Re: IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication

Ira McDonald (imcdonal@sdsp.mc.xerox.com)
Wed, 7 Apr 1999 23:09:39 -0400

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Michael Sweet: "IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication"
• Previous message: Keith Moore: "IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication"

Hi Keith and Mike,

A small clarification. The US government raised the export
restriction to 56-bit encryption in September 1998. And 56-bit
(even single round) is MUCH harder to break than 40-bit (according
to security professionals like Bruce Schneier in his bible
'Applied Cryptography').

Nonetheless, the problem of requiring Digest support in all
IPP server-side implementations (ie, printers and spoolers)
is that it makes the original IPP WG goal of a protocol that
can be built on EXISTING off-the-shelf HTTP software hopeless.

Cheers,
- Ira McDonald

(outside consultant at Xerox)
High North Inc

• Next message: Michael Sweet: "IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication"
• Previous message: Keith Moore: "IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication"

Comments are owned by the poster. All other material is Copyright © 2001-2024 The Printer Working Group. All rights reserved. IPP Everywhere, the IPP Everywhere logo, and the PWG logo are trademarks of the IEEE-ISTO.
About the PWG · Privacy Policy · PWG Webmaster