Yes we plan to change the RFC references for HTTP/1.1 as soon as the new RFC
numbers are available.
Seems like we should define the value for qos as you suggest.
Carl-Uno
> -----Original Message-----
> From: Scott Lawrence [mailto:lawrence@agranat.com]
> Sent: Monday, May 10, 1999 7:24 AM
> To: Manros, Carl-Uno B; IETF-IPP
> Subject: RE: IPP> SEC - Revised version of the security statements for
> IPP/1.1
>
>
>
>
> > 7.1 Security Conformance
> >
> > IPP clients MUST/SHOULD [which is to be determined in
> > consultation with the
> > Area Director] support:
> >
> > Digest Authentication [rfc2069].
>
> That should reference whatever the number becomes for the
> Draft Standard
> version, not 2069; the older version doesn't define MD5-sess
> at all. I
> haven't seen any change in status on the RFC editors queue
> for a while on
> these. I believe that all the final edits have been to them
> for some time
> now, so I would expect an RFC number before long.
>
> > MD5 and MD5-sess MUST be implemented and supported.
> > The Message Integrity feature NEED NOT be used.
>
> Will you specify what values for 'qos' are acceptable? If
> you don't mandate
> support for qos=auth-int, then the IPP message in the HTTP body is not
> protected.
>