IPP> BakeOff3 Issue 3.2 - Do URLs have to be different if the security is different?

IPP> BakeOff3 Issue 3.2 - Do URLs have to be different if the security is different?

IPP> BakeOff3 Issue 3.2 - Do URLs have to be different if the security is different?

Carl Kugler kugler at us.ibm.com
Thu Dec 14 12:38:55 EST 2000


--- Tom wrote:
> At the IPP WG meeting, we agreed to resolution 2 for Issue 3.2.  However,
on
> the IPP telecon today, Ira pointed out that HTTP security is
> connection-based, not transaction-based.
> There is a new experimental RFC
> 2660 for SHTTP (August 1999), which has transaction-based security, but
we
> don't want IPP to have to use that.
>
> So resolution 2 won't work;  the challenge has to be issued for the
> connection, not on an operation-by-operation basis.  Therefore, each
> different security regime that a Printer supports MUST have a distinct
URL.
> What about authentication?
>

This seems overly general to me.  By "HTTP security" are you refering to
Digest authentication, TLS, Kerberos, or what?

You seem to be implying that each operation requires a separate connection.
That is not the normal case for HTTP/1.1:  all connections in HTTP/1.1 are
persistent by default.  Also, Basic and Digest authentication can work over
non-persistent connections (they worked for HTTP/1.0, didn't they?).

AFAIK, a transaction is a series of operations that succeeds or fails as a
unit, with the properties of atomicity, consistency, isolation and
durability.   Is this a new requirement for IPP?

     -Carl




More information about the Ipp mailing list