attachment-0002
<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1252"><base href="x-msg://27/"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><br></div><div>Hi Bill,</div><div><br></div><div>RE: Item #1 below, starting with "The Device Owner…" , it seems like a complicated interface and sequence of steps that the owner will have to take to register his device for cloud access. If I'm doing one imaging device, it might seem tractable. If I'm doing 20 or 30 heterogeneous devices, it seems excessive. Have we modeled how this might look for an administrator, like what would the UI look like, or what the admin experience would be?</div><div><br></div><div>From Note 1b, I thought registration "caused" a corresponding cloud imaging service to be created? The device registers with some generic (non-specific) imaging cloud service, correct? and then once registered, the "corresponding" service is created. Or at least that's what I thought we were talking about at the last face-to-face.</div><div><br></div>Also, from your "Note #2 below", It seems reasonable that the "Authorization" part of the cloud service is probably out of scope for the Cloud WG…but you've highlighted some examples of potential predicates for an authorization decision -- if anyone has any ideas regarding the types of authorization decisions that a service might want to make, I would urge the group to pass those along to the IDS team, especially whoever has the ball on a XACML dialect for imaging authorization.<div><br></div><div>I know that Mike has published the "Paid Extensions" stuff from IPP that uses some type of authorization ticket that says "I've paid for what I'm asking for", but I would hope that this type of authorization would be just another predicate check by a larger, overall authorization engine, and that there would be one (and only one) "Ok, we'll allow this operation" ticket or token that takes into account all authorization decisions (predicates, conditions, etc.)<br><div><br></div><div>R.</div><div><br><div><div>On Jul 19, 2013, at 4:29 PM, William A Wagner <<a href="mailto:wamwagner@comcast.net">wamwagner@comcast.net</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div lang="EN-US" link="blue" vlink="purple" style="font-family: Helvetica; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><div class="WordSection1" style="page: WordSection1; "><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">As I generate a Registration section for the Cloud Imaging Model, I would like to verify my understanding of the decisions made at Monday's meeting.<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt 0.5in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>1.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>The Device Owner, operating through the Cloud Imaging Device Proxy that provides the cloud interface for the device, registers the device and the device services he wishes to make available to the Cloud Imaging System. He may desire to block access to specific Device elements and Service elements. In response to information provided by the Device owner to the Proxy:<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>a.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>The proxy provides Device registration information with an initial Update System Elements message to the Cloud System Control Service. This message provides information on all System Elements of the Device that are to be made known to the Cloud Imaging System. It corresponds to a response to a current Get System Elements message with all elements identified.<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>b.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>The Proxy identifies the Device Services that are to be accessible to the Cloud Imaging System by sending an Identify Services message to the Cloud System Control Service. This corresponds to a response to a current List Services operation.<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>c.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>The proxy identifies the elements of each Device Imaging Service that are to be made available to the corresponding Cloud Imaging Service by sending an initial Update Service Elements to an Owner-identified corresponding imaging service of the target Cloud Imaging System. This corresponds to a response to a current Get Service Elements operation.<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 0.5in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>2.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>Once Device and Service registrations are complete, the Proxy will maintain contact with the Cloud System Control Service and the registered Imaging services, updating System and Service Elements and checking Cloud Imaging Services for jobs.<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">Note:<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 0.5in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>1.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>It was decided that:<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>a.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>Devices and Service are registered, not subunits<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>b.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>Device Services can only be registered with corresponding Cloud Imaging Services<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>c.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>Therefore: a Device subunit cannot be made accessible to a Cloud Imaging Service unless that subunit is configured as part of a Device Imaging Service that is registered with the Cloud Imaging Service. For example, a Cloud FaxIn Service can not use a marking engine in a Print Device unless that marking engine is also configured as part of a FaxIn service that is registered with the Cloud FaxIn Service. (This seems an unfortunate limitation to me.)<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 0.5in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>2.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>It was agreed that the Owner will want to place restrictions on:<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>a.