Re: smtpmail and ~/.authinfo

[Lars Magne Ingebrigtsen]

Ted Zlatanov <address@hidden> writes:

> I think authinfo/netrc files should be portable and support Unicode in a
> way that enables other (older or new!) software to use them too.  IMHO
> enforcing UTF-8 encoding is the best way to achieve that.

That's not realistic, I think.

Look, these protocols (SMTP, NNTP, pop3, etc) are really old.  Most of
them were created in a "just send ASCII" world, which then morphed into
a "just send 8bit, just make sure you don't send any null bytes" world,
which then again sort of morphed into a world that's somewhat cognisant
of charsets server-side.

But for NNTP basic auth, for instance, it's perfectly valid to use the
five-byte sequence representing "héllo" in iso-8859-15 as the password,
if that's what the user has set up, and it's what the NNTP server has
stored.  (And the same goes for pop3 and SMTP.  (For IMAP the situation
is different -- there they've actually defined the charset to use, and
it's a tweak on utf7.))

So there isn't any wiggle room here.  The user has to be able to store a
random sequence of bytes into the .authinfo file to be able to contact
their servers -- if they have been careless enough to create a non-ASCII
user name or password.

Because using non-ASCII credentials is so fraught with problems, almost
nobody does it, which is why we don't get many (or any, really) bug
reports about this.  

-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/