I have been pondering about whether we are trying to make life a little too
difficult for ourselves when we look for a solution to this issue. Here is a
totally different proposal.
Considering that:
- ALL IPP/1.0 and 1.1 clients AND printers MUST support Basic and Digest
Authentication (see the IPP Encoding & Transport drafts).
- the Basic Authentication is being deprecated in the new HTTP/1.1 Draft
Standard, and might disappear from future HTTP products.
Why don't we mandate in IPP/1.1 that IPP printers ALWAYS send a challenge
for Digest Authentication?
This would make it unnecessary for the IPP client to ever need to request a
challenge.
A possible drawback might be that the user may have to fill in extra
security information for each print request, but maybe this can be cached in
a user profile. I expect that people who have designed real clients have
already solved that problem.
Comments?
Carl-Uno
Carl-Uno Manros
Principal Engineer - Xerox Architecture Center - Xerox Corporation
701 S. Aviation Blvd., El Segundo, CA, M/S: ESAE-231
Phone +1-310-333 8273, Fax +1-310-333 5514
Email: manros@cp10.es.xerox.com