Seems like keywords for defining patters combined with a new “job-password-minimum-length integer(0:255)” is the most expedient and backward compatible way forward. Should the latter new attribute be in the range 1:255?
Smith
> On 2015-03-30, at 2:42 PM, Michael Sweet <msweet at apple.com> wrote:
>> Here is my proposal from Feb 4th:
>>> All,
>>>> Here are some quick links to the MS Active Directory and Apple Open Directory password policy support:
>>>> Active Directory supports a bunch of things, but for job-password the two relevant settings are "Passwords must meet complexity requirements" and "Minimum password length"- there is no notion of more complex settings to control the contents of the password string:
>>>>https://technet.microsoft.com/en-us/library/hh994562(v=ws.10).aspx
>>>> Open Directory supports limits on the length (min and max), maximum number of repeated characters (i.e., prevent use of "aaaa" as a password) and sequential characters (e.g., "1234"), plus controls for "must contain a letter" and "must contain a number":
>>>>http://support.apple.com/kb/PH9234>>>> Seems like a simple keyword approach may be sufficient, e.g.:
>>>> job-password-policy-configured (type2 keyword)
>> job-password-policy-supported (1setOf type2 keyword)
>>>> Informs the Client of the formatting requirements for "job-password" values, includings:
>>>> 'digits': The "job-password" value must consist of digits from 0 to 9.
>>>> 'alphanumeric': The "job-password" value must consist of US ASCII letters and numbers.
>>>> 'alphanumeric-complex': The "job-password" value must consist of US ASCII letters and numbers, with at least one uppercase letter, one lowercase letter, and one digit.
>>>> [For discussion: do we want full ASCII and Unicode printable support, too?]
>>>> As for length requirements, right not "job-password-supported" is of type integer(0:255). Ideally we'd want a rangeOfInteger(0:MAX) value to provide minimum and maximum lengths - not sure how much trouble we'd cause by extending that attribute to "integer(0:MAX) | rangeOfInteger(0:MAX)", but IMHO that would be the ideal outcome.
>>>> alternately we can add a "job-password-minimum-length integer(0:255)" attribute to specify the minimum length of a "job-password" value separately.
>>>> On Feb 4, 2015, at 1:44 PM, Kennedy, Smith (Wireless Architect) <smith.kennedy at hp.com> wrote:
>>>> Greetings,
>>>> As per yesterday’s discussion, I have posted an initial draft of a ‘IPP “job-password-allowable-pattern” attribute’ whitepaper, that contains use cases and a proposed attribute that needs definition to allow a Printer to convey size and content limits on what range of values the Printer will accept for the “job-password” attribute.
>>>> The initial draft is here:
>>>>http://ftp.pwg.org/pub/pwg/ipp/wd/wp-job-password-allowable-pattern-20150204.docx>>>> Feedback and contributions are of course welcome!
>>>> Cheers,
>> Smith
>>>> /**
>> Smith Kennedy
>> Hewlett-Packard Co.
>> */
>>>> _______________________________________________
>> ipp mailing list
>>ipp at pwg.org>>https://www.pwg.org/mailman/listinfo/ipp>> _________________________________________________________
> Michael Sweet, Senior Printing System Engineer, PWG Chair
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4956 bytes
Desc: not available
URL: <http://www.pwg.org/pipermail/ipp/attachments/20150330/4bd45096/attachment.p7s>