attachment
<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi there,<div class=""><br class=""></div><div class="">As per my action item from the June 29, 2017 IPP WG minutes (<span style="font-family: HelveticaNeue;" class=""><a href="http://ftp.pwg.org/pub/pwg/ipp/minutes/ippv2-concall-minutes-20170629.pdf" class="">http://ftp.pwg.org/pub/pwg/ipp/minutes/ippv2-concall-minutes-20170629.pdf</a></span>), I am finally providing a use case illustrating what I think IPP is lacking but should support:</div><div class=""><br class=""></div><blockquote style="margin: 0 0 0 40px; border: none; padding: 0px;" class=""><div class="">Wilma has created a document that she wants to be saved on the department MFD, but wants only those that have the document's password to be able to print it. She chooses to add a password to the job and also chooses to save the job in the print dialog, and clicks on "Print" to submit the job to the printer. The Printer receives the Job, where its processing consists of the Job being saved for reprint later. The password persists with the saved Job. Wilma then sends out an email to her teammates informing them that the document has been saved on the MFD.</div><div class=""><br class=""></div><div class="">Fred needs a copy of the document, so he goes to the MFD, chooses the job, and is prompted for the saved job's password. Once Fred has entered it successfully into the MFD's control panel, the MFD prints a copy of the saved Job for him.</div><div class=""><br class=""></div></blockquote><u class="">Requirements:</u><br class=""><div class="">Provide a method for persisting a job password with a saved job. This is currently unsupported because the semantics of the current "job-password" attribute are such that the Job is kept in "pending-held" state until the password has been provided to the Printer, but the semantics of IPP saved jobs are such that the processing of a saved job results in it being saved. If the processing is being delayed until the password is provided, and then is abandoned (because it is an operation attribute of a Job Creation operation), a gap exists. The existing "document-password" attribute could be provided but its semantics are inappropriate and it only applies to certain document formats.</div><div class=""><div class=""><br class=""></div><div class="">We can discuss at a later IPP WG meeting (not in this week's vF2F). Let me know if the WG needs more details before proceeding. But this use case is clearly not well supported by 5100.11 (JPS2).</div><div class=""><br class=""><div class="">
Smith<br class=""><br class="">/**<br class=""> Smith Kennedy<br class=""> Wireless Architect - Client Software - IPG-PPS<br class=""> Standards - IEEE ISTO PWG / Bluetooth SIG / Wi-Fi Alliance / NFC Forum / USB IF<br class=""> Chair, IEEE ISTO Printer Working Group<br class=""> HP Inc.<br class="">*/<br class=""><br class=""><br class="">
</div>
<br class=""><div><blockquote type="cite" class=""><div class="">On Jun 25, 2017, at 5:54 PM, Michael Sweet <<a href="mailto:msweet@apple.com" class="">msweet@apple.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">Smith,<br class=""><br class=""><blockquote type="cite" class="">On Jun 23, 2017, at 6:15 PM, Kennedy, Smith (Wireless Architect) <<a href="mailto:smith.kennedy@hp.com" class="">smith.kennedy@hp.com</a>> wrote:<br class=""><br class="">Hi there,<br class=""><br class="">Consider a scenario where a Printer receives a Create-Job operation with the following attributes:<br class=""><br class="">job-password="12345678"<br class="">job-password-encryption='none'<br class="">job-save-disposition=<br class="">{<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span>save-disposition='save-only'<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span>save-info=<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span>{<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>save-location="whatever"<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>save-document-format=application/pdf<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span>}<br class="">}<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><br class="">What would one expect the printer to do:<br class=""><br class="">1. Hold the Job in 'pending-held' state until the matching password was provided, then retain the Job as a Saved Job<br class="">2. Process the Job to retain the Job as a Saved Job per the definition in 5100.11 section 2.2, but then whenever it might be reprinted via user selection on the control panel, the user is prompted for the password<br class=""></blockquote><br class="">The result should be 1 or a new 3:<br class=""><br class="">3. Treat job-password and job-password-encryption as constrained against job-save-disposition (i.e. the two are incompatible), and either return client-error-conflicting-attributes or successful-ok-ignored-or-substituted-attributes with one or the other in the unsupported attributes group of the response.<br class=""><br class="">The problem with #2 is that you are saving private information (job-password[-encryption]) with the processed job data, which could be a security issue (information disclosure). Plus the saved job is not necessarily stored on the printer...<br class=""><br class=""><blockquote type="cite" class="">If the expectation is #1 then there seems to be no way currently in standard IPP to create a password protected Saved Job, which I believe to be a valid use case that IPP needs to support. This could be supported using my (pending) IPP Document Encryption whitepaper, but wondered if it was already supported.<br class=""></blockquote><br class="">What you want is probably the semantic equivalent of document-password in the job-save-disposition ("save-password"), not job-password, however there are issues since we normally send passwords as operation attributes that are not made available as part of the Job or Document objects...<br class=""><br class="">_________________________________________________________<br class="">Michael Sweet, Senior Printing System Engineer<br class=""><br class=""></div></div></blockquote></div><br class=""></div></div></body></html>