IPP Mail Archive: Re: IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication

Re: IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication

Michael Sweet (mike@easysw.com)
Mon, 12 Apr 1999 13:02:27 -0400

Larry Masinter wrote:
> ...
> the user's "printer password" is likely to be the user's password
> for other services, and so compromising the printer password
> compromises everything _else_ the user has access to. (That's also

That goes into policy and use issues, which are beyond the scope of
any standard...

> why MD5-sess is a good idea.) Digest Authentication with qop=auth is
> adequate for protecting against evesdropping, and is adequate for
> protecting against replay attacks. Any attempt to hijack one

It all depends on how the server implements Digest. Apache (and
others) currently don't support qop, or any other HTTP/1.1 final
draft Digest stuff.

> person's print job with some false data would soon be noticed.

It would take enough time that the offender would be able to get his
or her printout before the "hijacking" was noticed... The whole
purpose of authorization is to *prevent* that from happening, and the
only fool-proof way I know of with Digest authentication is to hash
the entire request (not just the username/password/realm/nonce).

> qop=auth-int has the problem that you have to hash the body of the
> request before sending the request, which would interfere with IPP
> performance if the print stream data is being computed as it is
> being sent.

As I understand it, the MD5 sum can be sent *after* the request, so
no up-front penalty is paid. Of course, I know of no server product
that supports it yet, but...

-- 
______________________________________________________________________
Michael Sweet, Easy Software Products                  mike@easysw.com
Printing Software for UNIX                       http://www.easysw.com