IPP Mail Archive: Re: IPP> BakeOff3 Issue 3.2 - Do URLs have

Re: IPP> BakeOff3 Issue 3.2 - Do URLs have to be different if the security is different?

From: Carl Kugler (kugler@us.ibm.com)
Date: Thu Dec 14 2000 - 12:38:55 EST

  • Next message: Hastings, Tom N: "IPP> RE: Registering MIME PDLs"

    --- Tom wrote:
    > At the IPP WG meeting, we agreed to resolution 2 for Issue 3.2. However,
    on
    > the IPP telecon today, Ira pointed out that HTTP security is
    > connection-based, not transaction-based.
    > There is a new experimental RFC
    > 2660 for SHTTP (August 1999), which has transaction-based security, but
    we
    > don't want IPP to have to use that.
    >
    > So resolution 2 won't work; the challenge has to be issued for the
    > connection, not on an operation-by-operation basis. Therefore, each
    > different security regime that a Printer supports MUST have a distinct
    URL.
    > What about authentication?
    >

    This seems overly general to me. By "HTTP security" are you refering to
    Digest authentication, TLS, Kerberos, or what?

    You seem to be implying that each operation requires a separate connection.
    That is not the normal case for HTTP/1.1: all connections in HTTP/1.1 are
    persistent by default. Also, Basic and Digest authentication can work over
    non-persistent connections (they worked for HTTP/1.0, didn't they?).

    AFAIK, a transaction is a series of operations that succeeds or fails as a
    unit, with the properties of atomicity, consistency, isolation and
    durability. Is this a new requirement for IPP?

         -Carl



    This archive was generated by hypermail 2b29 : Thu Dec 14 2000 - 12:41:00 EST