IPP> Re: ADM - Draft minutes [client security issues]

IPP> Re: ADM - Draft minutes [client security issues]

Carl-Uno Manros carl at manros.com
Fri Dec 19 10:09:51 EST 1997


At 01:43 PM 12/19/97 +0100, Harald.T.Alvestrand at uninett.no wrote:
>
>moore at cs.utk.edu said:
>> The alternative is for IPP to convince IESG that digest 
>> authentication alone really is adequate for a wide variety of printer 
>> authentication  scenarios.   I won't claim that it cannot be done, 
>> but offhand, I don't see how to do this. 
>
>The third alternative is, of course, to claim that the WG is now convinced
>that it's acceptable for an IPP client to be unable to print on any
>printer that requires non-shared-secret authentication.
>This did not seem to be the consensus in Washington, but after all,
>the list, not the meeting, is the final arbiter of IETF WG consensus.
>
>Remember - you are the domain experts who are supposed to know what the
>requirements for a print protocol are; the IESG requirement is that:
>
>- It's possible for all conformant implementations to be able to
>  interwork, if configured to do so
>- Whatever functions must be implemented use neither cleartext passwords
>  nor encumbered technology, if possible
>
>If ability of a client to print on a TLS-only-configured printer is not
>in your requirements set, then that should not be a requirement.
>
>                   Harald A


Well,


It seems that Harald has a more liberal view on this than Keith. This seems
to open up the possibility to to recommend that all clients SHOULD support
TLS, but not make it an absolute MUST.


Comments?


Carl-Uno



More information about the Ipp mailing list