Hi Mike,
Thanks for the feedback! Updating the document now. I will be adding some sub-section placeholders where the document will specify among other things how a Printer should respond when authentication fails (I've seen some interesting things recently that made me think this ought to discuss that aspect).
A couple of thoughts on your feedback below.
Smith
> On Dec 8, 2017, at 6:57 AM, Michael Sweet <msweet at apple.com> wrote:
>> Smith,
>> Couple quick editorial notes on the latest draft:
>> - Section 3: Suggest title be changed to "Overview of IPP Authentication Methods"; it isn't really rationale, and this isn't a standards track document, so I think we can relax the usual boilerplate stuff.
> - Section 3.1: Also mention printer-xri-supported's xri-authentication member attribute (RFC3380)
> - Section 3.1.3: Line 111 should say "HTTP Basic" (capitalized, no quotes around Basic)
> - Section 3.1.4: Line 121 should say "HTTP Digest" (capitalized, no quotes around Digest)
> - Section 3.1.5: Ditto for Negotiate
> - Section 3.1.6: "HTTP Bearer Token Usage", RFC 6750 (5749 is OAuth 1.0)
I added both RFC 6749 and RFC 6750.
> - Section 3.1.x: Add section on 'certificate' - requires TLS, which can be done inline with HTTP Upgrade
Perhaps we need to talk more about authentication via TLS in general? I don't know how much other types such as TLS-SRP are used for authentication, but perhaps TLS authentication vs. HTTP authentication over unauthenticated or semi-authenticated (server authenticated) TLS might warrant discussion.
>>>> On Dec 5, 2017, at 4:10 PM, Kennedy, Smith (Wireless & Standards Architec) <smith.kennedy at hp.com> wrote:
>>>> Greetings,
>>>> I have uploaded a new draft of the IPP Authentication Methods whitepaper for review. It is available here:
>>>>https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-ippauth-20171205.odt>>https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-ippauth-20171205.pdf>>https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-ippauth-20171205-rev.pdf>>https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-ippauth-20171205-rev.odt>>>> Notable changes in this draft include:
>>>> * Corrected OAuth2 sequence diagram to more correctly describe the sequence of operations and actors involved in an OAuth2 authenticated IPP Printer scenario.
>>>> * Added Implementation Recommendations that were revealed during the course of correcting the OAuth2 sequence diagram.
>>>> Cheers,
>>>> Smith
>>>> /**
>> Smith Kennedy
>> Wireless & Standards Architect - IPG-PPS
>> Standards - IEEE ISTO PWG / Bluetooth SIG / Wi-Fi Alliance / NFC Forum / USB-IF
>> Chair, IEEE ISTO Printer Working Group
>> HP Inc.
>> */
>>>>>>>> _______________________________________________
>> ipp mailing list
>>ipp at pwg.org>>https://www.pwg.org/mailman/listinfo/ipp>> _________________________________________________________
> Michael Sweet, Senior Printing System Engineer
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4241 bytes
Desc: not available
URL: <http://www.pwg.org/pipermail/ipp/attachments/20180122/377e0083/attachment.p7s>