Now, as TestDDA becames nearly mandatory (there is still an option to disable the need for TestDDA), I am forced to implement it, even if I have no time for it. Anyhow...
Studying the docs about the design of TestDDA, I wonder why it was implemented in a way that requires the node AND the client to maintain a list of directories that were authenticated for DDA? Also it makes the handling for clients more complicated because they have to trigger a TestDDA. IMHO a better design would have been the following: Once a client starts a GET or PUT, the node checks if the directory is authenticated. If not, then the NODE sends a request for authentication to the client. Its quite the same as the current implementation, but triggered by the node, not by the client. This way the client would not have to track already authenticated directories per socket. The node does this anyway... If someone agrees that this would be a good idea, I would like to have this implemented. A new option in ClientGet or ClientPut could be used to tell the node that the client expects the new way to authenticate for DDA. Default is to use the existing TestDDA.
