IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication

IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication

Herriot, Robert Robert.Herriot at pahv.xerox.com
Thu Apr 22 21:21:30 EDT 1999


I think that Keith has made an important point that some of you may have
missed.
Here is what I understand his salient points were.

Keith believes that any appliance that can plug into the internet (e.g. with
an RJ-45 plug) must be able to protect itself against intruders directly and
not rely on some external barrier, such as a firewall. Authentication is an
important part of this protection mechanism.

There are good reasons not to rely on an external barrier to provide
protection. Someone may neglect to install the external barrier or someone
may remove or bypass it. This situation is especially likely in the home or
small business environment. In addition, someone may move the appliance to a
location where an external barrier is no longer present. If the appliance
contains its own authentication, its level of protection remains unchanged
regardless of where it plugs into the network or what changes occur in the
network around it. 

A printer has only one kind of network plug. The plug may be connected to an
isolated LAN or it may be plugged into the internet. We, as vendors, cannot
know.
Poor support for security may have been good enough for past products, but
we need to look to the future. Keith wants us to see a world in the near
future where networks are more pervasive than now and consequently, where
security is more important than now. 

I think we should listen to Keith and try to understand why his view is
important. 

Bob Herriot

 



More information about the Ipp mailing list