Re: [PATCH 06/13] docs: indicate new credential protocol fields

[PATCH 00/13] Support for arbitrary schemes in credentials · brian m. carlson <hidden> · 2024-03-24
[PATCH 09/13] credential: enable state capability · brian m. carlson <hidden> · 2024-03-24
[PATCH 08/13] credential: add an argument to keep state · brian m. carlson <hidden> · 2024-03-24
Re: [PATCH 08/13] credential: add an argument to keep state · mirth hickford <hidden> · 2024-04-01
Re: [PATCH 08/13] credential: add an argument to keep state · brian m. carlson <hidden> · 2024-04-01
[PATCH 10/13] docs: set a limit on credential line length · brian m. carlson <hidden> · 2024-03-24
[PATCH 05/13] credential: gate new fields on capability · brian m. carlson <hidden> · 2024-03-24
Re: [PATCH 05/13] credential: gate new fields on capability · Patrick Steinhardt <hidden> · 2024-03-27
Re: [PATCH 05/13] credential: gate new fields on capability · brian m. carlson <hidden> · 2024-03-27
Re: [PATCH 05/13] credential: gate new fields on capability · Patrick Steinhardt <hidden> · 2024-04-02
Re: [PATCH 05/13] credential: gate new fields on capability · brian m. carlson <hidden> · 2024-04-04
Re: [PATCH 05/13] credential: gate new fields on capability · Patrick Steinhardt <hidden> · 2024-04-04
Re: [PATCH 05/13] credential: gate new fields on capability · Jeff King <hidden> · 2024-03-28
Re: [PATCH 05/13] credential: gate new fields on capability · brian m. carlson <hidden> · 2024-03-28
[PATCH 07/13] http: add support for authtype and credential · brian m. carlson <hidden> · 2024-03-24
[PATCH 06/13] docs: indicate new credential protocol fields · brian m. carlson <hidden> · 2024-03-24
Re: [PATCH 06/13] docs: indicate new credential protocol fields · M Hickford <hidden> · 2024-03-25
Re: [PATCH 06/13] docs: indicate new credential protocol fields · brian m. carlson <hidden> · 2024-03-25
Re: [PATCH 06/13] docs: indicate new credential protocol fields · M Hickford <hidden> · 2024-03-30
Re: [PATCH 06/13] docs: indicate new credential protocol fields · brian m. carlson <hidden> · 2024-03-31
[PATCH 12/13] strvec: implement swapping two strvecs · brian m. carlson <hidden> · 2024-03-24
Re: [PATCH 12/13] strvec: implement swapping two strvecs · Patrick Steinhardt <hidden> · 2024-03-27
[PATCH 11/13] t5563: refactor for multi-stage authentication · brian m. carlson <hidden> · 2024-03-24
[PATCH 13/13] credential: add support for multistage credential rounds · brian m. carlson <hidden> · 2024-03-24
Re: [PATCH 13/13] credential: add support for multistage credential rounds · M Hickford <hidden> · 2024-03-28
Re: [PATCH 13/13] credential: add support for multistage credential rounds · brian m. carlson <hidden> · 2024-03-28
Re: [PATCH 13/13] credential: add support for multistage credential rounds · M Hickford <hidden> · 2024-04-01
[PATCH 02/13] remote-curl: reset headers on new request · brian m. carlson <hidden> · 2024-03-24
[PATCH 03/13] http: use new headers for each object request · brian m. carlson <hidden> · 2024-03-24
Re: [PATCH 03/13] http: use new headers for each object request · Patrick Steinhardt <hidden> · 2024-03-27
[PATCH 04/13] credential: add a field for pre-encoded credentials · brian m. carlson <hidden> · 2024-03-24
[PATCH 01/13] credential: add an authtype field · brian m. carlson <hidden> · 2024-03-24
Re: [PATCH 00/13] Support for arbitrary schemes in credentials · M Hickford <hidden> · 2024-03-30
Re: [PATCH 00/13] Support for arbitrary schemes in credentials · M Hickford <hidden> · 2024-03-30
Re: [PATCH 00/13] Support for arbitrary schemes in credentials · Calvin Wan <hidden> · 2024-04-02
Re: [PATCH 00/13] Support for arbitrary schemes in credentials · brian m. carlson <hidden> · 2024-04-04
Re: [PATCH 00/13] Support for arbitrary schemes in credentials · Jackson Toeniskoetter <hidden> · 2024-04-08
Re: [PATCH 00/13] Support for arbitrary schemes in credentials · M Hickford <hidden> · 2024-04-11
Re: [PATCH 00/13] Support for arbitrary schemes in credentials · brian m. carlson <hidden> · 2024-04-12
Re: [PATCH 00/13] Support for arbitrary schemes in credentials · M Hickford <hidden> · 2024-04-11
Re: [PATCH 00/13] Support for arbitrary schemes in credentials · brian m. carlson <hidden> · 2024-04-12
[PATCH v2 00/16] Support for arbitrary schemes in credentials · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 02/16] remote-curl: reset headers on new request · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 03/16] http: use new headers for each object request · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 04/16] credential: add a field for pre-encoded credentials · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 01/16] credential: add an authtype field · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 06/16] credential: add a field called "ephemeral" · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 05/16] credential: gate new fields on capability · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 07/16] docs: indicate new credential protocol fields · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 11/16] docs: set a limit on credential line length · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 09/16] credential: add an argument to keep state · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 10/16] credential: enable state capability · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 12/16] t5563: refactor for multi-stage authentication · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 08/16] http: add support for authtype and credential · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 14/16] t: add credential tests for authtype · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 13/16] credential: add support for multistage credential rounds · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 15/16] credential-cache: implement authtype capability · brian m. carlson <hidden> · 2024-04-17
[PATCH v2 16/16] credential: add method for querying capabilities · brian m. carlson <hidden> · 2024-04-17

