IPP> Re: ADM - Draft minutes [client security issues]

IPP> Re: ADM - Draft minutes [client security issues]

Harald.T.Alvestrand at uninett.no Harald.T.Alvestrand at uninett.no
Fri Dec 19 07:43:57 EST 1997


moore at cs.utk.edu said:
> The alternative is for IPP to convince IESG that digest 
> authentication alone really is adequate for a wide variety of printer 
> authentication  scenarios.   I won't claim that it cannot be done, 
> but offhand, I don't see how to do this. 


The third alternative is, of course, to claim that the WG is now convinced
that it's acceptable for an IPP client to be unable to print on any
printer that requires non-shared-secret authentication.
This did not seem to be the consensus in Washington, but after all,
the list, not the meeting, is the final arbiter of IETF WG consensus.


Remember - you are the domain experts who are supposed to know what the
requirements for a print protocol are; the IESG requirement is that:


- It's possible for all conformant implementations to be able to
  interwork, if configured to do so
- Whatever functions must be implemented use neither cleartext passwords
  nor encumbered technology, if possible


If ability of a client to print on a TLS-only-configured printer is not
in your requirements set, then that should not be a requirement.


                   Harald A



More information about the Ipp mailing list