RE: IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication

Wenn, John C (jwenn@cp10.es.xerox.com)
Tue, 13 Apr 1999 13:49:41 -0700

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Paul Leach: "RE: IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication"
• Previous message: Michael Sweet: "Re: IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication"

For authentication:

Digest is not perfectly secure (being vulnerable to some types of
active attacks and lack of integration with current server authentication
mechanisms), but it is an acceptable security solution.

Basic by itself is not acceptable, but may be acceptable if used
with an encrypted chanel (TLS+Basic).

This discussion should be about what is the mandatory authentication scheme
that is both (*) has adequate security and (*) meets other IPP criteria
(usability, ease of implementation, etc.)

/John

• Next message: Paul Leach: "RE: IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication"
• Previous message: Michael Sweet: "Re: IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication"

Comments are owned by the poster. All other material is Copyright © 2001-2024 The Printer Working Group. All rights reserved. IPP Everywhere, the IPP Everywhere logo, and the PWG logo are trademarks of the IEEE-ISTO.
About the PWG · Privacy Policy · PWG Webmaster