IPP> MOD - Issue 2: How can client force authentication, i.e ., identified mode? Solution #2 preferred

IPP> MOD - Issue 2: How can client force authentication, i.e ., identified mode? Solution #2 preferred

Wenn, John C jwenn at cp10.es.xerox.com
Tue Mar 30 06:43:27 EST 1999


There need not be an explosion of URL's.  According to the latest HTTP
Authentication draft (the rfc2069 replacement, should have an RFC# any day),
the server can specify multiple authentication schemes.  The client must
choose the strongest HTTP authentication scheme it understands and use that
one.

So it would really look like

URL1   none, none
URL2   HTTP, none
URL3   none, SSL3
URL4   HTTP, SSL3
...

Where HTTP can be Basic, Digest or whatever the client & server agree on.

/John

> -----Original Message-----
> From: Paul Moore [mailto:paulmo at microsoft.com]
> Sent: Monday, March 29, 1999 11:12 AM
> To: 'Herriot, Robert'; ipp at pwg.org
> Subject: RE: IPP> MOD - Issue 2: How can client force authentication,
> i.e ., identified mode? Solution #2 preferred
> 
> 
> How does trhis work in combination with various secure 
> transmission RLS
> (ssl3, TLS, etc).
> 
> What you would actually need would be a product of all the 
> combinations of
> identification and auth/secure channel methods.
> 
> URL1 = none, none
> URL2 = basic, none
> URL3 = basic, TLS
> URL4 = basic, SSL3
> URL5 = digest, none
> ...
> URL9 = digest, SSL3
> 
> URL27 = foobar, XYZ
> 
> 
> 



More information about the Ipp mailing list