One subject that I tried to collect more information about last week was
the options for IPP security. Here are some first hints for the SEC group
to follow up on:
The IPSEC WG (IP Security Protocol) is mainly working on lower layer
security which we may want to assume is present.
The TSL WG (Transport Layer Security) seems to be the IETF version of SSL
and is approaching finalization.
A new project, which I have not yet been able to place in WG is called SASL
(Simple Authentication and Security Layer). The latter was recommended by
Harald for us to take a look at. An I-D can be be found at:
http://www.internic.net/internet-drafts/draft-myers-auth-sasl-08.txt
It seems that S-MIME (Secure MIME) might never happen in the IETF due to
dependency on some RSA proporietary components.
Einar Stefferud suggested looking at PGP-MIME as an alternative. I have not
yet found a good reference for the latter.
The search continues.
Regards,
Carl-Uno
Carl-Uno Manros
Principal Engineer - Advanced Printing Standards - Xerox Corporation
701 S. Aviation Blvd., El Segundo, CA, M/S: ESAE-231
Phone +1-310-333 8273, Fax +1-310-333 5514
Email: manros at cp10.es.xerox.com