https://bugzilla.suse.com/show_bug.cgi?id=1173427 https://bugzilla.suse.com/show_bug.cgi?id=1173427#c2 --- Comment #2 from Michael Andres --- Well, that's the usual HTTP authentication workflow. The server responds to a client with a 401 (Unauthorized) response status and provides information on how to authorize with a WWW-Authenticate response header containing at least one challenge. A client that wants to authenticate itself with a server can then do so by including an Authorization request header field with the credentials. A client does not itself decide that it wants to send an authenticated request. It is something the server requires. IMO zypp behaves right. -- You are receiving this mail because: You are on the CC list for the bug.