[IPP] Updated draft of IPP Authentication Methods whitepaper available for review

[IPP] Updated draft of IPP Authentication Methods whitepaper available for review

Kennedy, Smith (Wireless & Standards Architec) smith.kennedy at hp.com
Mon Jan 22 22:07:35 UTC 2018


Hi Mike,

Thanks for the feedback! Updating the document now. I will be adding some sub-section placeholders where the document will specify among other things how a Printer should respond when authentication fails (I've seen some interesting things recently that made me think this ought to discuss that aspect).

A couple of thoughts on your feedback below.

Smith

> On Dec 8, 2017, at 6:57 AM, Michael Sweet <msweet at apple.com> wrote:
> 
> Smith,
> 
> Couple quick editorial notes on the latest draft:
> 
> - Section 3: Suggest title be changed to "Overview of IPP Authentication Methods"; it isn't really rationale, and this isn't a standards track document, so I think we can relax the usual boilerplate stuff.
> - Section 3.1: Also mention printer-xri-supported's xri-authentication member attribute (RFC3380)
> - Section 3.1.3: Line 111 should say "HTTP Basic" (capitalized, no quotes around Basic)
> - Section 3.1.4: Line 121 should say "HTTP Digest" (capitalized, no quotes around Digest)
> - Section 3.1.5: Ditto for Negotiate
> - Section 3.1.6: "HTTP Bearer Token Usage", RFC 6750 (5749 is OAuth 1.0)

I added both RFC 6749 and RFC 6750.

> - Section 3.1.x: Add section on 'certificate' - requires TLS, which can be done inline with HTTP Upgrade

Perhaps we need to talk more about authentication via TLS in general? I don't know how much other types such as TLS-SRP are used for authentication, but perhaps TLS authentication vs. HTTP authentication over unauthenticated or semi-authenticated (server authenticated) TLS might warrant discussion.

> 
> 
>> On Dec 5, 2017, at 4:10 PM, Kennedy, Smith (Wireless & Standards Architec) <smith.kennedy at hp.com> wrote:
>> 
>> Greetings,
>> 
>> I have uploaded a new draft of the IPP Authentication Methods whitepaper for review. It is available here:
>> 
>>  https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-ippauth-20171205.odt
>>  https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-ippauth-20171205.pdf
>>  https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-ippauth-20171205-rev.pdf
>>  https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-ippauth-20171205-rev.odt
>> 
>> Notable changes in this draft include:
>> 
>> * Corrected OAuth2 sequence diagram to more correctly describe the sequence of operations and actors involved in an OAuth2 authenticated IPP Printer scenario.
>> 
>> * Added Implementation Recommendations that were revealed during the course of correcting the OAuth2 sequence diagram.
>> 
>> Cheers,
>> 
>> Smith
>> 
>> /**
>>   Smith Kennedy
>>   Wireless & Standards Architect - IPG-PPS
>>   Standards - IEEE ISTO PWG / Bluetooth SIG / Wi-Fi Alliance / NFC Forum / USB-IF
>>   Chair, IEEE ISTO Printer Working Group
>>   HP Inc.
>> */
>> 
>> 
>> 
>> _______________________________________________
>> ipp mailing list
>> ipp at pwg.org
>> https://www.pwg.org/mailman/listinfo/ipp
> 
> _________________________________________________________
> Michael Sweet, Senior Printing System Engineer
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4241 bytes
Desc: not available
URL: <http://www.pwg.org/pipermail/ipp/attachments/20180122/377e0083/attachment.p7s>


More information about the ipp mailing list