberg.org)
> support Bearer auth with OAuth tokens.
Sure, I can do that.
> > ++
> > +This value should not be sent unless the appropriate capability (see below) is
> > +provided on input.
> > +
> > +`credential`::
> > + The pre-encoded credential, suitable for the protocol in question (usually
> > + HTTP). If this key is sent, `authtype` is mandatory, and `username` and
> > + `password` are not used.
>
> A credential protocol attribute named 'credential' is confusing. How
> about 'authorization' since it determines the HTTP Authorization
> header? This detail is surely worth mentioning too.
I don't want this to be very specific to HTTP, so I don't think that's a
great name. As I mentioned in the cover letter, I might well extend
this to IMAP and SMTP for our mail handling in the future, and that name
wouldn't work well there.
I named it `credential` because, well, it's the credential that's used
in the protocol. I feel like saying that the field represents "the
authorization" sounds unnatural. It's not wrong, per se, but it sounds
confusing.
I'm open to other ideas if you or others have them, but between these
two, I think I'd prefer to stick with `credential`.
--
brian m. carlson (they/them or he/him)
Toronto, Ontario, CA
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 262 bytes --]
next prev parent reply other threads:[~2024-03-25 23:37 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-24 1:12 [PATCH 00/13] Support for arbitrary schemes in credentials brian m. carlson
2024-03-24 1:12 ` [PATCH 01/13] credential: add an authtype field brian m. carlson
2024-03-24 1:12 ` [PATCH 02/13] remote-curl: reset headers on new request brian m. carlson
2024-03-24 1:12 ` [PATCH 03/13] http: use new headers for each object request brian m. carlson
2024-03-27 8:02 ` Patrick Steinhardt
2024-03-24 1:12 ` [PATCH 04/13] credential: add a field for pre-encoded credentials brian m. carlson
2024-03-24 1:12 ` [PATCH 05/13] credential: gate new fields on capability brian m. carlson
2024-03-27 8:02 ` Patrick Steinhardt
2024-03-27 21:33 ` brian m. carlson
2024-04-02 10:04 ` Patrick Steinhardt
2024-04-04 0:39 ` brian m. carlson
2024-04-04 4:07 ` Patrick Steinhardt
2024-03-28 10:20 ` Jeff King
2024-03-28 16:13 ` Junio C Hamano
2024-03-28 16:29 ` Jeff King
2024-03-28 17:25 ` Junio C Hamano
2024-03-28 21:18 ` brian m. carlson
2024-03-24 1:12 ` [PATCH 06/13] docs: indicate new credential protocol fields brian m. carlson
2024-03-25 23:16 ` M Hickford
2024-03-25 23:37 ` brian m. carlson [this message]
2024-03-30 13:00 ` M Hickford
2024-03-31 21:43 ` brian m. carlson
2024-03-24 1:12 ` [PATCH 07/13] http: add support for authtype and credential brian m. carlson
2024-03-24 1:12 ` [PATCH 08/13] credential: add an argument to keep state brian m. carlson
2024-04-01 21:05 ` mirth hickford
2024-04-01 22:14 ` brian m. carlson
2024-03-24 1:12 ` [PATCH 09/13] credential: enable state capability brian m. carlson
2024-03-24 1:12 ` [PATCH 10/13] docs: set a limit on credential line length brian m. carlson
2024-03-24 1:12 ` [PATCH 11/13] t5563: refactor for multi-stage authentication brian m. carlson
2024-03-24 1:13 ` [PATCH 12/13] strvec: implement swapping two strvecs brian m. carlson
2024-03-27 8:02 ` Patrick Steinhardt
2024-03-27 21:22 ` Junio C Hamano
2024-03-27 21:34 ` brian m. carlson
2024-03-24 1:13 ` [PATCH 13/13] credential: add support for multistage credential rounds brian m. carlson
2024-03-28 8:00 ` M Hickford
2024-03-28 21:53 ` brian m. carlson
2024-04-01 20:51 ` M Hickford
2024-03-24 2:24 ` [PATCH 00/13] Support for arbitrary schemes in credentials Junio C Hamano
2024-03-24 15:21 ` brian m. carlson
2024-03-24 16:13 ` Junio C Hamano
2024-03-30 8:00 ` M Hickford
2024-03-30 8:16 ` M Hickford
2024-04-02 22:26 ` Calvin Wan
2024-04-04 1:01 ` brian m. carlson
2024-04-08 18:42 ` Jackson Toeniskoetter
2024-04-11 7:00 ` M Hickford
2024-04-12 0:09 ` brian m. carlson
2024-04-11 7:00 ` M Hickford
2024-04-12 0:13 ` brian m. carlson
2024-04-17 0:02 ` [PATCH v2 00/16] " brian m. carlson
2024-04-17 0:02 ` [PATCH v2 01/16] credential: add an authtype field brian m. carlson
2024-04-17 0:02 ` [PATCH v2 02/16] remote-curl: reset headers on new request brian m. carlson
2024-04-17 0:02 ` [PATCH v2 03/16] http: use new headers for each object request brian m. carlson
2024-04-17 0:02 ` [PATCH v2 04/16] credential: add a field for pre-encoded credentials brian m. carlson
2024-04-17 0:02 ` [PATCH v2 05/16] credential: gate new fields on capability brian m. carlson
2024-04-17 0:02 ` [PATCH v2 06/16] credential: add a field called "ephemeral" brian m. carlson
2024-04-17 0:02 ` [PATCH v2 07/16] docs: indicate new credential protocol fields brian m. carlson
2024-04-17 0:02 ` [PATCH v2 08/16] http: add support for authtype and credential brian m. carlson
2024-04-17 0:02 ` [PATCH v2 09/16] credential: add an argument to keep state brian m. carlson
2024-04-17 0:02 ` [PATCH v2 10/16] credential: enable state capability brian m. carlson
2024-04-17 0:02 ` [PATCH v2 11/16] docs: set a limit on credential line length brian m. carlson
2024-04-17 0:02 ` [PATCH v2 12/16] t5563: refactor for multi-stage authentication brian m. carlson
2024-04-17 0:02 ` [PATCH v2 13/16] credential: add support for multistage credential rounds brian m. carlson
2024-04-17 0:02 ` [PATCH v2 14/16] t: add credential tests for authtype brian m. carlson
2024-04-17 0:02 ` [PATCH v2 15/16] credential-cache: implement authtype capability brian m. carlson
2024-04-17 0:02 ` [PATCH v2 16/16] credential: add method for querying capabilities brian m. carlson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZgIKqJaE79-Erzif@tapette.crustytoothpaste.net \
--to=sandals@crustytoothpaste.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=mirth.hickford@gmail.com \
--cc=mjcheetham@outlook.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).