Can you please explain a bit better what you mean, after all we are trying
to define a platform independent Internet standard, and the IETF is very
strict on security these days.
Are you saying that the Digest Authentication mechanism is totally broken?
> -----Original Message-----
> From: owner-ipp at pwg.org [mailto:owner-ipp at pwg.org]On Behalf Of Michael
> Sent: Tuesday, April 06, 1999 5:55 PM
> To: Manros, Carl-Uno B
> Cc: IETF-IPP
> Subject: Re: IPP> PRO - Issue 32: Use of Basic & Digest Authentication
>>> "Manros, Carl-Uno B" wrote:
> > ...
> > Proposed solution: As the HTTP WG is deprecating the Basic
> > Authentication feature, it does not make sense to mandate that, but
> > we still have to make it clear that support for Digest Authentication
> > is a MUST for all IPP clients and printers (unless you want to make
> > TLS a MUST for everybody) in IPP/1.1.
> > ...
>> I've said this before, but let me say it again - if you mandate
> Digest authentication then it will be impossible to use the existing
> authentication systems provided by most operating systems.
> Michael Sweet, Easy Software Products mike at easysw.com> Printing Software for UNIX http://www.easysw.com>