IPP>SEC, IPP>MOD, IPP>DIR - Security attributes

IPP>SEC, IPP>MOD, IPP>DIR - Security attributes

Roger K Debry rdebry at us.ibm.com
Fri Jun 13 11:20:37 EDT 1997


As you read the new security internet-draft you will see that four common usage
scenarios are described.  These are:


o no security
o message protection
o client authentication and authorization
o mutual authentication, authorization, and message protection


In order to let a person who is searching a directory know what to expect in
terms of security, we need some Printer attributes that would be stored in the
directory to help indicate this. For example, when I search a directory, I want
to know which printers require authentication.  There are undoutbedly many ways
to do this.  I would appreciate your comments on the following proposal as a
way to get some discussion going on this ...




New Printer Attributes:


Message Protection
  values are none, supported or required


Authentication/Authorization
   values are none, supported, or required


Supported means that the Printer is capable of supporting this security
feature, but it is does not require the client to use it. For example, if
message  protection is supported, it means that a client can encrypt a message
if privacy is required, but does not have to.


Required means that the Printer is capable of supporting this privacy feature,
and the client is required to use it. For example, if
authentication/authorization is required, then the client must be authenticated
before using the Printer.


Alternatives include listing each security protocol supported as an attribute
with values as above,  or having one attribute called security with the names
of the supported protocols as values.


Comments???


Roger K deBry
Senior Techncial Staff Member
Architecture and Technology
IBM Printing Systems
email: rdebry at us.ibm.com
phone: 1-303-924-4080



More information about the Ipp mailing list