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>Who can use the device, with respect to one or more of the following:<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1.5in; font-size: 10.5pt; font-family: Consolas; text-indent: -1.5in; "><span><span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span>i.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>User ID, possibly including results of authentication<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1.5in; font-size: 10.5pt; font-family: Consolas; text-indent: -1.5in; "><span><span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span>ii.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>Geographical or network typological origin of the user<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1.5in; font-size: 10.5pt; font-family: Consolas; text-indent: -1.5in; "><span><span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span>iii.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>Payment or credit<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1.5in; font-size: 10.5pt; font-family: Consolas; text-indent: -1.5in; "><span><span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span>iv.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>Any one of various other conditions<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>b.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>What services a user can use<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>c.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>When each user can use what services (e.g., Print and Hardcopy Fax and Email only during working hours; FaxIn, EmailIn to storage all the time)<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>d.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>Degree of use (e.g., max number of copies)for each particular user and Service<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 1in; font-size: 10.5pt; font-family: Consolas; text-indent: -0.25in; "><span>e.<span style="font-style: normal; font-variant: normal; font-weight: normal; font-size: 7pt; line-height: normal; font-family: 'Times New Roman'; "> <span class="Apple-converted-space"> </span></span></span>Probably other conditions<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 0.5in; font-size: 10.5pt; font-family: Consolas; ">The owner will communicate with the Cloud Imaging System with an “access list” to identify these User rights and restrictions. This process is out of scope for the Cloud Imaging Model.<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt 0.75in; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">I would appreciate confirmation or correction of this understanding.<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">Thanks,<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">Bill Wagner<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">-----Original Message-----<br>From:<span class="Apple-converted-space"> </span><a href="mailto:cloud-bounces@pwg.org" style="color: purple; text-decoration: underline; ">cloud-bounces@pwg.org</a><span class="Apple-converted-space"> </span>[mailto:cloud-<a href="mailto:bounces@pwg.org" style="color: purple; text-decoration: underline; ">bounces@pwg.org</a>] On Behalf Of Michael Sweet<br>Sent: Monday, July 15, 2013 4:25 PM<br>To:<span class="Apple-converted-space"> </span><a href="mailto:cloud@pwg.org" style="color: purple; text-decoration: underline; ">cloud@pwg.org</a><br>Subject: [Cloud] Minutes posted from today's Cloud Imaging WG conference call<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">All,<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">I have posted the minutes to today's Cloud Imaging WG conference call to:<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "> <span class="Apple-converted-space"> </span><a href="ftp://ftp.pwg.org/pub/pwg/cloud/minutes/cloud-concall-minutes-20130715.pdf" style="color: purple; text-decoration: underline; "><span style="color: windowtext; text-decoration: none; ">ftp://ftp.pwg.org/pub/pwg/cloud/minutes/cloud-concall-minutes-20130715.pdf</span></a><o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">Our next conference call will be on July 29, 2013 at 3pm ET.<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">_________________________________________________________<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">Michael Sweet, Senior Printing System Engineer, PWG Chair<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">--<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><o:p> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">_______________________________________________<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; ">cloud mailing list<o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><a href="mailto:cloud@pwg.org" style="color: purple; text-decoration: underline; "><span style="color: windowtext; text-decoration: none; ">cloud@pwg.org</span></a><o:p></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 10.5pt; font-family: Consolas; "><a href="https://www.pwg.org/mailman/listinfo/cloud" style="color: purple; text-decoration: underline; "><span style="color: windowtext; text-decoration: none; ">https://www.pwg.org/mailman/listinfo/cloud</span></a><o:p></o:p></div></div><br>--<span class="Apple-converted-space"> </span><br>This message has been scanned for viruses and<span class="Apple-converted-space"> </span><br>dangerous content by<span class="Apple-converted-space"> </span><a href="http://www.mailscanner.info/" style="color: purple; text-decoration: underline; "><b>MailScanner</b></a>, and is<span class="Apple-converted-space"> </span><br>believed to be clean. _______________________________________________<br>cloud mailing list<br><a href="mailto:cloud@pwg.org" style="color: purple; text-decoration: underline; ">cloud@pwg.org</a><br><a href="https://www.pwg.org/mailman/listinfo/cloud" style="color: purple; text-decoration: underline; ">https://www.pwg.org/mailman/listinfo/cloud</a><br></div></blockquote></div><br></div></div><br />--
<br />This message has been scanned for viruses and
<br />dangerous content by
<a href="http://www.mailscanner.info/"><b>MailScanner</b></a>, and is
<br />believed to be clean.
</body></html>