RE: IPP> MOD - Issue 2: How can client force authentication, i.e

Wenn, John C (jwenn@cp10.es.xerox.com)
Tue, 30 Mar 1999 03:43:27 -0800

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Michael Sweet: "Re: IPP> MOD - Issue 2: How can client force authentication, i.e.,"
• Previous message: Herriot, Robert: "RE: IPP> MOD - Issue 2: How can client force authentication, i.e"

There need not be an explosion of URL's. According to the latest HTTP
Authentication draft (the rfc2069 replacement, should have an RFC# any day),
the server can specify multiple authentication schemes. The client must
choose the strongest HTTP authentication scheme it understands and use that
one.

So it would really look like

URL1 none, none
URL2 HTTP, none
URL3 none, SSL3
URL4 HTTP, SSL3
...

Where HTTP can be Basic, Digest or whatever the client & server agree on.

/John

> -----Original Message-----
> From: Paul Moore [mailto:paulmo@microsoft.com]
> Sent: Monday, March 29, 1999 11:12 AM
> To: 'Herriot, Robert'; ipp@pwg.org
> Subject: RE: IPP> MOD - Issue 2: How can client force authentication,
> i.e ., identified mode? Solution #2 preferred
>
>
> How does trhis work in combination with various secure
> transmission RLS
> (ssl3, TLS, etc).
>
> What you would actually need would be a product of all the
> combinations of
> identification and auth/secure channel methods.
>
> URL1 = none, none
> URL2 = basic, none
> URL3 = basic, TLS
> URL4 = basic, SSL3
> URL5 = digest, none
> ...
> URL9 = digest, SSL3
>
> URL27 = foobar, XYZ
>
>
>

• Next message: Michael Sweet: "Re: IPP> MOD - Issue 2: How can client force authentication, i.e.,"
• Previous message: Herriot, Robert: "RE: IPP> MOD - Issue 2: How can client force authentication, i.e"

Comments are owned by the poster. All other material is Copyright © 2001-2024 The Printer Working Group. All rights reserved. IPP Everywhere, the IPP Everywhere logo, and the PWG logo are trademarks of the IEEE-ISTO.
About the PWG · Privacy Policy · PWG Webmaster