Re: A modest proposal for access authentication

Martin Hamilton <M.T.Hamilton@lut.ac.uk>
Date: Fri, 17 Sep 1993 07:29:55 +0100 (BST)
From: Martin Hamilton <M.T.Hamilton@lut.ac.uk>
Subject: Re: A modest proposal for access authentication
To: Larry Masinter <masinter@parc.xerox.com>
Cc: www-talk@nxoc01.cern.ch
In-reply-to: <93Sep16.123937pdt.2794@golden.parc.xerox.com>
Message-id: <Pine.3.07.9309170755.C13439-c100000@avarice>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: M.T.Hamilton@lut.ac.uk
Status: RO
Larry said:

> The modest proposal is: use FTP.
> 
> a) add a new kind of URL:    FTPU://host/path
>    this URL is like FTP: except that it assumes that the user will
> supply a user name and password, i.e., not anonymous access

how about <ftp://martin@genie.lut.ac.uk/whatever> ?

i think this is in the URL draft...

        Internet protocol parts


            Those schemes which refer to internet protocols have a
          common syntax for the rest of the object name. This starts
          with a double slash "//" to indicate its presence, and
          continues until the following slash "/".  Within that section
          are

                  . An optional user name, if this must be quoted to the
                    server, followed by  a commercial at sign "@".  (Use
                    of this field is discouraged. Provision  of encoding
                    a password after the user name, delimited by a
                    colon, could  be made but obviously is only useful
                    when the password is public, in  which case it
                    should not be necessary, so that is also
                    discouraged.)

        [...deleted...]

        FTP

            The ftp: prefix indicates a file which is to be picked up
          from the file system of the given host. The FTP protocol is
          used. The port number if given gives the port of the FTP
          server if not the FTP default. (A client may in practice use
          local file access to retrieve objects which are available
          though more efficient means such as local file open or NFS
          mounting, where this is available and equivalent)

            The syntax allows for the inclusion of a user name and even
          a password for those systems which do not use the anonymous
          FTP convention. The default, however, if no user or password
          is supplied, will be to use that convention, viz. that the
          user name is "anonymous" and the password the user's mail
          address.

...!

I have a quibble though - the BNF for "fileaddress" doesn't include
the user name / password component, or an optional port number:

            fileaddress    f t p : / / host / path
            hostport        host [ : port ]
            host           hostname | hostnumber

Could we get something more along the lines of the telnet entry
into it please?  ...

            fileaddress    f t p : / / [ user @ ] hostport / path

Tim, are you listening?? :-))

Martin