Richard Levitte - VMS Whacker wrote:
Hallo Richard,
> From: Goetz Babin-Ebell <[EMAIL PROTECTED]>
> gbe> Richard Levitte - VMS Whacker wrote:
> gbe> Agree,
> gbe> but a seperate function for user autentification would be good...
>
> Exactly what do you mean? If it's the separation between strings,
> passphrases and file (and whatever), it's still just a string, with
> the only real difference that prompting for a password requires no
> echo.
It is more a logical than a technical difference.
Autentication is a special and very importand dialog.
I wanted to seperate it from the normal flow of IO at the earliest
possible moment.
> gbe> But will the generated string fit the output ?
> gbe> A PIN Pad with a 16x2 LCD requires another layout than a GUI...
> Hmm, good point. Perhaps one should have the applicatoin check the
> maximum size and have it adapt?
Best place for these checks is the UI... ;-)
> gbe> > gbe> > - a "wrong" string (eh, "That was the wrong password", f.
>example?)
> gbe> > gbe> should be handled in the UI (another call ?)
> gbe> >
> gbe> > Really? And how would it determine if something was previously wrong?
> gbe> > I was thinking of the UI as a pretty stateless thingy. A bit
> gbe> > according to the KISS principle.
> gbe> Another Message ?
> gbe> UI_GetAut(TXT_AUT_CLIENT,...)
> gbe> UI_GetAut(TXT_AUT_LASTTRY,...)
>
> I'm not sure I got that. For example, you might want to include an
> error text in a prompt dialog box, a little like the default XDM login
> screen works (it will say that you weren't authenticated and at the
> same time prompt again). That's why I think the prompting routines
> need to know about that info as well...
The UI should be stateless.
But the message could have a state.
UI_GetAut(TXT_AUT_CLIENT,...)
-> "please enter user/passphrase"
UI_GetAut(TXT_AUT_RETRY,...)
-> "authentication failed. please retry:"
> gbe> > gbe> const char *UI_GetTextFor(MessageCode,SubCode);
> gbe> >
> gbe> > Eeeep, localization... Just the thought... No, it's not a bad idea,
> [...]
> gbe> I know...
> gbe> But the UI seems to be a good place to start...
>
> Hmm, true... Gotta learn how those things work (is there a standard
> at all?)
One ? ...
> gbe> 1. user authentication (pass phrase, PIN,...)
> Check.
> gbe> 2. new user authentification (new pass prase, with verify)
> Ah... check.
> gbe> 3. give some information about the current state
> Check.
>
> gbe> What else ?
>
> Doesn't have to be decided all at once, there's room for extensions...
Wan't my intention.
But missing something now...
By
Goetz
--
Goetz Babin-Ebell, TC TrustCenter GmbH, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