From: M Hickford <hidden>
Date: 2024-03-30 13:00:18

On Mon, 25 Mar 2024 at 23:37, brian m. carlson
[off-list ref] wrote:

On 2024-03-25 at 23:16:09, M Hickford wrote:

quoted

+`authtype`::
+   This indicates that the authentication scheme in question should be used.
+   Common values for HTTP and HTTPS include `basic`, `digest`, and `ntlm`,
+   although the latter two are insecure and should not be used.  If `credential`
+   is used, this may be set to an arbitrary string suitable for the protocol in
+   question (usually HTTP).

How about adding 'bearer' to this list? Popular hosts Bitbucket
https://bitbucket.org and Gitea/Forgejo (such as https://codeberg.org)
support Bearer auth with OAuth tokens.

Sure, I can do that.

quoted

++
+This value should not be sent unless the appropriate capability (see below) is
+provided on input.
+
+`credential`::
+   The pre-encoded credential, suitable for the protocol in question (usually
+   HTTP).  If this key is sent, `authtype` is mandatory, and `username` and
+   `password` are not used.

A credential protocol attribute named 'credential' is confusing. How
about 'authorization' since it determines the HTTP Authorization
header? This detail is surely worth mentioning too.

Would it be accurate to add "For HTTP, Git concatenates the authtype
and credential attributes to determine the Authorization header"?

I don't want this to be very specific to HTTP, so I don't think that's a
great name.  As I mentioned in the cover letter, I might well extend
this to IMAP and SMTP for our mail handling in the future, and that name
wouldn't work well there.

Good point, you've dissuaded me against 'authorization'.

I named it `credential` because, well, it's the credential that's used
in the protocol.  I feel like saying that the field represents "the
authorization" sounds unnatural.  It's not wrong, per se, but it sounds
confusing.

We already use 'credential' to describe the whole collection of
attributes, as in "The credential is split into a set of named
attributes".

I'm open to other ideas if you or others have them, but between these
two, I think I'd prefer to stick with `credential`.

Ideas anyone?

--
brian m. carlson (they/them or he/him)
Toronto, Ontario, CA

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help