IPP Mail Archive: RE: IPP> SEC - Revised version of the security statements for IPP/1.1

RE: IPP> SEC - Revised version of the security statements for IPP/1.1

Scott Lawrence (lawrence@agranat.com)
Mon, 10 May 1999 10:23:36 -0400

> 7.1 Security Conformance
>
> IPP clients MUST/SHOULD [which is to be determined in
> consultation with the
> Area Director] support:
>
> Digest Authentication [rfc2069].

That should reference whatever the number becomes for the Draft Standard
version, not 2069; the older version doesn't define MD5-sess at all. I
haven't seen any change in status on the RFC editors queue for a while on
these. I believe that all the final edits have been to them for some time
now, so I would expect an RFC number before long.

> MD5 and MD5-sess MUST be implemented and supported.
> The Message Integrity feature NEED NOT be used.

Will you specify what values for 'qos' are acceptable? If you don't mandate
support for qos=auth-int, then the IPP message in the HTTP body is not
protected.