RE: IPP> SEC - Revised version of the security statements for IPP/1.1

Scott Lawrence (lawrence@agranat.com)
Mon, 10 May 1999 10:23:36 -0400

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Manros, Carl-Uno B: "RE: IPP> SEC - Revised version of the security statements for IP"
• Previous message: Anthony Porter: "RE: IPP> MOD - REVISITED Issue 17 - Client display of absolute date and time for job attributes"

> 7.1 Security Conformance
>
> IPP clients MUST/SHOULD [which is to be determined in
> consultation with the
> Area Director] support:
>
> Digest Authentication [rfc2069].

That should reference whatever the number becomes for the Draft Standard
version, not 2069; the older version doesn't define MD5-sess at all. I
haven't seen any change in status on the RFC editors queue for a while on
these. I believe that all the final edits have been to them for some time
now, so I would expect an RFC number before long.

> MD5 and MD5-sess MUST be implemented and supported.
> The Message Integrity feature NEED NOT be used.

Will you specify what values for 'qos' are acceptable? If you don't mandate
support for qos=auth-int, then the IPP message in the HTTP body is not
protected.

• Next message: Manros, Carl-Uno B: "RE: IPP> SEC - Revised version of the security statements for IP"
• Previous message: Anthony Porter: "RE: IPP> MOD - REVISITED Issue 17 - Client display of absolute date and time for job attributes"

Comments are owned by the poster. All other material is Copyright © 2001-2024 The Printer Working Group. All rights reserved. IPP Everywhere, the IPP Everywhere logo, and the PWG logo are trademarks of the IEEE-ISTO.
About the PWG · Privacy Policy · PWG Webmaster