IPP Mail Archive: RE: IPP> MOD - Issue 2: How can client force authentication, i.e

IPP Mail Archive: RE: IPP> MOD - Issue 2: How can client force authentication, i.e

RE: IPP> MOD - Issue 2: How can client force authentication, i.e

Wenn, John C (jwenn@cp10.es.xerox.com)
Tue, 30 Mar 1999 03:43:27 -0800

There need not be an explosion of URL's. According to the latest HTTP
Authentication draft (the rfc2069 replacement, should have an RFC# any day),
the server can specify multiple authentication schemes. The client must
choose the strongest HTTP authentication scheme it understands and use that
one.

So it would really look like

URL1 none, none
URL2 HTTP, none
URL3 none, SSL3
URL4 HTTP, SSL3
...

Where HTTP can be Basic, Digest or whatever the client & server agree on.

/John

> -----Original Message-----
> From: Paul Moore [mailto:paulmo@microsoft.com]
> Sent: Monday, March 29, 1999 11:12 AM
> To: 'Herriot, Robert'; ipp@pwg.org
> Subject: RE: IPP> MOD - Issue 2: How can client force authentication,
> i.e ., identified mode? Solution #2 preferred
>
>
> How does trhis work in combination with various secure
> transmission RLS
> (ssl3, TLS, etc).
>
> What you would actually need would be a product of all the
> combinations of
> identification and auth/secure channel methods.
>
> URL1 = none, none
> URL2 = basic, none
> URL3 = basic, TLS
> URL4 = basic, SSL3
> URL5 = digest, none
> ...
> URL9 = digest, SSL3
>
> URL27 = foobar, XYZ
>
>
>