The PWG held its August 2022 Virtual
Face-to-Face Meeting on August 16-18, 2022 via Webex
teleconference. Representatives from Canon, Google, High
North, HP Inc., Konica Minolta, Kyocera Document Solutions,
Lakeside Robotics, Lexmark, Microsoft, Okidata, Qualcomm, Ricoh,
TCS, and TIC attended the meetings, among others. Attendees
reviewed work in progress, including drafts of a number of
in-progress specifications, and discussed liaisons with partner
groups. Here is a summary of the proceedings.
The F2F event began with the PWG Plenary session. The PWG Chair
began with the PWG Antitrust Policy, which was presented at the
start of each session at this F2F, as well as the PWG Intellectual
Property Policy and the PWG Patent Statement. The PWG Chair
then reviewed the overall state of the PWG, its programs and
initiatives, and briefly discussed upcoming face-to-face meeting
scheduling. We noted that there are
currently 878 printers certified under the PWG's IPP
Everywhere™ Self Certification program, and climbing, and also
noted that IPP Everywhere Self Certification 1.1 update 4 was now
available for beta testing. We discussed the PWG Steering
Committee's activities and initiatives, including progress on
Process 4.0, policy updates, and recently approved documents.
Officers from the IDS Workgroup and IPP Workgroup
briefly summarized their Workgroup's status, and PWG Liaison
Officers also briefly reported on the status of our partners' work
in Linux Open Printing, Mopria Alliance, and a number of 3D
Additive Manufacturing organizations (including AMSC, ASTM
Commitee F42, INCITS, 3MF Consortium, American Concrete Institute
Committee 564, PDF Association, and VDMA OPC UA for Additive
Manufacturing Joint Working Group 40 450).
IPP Workgroup sessions began immediately following the plenary
session with a status summary of IPP Workgroup activities
currently in progress. As noted, IPP/2.x Fourth Edition and
IPP Everywhere 2.0 were both in Interim status, IPP Driverless
Printing Extensions v2.0, IPP Encrypted Jobs and Documents v1.0,
and IPP Enterprise Printing Extentions v2.0 were all in Prototype,
IPP Production Printing Extenstions v2.0 was moved to stable,
while IPP Everywhere Printer Self-Certification Manual v2.0 and
IPP Job Extensions v2.1 were at the Initial stage. Mike also
noted that IPP Finishings v3.0, Deprecating IPP Print By Reference
1.0, and Job Accounting With IPP v1.0 were all recently
published. We then went on to briefly discuss pending
IANA registrations followed by an update on IPP Everywhere Printer
Self-Certification, noting that update 4 of the self cert tool was
currently in beta test. Next, we briefly reviewed the
list of pending and in-progress errata, the Initial/Interim
specifications, the Prototype-Ready specifications, and the one
Stable specification. Before the lunch break, we briefly
reviewed the initial draft of IPP Job Extensions v2.1.
After the lunch break, the IPP sessions resumed with the status
of IPP/2.x Fourth Edition and IPP Everywhere v2.0. This led
into a status update of IPP Everywhere Printer Self-Certification
Manual v2.0, and some discussions around a potential new GUI
front-end to the IPP Everywhere test tools. It was
noted that, while a GUI would be a useful addition, it would still
be important to maintain command-line control for automation and
consistency across multiple operating systems. Mike
assured that the command-line tools would still be
available. Other suggestions for the GUI would be showing
prior certs, selection of subsets of tests, calendar reminders,
etc. This completed day 1 of the face-to-face.
Day 2 of the face-to-face session opened with the IPP Workgroup
session for 3D Printing Liaisons. The session began
with a brief overview of existing 3D standards, including PWG
5100.21-2019: IPP 3D Printing Extensions v1.1 and PWG 5199.5-2017:
PWG 3D Print Job Ticket and Associated Capabilities v1.0 (it was
noted that Safe G-Code Best Practice should be added to the
document list as well). Proposed future work included IPP 3D
Scan Service v1.0 to address 3D scanning, IPP 3D Production
Printing Extensions v1.0 to address VDMA - OPC UA "Joint Working
Group For Additive Manufacturing" efforts, and an updated PWG 3D
Print Job Ticket and Associated Capabilities v2.0.
Next, we discussed recent 3D printing news, including the Additive
Manufacturing Common Data Dictionary standard from ASTM, the "AM
Forward" program for small and medium sized manufacturers
announced by the Biden administration, and the recent ISO approval
of 3D PDF with Step. We closed out the session with a
preview of upcoming 3D meetings for the remainder of 2022.
The remainder of Day 2 focused on the evolution of OAuth support
for IPP. This session began with a look at existing
documents, including PWG 5199.10-2019: IPP Authentication Methods
v1.0, a number of new documents from the IETF OAuth Working Group,
and updated specifications from the Open ID Foundation. We
also noted that Microsoft Universal Print Service uses OAuth and
Mopria has a cloud printing profile in development
now. Mike noted that the goals for PWG 5199.10 were to
update for current standards and requirements, promote
interoperability across multiple implementations, define the best
practices, and extend the IPP authentication model where
necessary. We then took a deeper dive into the errata for
PWG 5199.10 before breaking for lunch. After lunch,
discussions around OAuth continued and we reviewed work items that
had been identified thus far. Finally, we concluded day 2
with a look at the next steps, reviewing the target dates for
existing work items, and noting the desire to continue the OAuth
discussions via "tiger team" work group calls as well as the
existing scheduled IPP work group calls. Ira noted that the
OAuth discussion will be an ongoing agenda item for quite some
time.
