Uploaded image for project: 'OASIS Message Queuing Telemetry Transport (MQTT) TC'
  1. OASIS Message Queuing Telemetry Transport (MQTT) TC
  2. MQTT-241

Possible to send password without user name ?(review comment from Nicholas Humfrey)

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.1.1
    • Fix Version/s: None
    • Component/s: core
    • Labels:
      None

      Description

      Public review comment received from Nicholas Humfrey (point 4)

      4) While comparing the differenced between the previous version of the
      specification, I noticed that it is no longer possible to send a
      password without a username. I thought that this was quite a useful
      (albeit unintentional?) feature of the protocol, which could be used to
      send API keys, OAuth tokens, or other secrets, without requiring a
      (fake/unused) username. It could also be used to provide a password for
      a client id, without an additional username.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              coppen Richard Coppen
            • Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: