The 'Basic' HTTP Authentication Scheme

“…Print devices that have high-volume throughput and have available ROM space will typically provide support for Client Authentication that safeguards the device from unauthorized access because these devices are prone to a high loss of consumables and paper if unauthorized access occurs. [RFC7617] for User Authentication if the channel is secure, e.g., IPP over HTTPS [RFC7472]. IPP Clients and Printers SHOULD NOT support Basic Authentication over insecure channels.…”

“…o Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing [RFC7230] o Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content [RFC7231] o Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests [RFC7232] o Hypertext Transfer Protocol (HTTP/1.1): Caching [RFC7234] o Hypertext Transfer Protocol (HTTP/1.1): Authentication [RFC7235] o The 'Basic' HTTP Authentication Scheme [RFC7617] o HTTP Digest Access Authentication [RFC7616] IPP implementations can support HTTP/2, which is described in the following RFCs:…”

Internet Printing Protocol/1.1: Encoding and Transport

“…Print devices that have high-volume throughput and have available ROM space will typically provide support for Client Authentication that safeguards the device from unauthorized access because these devices are prone to a high loss of consumables and paper if unauthorized access occurs. [RFC7617] for User Authentication if the channel is secure, e.g., IPP over HTTPS [RFC7472]. IPP Clients and Printers SHOULD NOT support Basic Authentication over insecure channels.…”

“…o Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing [RFC7230] o Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content [RFC7231] o Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests [RFC7232] o Hypertext Transfer Protocol (HTTP/1.1): Caching [RFC7234] o Hypertext Transfer Protocol (HTTP/1.1): Authentication [RFC7235] o The 'Basic' HTTP Authentication Scheme [RFC7617] o HTTP Digest Access Authentication [RFC7616] IPP implementations can support HTTP/2, which is described in the following RFCs:…”

Internet Printing Protocol/1.1: Encoding and Transport

“…Usernames and passwords are widely used for authentication and authorization on the Internet, either directly when provided in plaintext (as in the PLAIN Simple Authentication and Security Layer (SASL) mechanism [RFC4616] and the HTTP Basic scheme [RFC7617]) or indirectly when provided as the input to a cryptographic algorithm such as a hash function (as in the Salted Challenge Response Authentication Mechanism (SCRAM) SASL mechanism [RFC5802] and the HTTP Digest scheme [RFC7616]). …”

“…Although the historical predecessor of this document was the SASLprep profile of Stringprep [RFC3454]), the approach defined here can be used by technologies other than SASL [RFC4422], such as HTTP authentication as specified in [RFC7617] and [RFC7616].…”

Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords

“…When using call home with the RESTCONF protocol, special care is required when using some HTTP authentication schemes, especially the Basic [RFC7617] and Digest [RFC7616] schemes, which convey a shared secret (e.g., a password). Implementers and deployments should be sure to review the Security Considerations section in the RFC for any HTTP client authentication scheme used.…”

NETCONF Call Home and RESTCONF Call Home