IPP> Re: PRO - Issue 32: Use of Basic & Digest Authentication
Wenn, John C
jwenn at cp10.es.xerox.com
Tue Apr 13 16:49:41 EDT 1999
For authentication:
Digest is not perfectly secure (being vulnerable to some types of
active attacks and lack of integration with current server authentication
mechanisms), but it is an acceptable security solution.
Basic by itself is not acceptable, but may be acceptable if used
with an encrypted chanel (TLS+Basic).
This discussion should be about what is the mandatory authentication scheme
that is both (*) has adequate security and (*) meets other IPP criteria
(usability, ease of implementation, etc.)
/John
More information about the Ipp
mailing list