Transport of username/password in RPC Metadata

[pmartinou]

Section 3.1 (Session Security, Authentication and RPC Authorization) of the gnmi specification indicates that the username and password for user Authentication should be transported in the metadata of the RPC message.
The [GNMI_AUTH] specification indicates that "gRPC Authentication support" should be leveraged.

It would be useful to clarify how exactly the username/password should be transported in the Metadata, as several understandings are possible:

1. Use an "Authorization" header key, with "Basic " RFC 7617 Basic Authentication, or

2. Use a "username" and a "password" header keys.
   The latter being restrictive in terms of allowed chars - ASCII only, as indicated in the Javadoc of Metadata:

   * <p>Names are ASCII string bytes that contains only the characters listed in the class comment
   * of {@link Key}. If the name ends with {@code "-bin"}, the value can be raw binary. Otherwise,
   * the value must contain only characters listed in the class comments of {@link AsciiMarshaller}

[robshakir]

The current implementation is using the username and password metadata keys. You can see this implemented in the reference implementation in the github.com/openconfig/gnmi repo.

Note that this is not the intended long term solution for auth - there are community efforts underway to move to a generic gRPC based auth framework; which will be published once an initial proposal has been formulated.