Ira,
The IPPFax protocol spec allows for other methods of authentication.
Table 10 requires a Sender to support and use digest authentication.
(Actually, the requirements for the sender seem kind of confusing....)
Would Digest be sufficient to authenticate the user to retrieve
subscription information?
Ippget: Ira believes that a sender needs to be authenticated to
retrieve subscription data and matching "requesting-user-name" is not
sufficient(especially for IPPFax). We discussed requiring Sender side
TLS authentication. Gail believes that this would limit the usability
(how many clients are really going to have certificates?). Relaxed the
requirement for IPPGet notifications to just requiring notifications.
This archive was generated by hypermail 2b29 : Wed Jul 23 2003 - 18:43:09 EDT