IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication

IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication

IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication

Ira McDonald imcdonal at sdsp.mc.xerox.com
Wed Apr 7 23:09:39 EDT 1999


Hi Keith and Mike,

A small clarification.  The US government raised the export
restriction to 56-bit encryption in September 1998.  And 56-bit
(even single round) is MUCH harder to break than 40-bit (according
to security professionals like Bruce Schneier in his bible
'Applied Cryptography').

Nonetheless, the problem of requiring Digest support in all
IPP server-side implementations (ie, printers and spoolers)
is that it makes the original IPP WG goal of a protocol that
can be built on EXISTING off-the-shelf HTTP software hopeless.

Cheers,
- Ira McDonald

  (outside consultant at Xerox)
  High North Inc




More information about the Ipp mailing list