IPP> Re: ADM - Draft minutes [client security issues]

IPP> Re: ADM - Draft minutes [client security issues]

IPP> Re: ADM - Draft minutes [client security issues]

Robert Herriot Robert.Herriot at Eng.Sun.COM
Thu Dec 18 17:32:19 EST 1997


> From moore at cs.utk.edu Thu Dec 18 07:00:27 1997
> 
> > The IETF ADs are just plain WRONG about this
> > one!  Security should be a customer purchasing choice, not a "cost of
> > doing business using Internet 'standards track' protocols"!  If IPP
> > actually does supplant LPR in the enterprise network (as we all hope)
> > MOST of the printers and clients will be configured WITHOUT security.
> 
> We respectfully disagree.  Internet standards specify requirements
> for interoperability over the entire Internet, not just in an 
> enterprise network.  Many enterprise networks also need security.
> 
> Be assured that the requirement for strong, mandatory, interoperable
> authentication will not be changed.
> 


Your comments above suggest to me that authentication (of a client) is
required and that privacy and mutual authentication are not.


So, would it be acceptable for IPP to drop TLS and require that all IPP
clients and servers support HTTP/1.1 digest authentication?



More information about the Ipp mailing list