> Any estimate on how soon you expect the major Web server
> vendors to implement SASL and TLS in their Web servers?
No. I'll have to poll them to see what they think.
(but then again, how many of them implement TLS framing w/o security?)
One advantage in IPP using SASL+TLS over just TLS would be
that an IPP client or server that didn't need security
could use ordinary HTTP client or server code.
Personally, I'm hoping that all of the protocols layered on
HTTP can use the same security negotiation mechanism.