[IPP] Another updated stable draft of IPP Reprint Passwordpostedfor review

[IPP] Another updated stable draft of IPP Reprint Passwordpostedfor review

Michael Sweet msweet at apple.com
Wed Jul 25 03:56:55 UTC 2018


> On Jul. 24, 2018, at 2:32 PM, wamwagner at comcast.net wrote:
> Michael,
> Thank you for your response. Perhaps I misunderstand, but in regard to your first comment, “Security attributes are not exposed as Job Description/Status/Template attributes …”, do you mean expose via a  Het-Jobs or Get-Job-Attributes request?  But in regard to this request,  RFC 8011 says in with regard to both opertions:
>          The IPP object ignores (does not respond with) any requested attribute or value which is not supported or which is restricted by the security policy in force, including whether the requesting user is the user that submitted the job (job originating user) or not (see section 8 <https://tools.ietf.org/html/rfc2911#section-8>).  
> Are Job Description attributes exposed in some other way?

Generally speaking, ALL Job Description attributes are available to the Job Owner and any authorized operators or administrators.  Because IPP has never defined a formal ACL framework or (until my Privacy Attributes registration) a way to specify which attributes contain sensitive information that would be subject to the RFC 8011 "rules", we have explicitly specified that security credentials are not part of the public Job object attributes (even to the Job Owner), that they are passed as operation attributes and not Job Template attributes, and that they are not copied to Job Description or Job Status attributes.  See:

- PWG 5100.11 (JPS2): job-password and job-password-encryption
- PWG 5100.13 (JPS3): document-password
- PWG 5100.17 (SCAN): destination-accesses
- PWG 5100.18 (INFRA): document-access

> With respect to remote reprint request, if a user is provided with the password, could he not also be provided with the name and/or location of the job? Might  a Get-Jobs operation be adequate?

Typically job-name and job-printer-uri are treated as sensitive information and thus is not visible to ordinary users unless they are the Job Owner.  The only attributes that RFC 8011 requires Get-Jobs to return are "job-id" and "job-uri".

Michael Sweet, Senior Printing System Engineer

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20180724/046c11e5/attachment.html>

More information about the ipp mailing list