> SECURITY
> There are reserved port numbers for TLS & SSL on HTTP (port
> 443)
> TLS is backwards compatible with SSL3. Actually TLS is
> SSL3.1 The TLS I-D describes how to support SSL3
> interoperability.
> The group then discussed wording choices for stating the
> security protocol requirements (SSL3, TLS, etc.) There were
> four wording alternatives explored:
> 1) IPP Client/Servers must implement TLS with SSL3
> compatibility
> 2) IPP Client/Servers shall be interoperable with a TLS
> communicant
> 3) IPP Client/Servers must be TLS compliant.
> 4) #2 above plus "with SSL3 backward compatibility"
> Decision: #1 with some section talking about a transition to
> TLS.
I will note carefully that this closely follows the model of having
different ports for different protocols. Note that TSL/SSL actually are
HTTP over TSL and HTTP over SSL. We are similarly doing IPP over HTTP.
Should this be the same port or a different port?
Patrick