Complete minutes available here: https://ftp.pwg.org/pub/pwg/ipp/minutes/ippv2-f2f-minutes-20220816.pdf
The Imaging Device Security session was held in the morning
session of the third day. Alan started by presenting the
current status of the HCD iTC and its efforts to develop HCD cPP
v1.0 and HCD SD v1.0. Alan continued to present the new way
of showing comments as per the 8/19/22 IDS F2F, showing all
comments received across all drafts to date, and noted that the
2nd Public Draft of the HCP cPP had a total tally of 83 comments
and the comment tally for all HCP cPP drafts to date was
359. The 2nd Public Draft of the HCD SD had 29 total
comments submitted, and the overall comment tally for all the HCD
SD drafts was 131. The resolution breakdown for each of
these is available in the full meeting minutes. Alan did
note that there was a positive trend for the HCD cPP of total
comments going down for each successive draft (as also noted
earlier by Ira), but the HCD SD comments did not follow that same
positive declining pattern.
Al then reviewed the key issues resolved in the Final Drafts of
both the HCD cPP and HCD SD. For the HCP cPP, the majority
of the changes revolved around four areas, including
implementation of the new FDP_UDU_EXT
.1 User.DoC Unavailable SFR that replaced the former
FDP_RIP.1/Overwrite SFR, implementation of the new FPT_WIPE_EXT.1
Data Wiping SFR that replaced the former FDP_RIP.1/Purge SFR,
inclusion of Cryptographic Erase as a mandatory method for
performing the "purge" function as defined in NIST SP 800-88r1,
and allowing overwrite to apply to both wear-leveling and
non-wear-leveling storage devices. Al briefly covered a few
of the other major issues resolved for the HCP cPP Final Draft
before moving on to cover the same for the HCD SD. The major
HCD SD issues addressed included
the TSS, Guidance and Test Assurance Activities for the new
FDP_UDU_EXT.1 User.DoC Unavailable and FPT_WIPE_EXT.1 Data Wiping
SFRs,
revising the Test Assurance Activities for both SFR
FCS_COP.1/DataEncryption and SFR FCS_COP.1/StorageEncryption to
add testing of the key size of 192 bits,
breaking up the Test Assurance Activities for SFR FIA_PMG_EXT.1
Extended: Password Management into two separate test cases to
avoid confusion, and making
several changes to the Vulnerability Analysis and Evaluation
Activities for SARs sections to add missing information or to
correct inaccurate information. Al then gave a brief summary
of the other outstanding issues (removal of TLS1.1, SHA-1, Cipher
suites with RSA keys <2048 bits, and All RSA and DHE key
exchanges).
Al next reviewed the current "Parking Lot" issues that have been
pushed to the next release of the HCD cPP/SD, and noted that at
this point all content for both documents is locked down.
The only changes that would necessitate new content and
significant changes to existing content would be a request from
JISEC, ITSCC, or NIAP, or necessitated by any new NIAP TDs to
either the HCD PP or any applicable SFRs in the ND & FDF
cPPs/SDs.
Alan provided a status update on the schedule that was just
revised in August to reflect the work on publishing the Final
Drafts of the HCP cPP and HCD SD, and noted that things are
already ~3 weeks behind schedule. As long as all comments
are in by 9/15 and no big technical issues are reported, Al noted
that the best estimate was that the HCP cPP and HCD SD Version 1.0
would likely end up being published sometime around the end of
September or beginning of October. Al then gave a summary of
the items that will be considered for inclusion in the HCP cPP/SD
Post-v1.0. Ira asked whether Al thought the next HCP cPP/SD
version after 1.0 would be 1.1 or 2.0, and Al felt like the next
version should be 1.1 in about 9 months after 1.0 is
published.
Al then spent some time talking about the HCD iTC Interpretation
Team (HIT). The HIT will essentially take over maintenance of HCD
cPP v1.0 and HCD SD v1.0 once they are published. The goal of the
HIT is to provide timely responses to requests for interpretation
(RFIs) from the CC community. Al briefly reviewed the set of
procedures that HIT uses.
Al finished the HCD iTC discussion with some more additions to the
HCD iTC lessons learned he presented at the previous IDS
Face-to-Face Meetings.
Ira McDonald then provided the latest status on the HCD Security Guidelines, stating that essentially nothing has changed since the February or August IDS Face to Faces. For the final topic of the IDS session, Ira presented his Liaison report on current standards developments for the Trusted Computing Group (TCG) and Internet Engineering Task Force (IETF). The key points from Ira’s Liaison Report included the schedule for upcoming TCG Members Meetings, updates on a number of TCG documents (including TCG Mobile Reference Architecture 2.0, TCG MARS 1.0 Mobile Profile, TCG DICE Endorsement Architecture for Devices, GS TPS Client API/Entity Attestation Protocol/COSE Keystore - joint work, and TCG DICE Endorsement Architecture for Devices). Next, Ira provided updates on a long list of key IETF standards activities, and finally, updates from the IRTF Crypto Forum Research Group (CFRG).
Complete minutes are available here: https://ftp.pwg.org/pub/pwg/ids/minutes/ids-f2f-minutes-20220818.pdf
The next PWG Face-to-Face meeting will be held November 15-17 2022 via Webex teleconference. Be sure to subscribe to the pwg-announce@pwg.org mailing list to receive announcements about upcoming events and event changes or check the PWG Meetings page for updates on plans for upcoming meetings.