[OpenID] Proposal: SMTP service extension for Yadis discovery
Claus Färber
GMANE at faerber.muc.de
Tue Feb 13 22:33:00 UTC 2007
Stephen Paul Weber <singpolyma at gmail.com> schrieb/wrote:
> On 08 Feb 2007 16:38:00 +0100, Claus Färber <claus at faerber.muc.de> wrote:
>> It does not work as intended. In http://user@example.com/, "user" is
>> an identity suggested to access http://example.com/. A RP could not
>> retrieve different information depending on the "user" part wihtout
>> knowing the password for each user (which it is supposed not to
>> know).
> How so? The user part is transferred in the HTAUTH headers which the
> script can easily read...
What's a HTAUTH?
Seriously, there's no such header. If you mean the Authorization header
field, this one's only sent when the user (or URL) has provided a
username _and_ password.
Claus
More information about the general
mailing list