deBry security proposal

deBry security proposal

deBry security proposal

Robert Herriot robert.herriot at Eng.Sun.COM
Sat Nov 23 02:27:52 EST 1996

I would like to know if Authorization is typically included with an HTTP message or only
if a server requests it.  RFC 1945 is unclear on this point.

I ask this because I would like one form of security to be where the client (not the end-user)
automatically sends an attribute at the HTTP level with the user's name and ideally the 
domain name as well.

Such values could implement the attributes operation-user-name and operation-host-name.  This
mechanism would allow a lightweight security mechanism that would work in cooperative
environments where people don't want to deal with passwords but also don't want to
cancel other people's jobs accidentally.

I think that this is one case that Roger missed in his enumeration of possible security

Bob Herriot

More information about the Ipp mailing list