[IPP] Initial draft of IPPS URI Scheme (25 August 2010)

[IPP] Initial draft of IPPS URI Scheme (25 August 2010)

Michael Sweet msweet at apple.com
Mon Aug 30 21:34:08 UTC 2010

On Aug 30, 2010, at 8:20 AM, Ira McDonald wrote:
> ...
> I do think we should RECOMMEND against the practice,
> because it supplies ambiguous security to the IPP Printer
> object.

FWIW, while it is certainly possible I think it would be better to simply require that printers supporting both ipp and ipps report the appropriate keywords for uri-security-supported (ssl3 and/or tls) along with mandatory support for HTTP Upgrade.  That would be consistent with our "message" since IPP/1.1 and gives us what we want on the standards side of things.

Whether a Printer allows clear-text connections when configured with SSL/TLS support is, IMHO, a site-specific policy outside the scope of IPP, and in particular HTTP Upgrade allows both the Client and Printer to enforce a particular policy dynamically.  Moreover, some communications channels may already be secured, making any transport-level encryption optional over those channels.

Michael Sweet, Senior Printing System Engineer, PWG Chair

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20100830/34e96daa/attachment-0001.html>

More information about the ipp mailing list