The PWG held its May 2022 Virtual
Face-to-Face Meeting on May 17-19, 2022 via Webex
teleconference. This event was held in collaboration with Linux
Foundation OpenPrinting Workgroup. Sessions were presented by both
organizations over the event's 3 days. Representatives from
Artifex, Canon, Canonical, Google, High North, HP Inc., Konica
Minolta, Kyocera Document Solutions, Lakeside Robotics, Lexmark,
Okidata, PDF Association, Qualcomm, Red Hat, Ricoh, TCS, and TIC
attended the meetings, among others. Attendees reviewed work in
progress, including drafts of a number of in-progress
specifications, and discussed liaisons with partner groups. Here
is a summary of the proceedings.
The F2F event began with the PWG Plenary session. The PWG Chair
began with the PWG Antitrust Policy, which was presented at the
start of each session at this F2F, as well as the PWG Intellectual
Property Policy and the PWG Patent Statement. The PWG Chair
then reviewed the overall state of the PWG, its programs and
initiatives, and briefly discussed upcoming face-to-face meeting
scheduling. We noted that there are
currently 854 printers certified under the PWG's IPP
Everywhere™ Self Certification program, and climbing. We
discussed the PWG Steering Committee's activities and initiatives,
including progress on Process 4.0, new policies, and recently
approved documents. Officers from the IDS Workgroup
and IPP
Workgroup briefly summarized their Workgroup's status, and
PWG Liaison Officers also briefly reported on the status of our
partners' work in Mopria Alliance and a number of 3D Additive
Manufacturing organizations (including AMSC, ASTM Commitee F42,
INCITS, 3MF Consortium, American Concrete Institute Committee 564,
PDF Association, and VDMA OPC UA for Additive Manufacturing Joint
Working Group 40 450).
The Linux Foundation OpenPrinting Workgroup held seven sessions on the first and second days, covering a variety of topics. On the first day in the OpenPrinting Plenary, Ira McDonald reviewed the Linux OpenPrinting project's accomplishments from 2021 and surveyed the efforts under way for 2022.
Following lunch, Aveek Basu (Linux Foundation OpenPrinting) presented a summary of the OpenPrinting
Workgroup's upcoming activities for Google Summer of Code
(GSoC) events in 2022. Following this, several of the 2021 GSoC
students presented their work. Pranshu Kharkwal presented
his universal filter function to replace the chain of individual
CUPS filters, and Divyasheel Kumar presented his GUI for listing
and managing IPP print and scan services. Finally, Aveek
presented the upcoming OP Initiatives and the GSoC 2022 Mentors
and Admins.
Next, Michael Vrhel (Artifex) presented on the state of Ghostscript and
MuPDF, covering all of the changes made since our last
meeting. For Ghostscript, this included a new PDF
interpreter, a stand-along PDF only binary, passthrough for
JPX/JPG2000, Object specific halftoning, and some demo app
improvements. MuPDF changes included Microsoft Word
DOCX output format, OpenOffice ODT output format, changes to a
number of features including undo/redo/autosave/restore, OCR
enhancements, a Python binding (PyMuPDF) and others. Michael
closed out the session discussing some code security/analysis
methods and detailed the current and future work, including
forcing vector and text content to black or white, improved page
control for PDF files, and preservation of PDF accessibility
content for pdfwrite.
Following the afternoon break, Benjamin Gordon and Piotr
Pawliczek (Google) concluded the day by presenting on the state of Chrome OS
printing, reviewing the open source components used in the Chromium OS / Chrome OS printing
system, including CUPS, cups-filters, Avahi, Ghostscript,
sane-airscan, and ippusb_bridge. Recent additions include the
general scalability of existing features (more PPDs, more
manufacturer-specific PPD keywords, more automated testing, mock
printer improvements) and better sharing of USB devices between
print and scan. The final upcoming improvement, OAuth2
support for IPP, was discussed in-depth for the rest of the day
and we decided that the conversation should be extended into
upcoming IPP workgroup meetings due to the complexity of the
feature.
On the second day, Mike Sweet (Lakeside Robotics) presented the CUPS Plenary, starting
with a brief overview of CUPS and then covering the recent and
upcoming release schedule for CUPS 2.4.x and CUPS 2.5.
Some features expected in CUPS 2.5 include wide-area DNS-SD
lookups and configuration profiles, localization improvements,
OAuth 2.0/OpenID authentication, job-sheets-col and better
media-col attribute support, and X.509 certificate management
improvements. Mike next went into more depth while
discussing some of the nuances of OAuth 2.0/OpenID support.
Finally, Mike presented the future plans for CUPS 3.0, which will
make use of a modular printing architecture including a local
server, sharing server, CUPS commands, tools, and
libraries. Mike outlined the challenges with CUPS 3.0,
including the broader scope, desktop support work, and the need
for more developers.
In the next session, Mike took us through the status of Printer
Applications. This included an overview of PAPPL, a
simple CUPS-based C framework for developing Printer Applications,
including feature/function, platforms supported, key contributors,
and recent and upcoming releases. Next was the HP
Printer Application (hp-printer-app), a simple tool that
originally started as sample code for printing to a variety of
network or USB-connected PCL 3/5 printers. Finally,
Mike discussed LPrint, an application to support label and receipt
printing.
In the final session before the lunch break, Till Kamppeter
presented PPD/Classic
CUPS driver retro-fit Printer Applications Library, a
PAPPL-based libary to retro-fit classic CUPS drivers (ie, PPDs,
filters, and backends) into Printer Applications,
pappl-retrofit. The library provides the capabilities
to manage collections of PPD files, converts between PPD options
and IPP attributes, wrap CUPS filters and backends, and convert
standard IPP formats such as PWG Raster and PDF into printer
formats. Till noted that this work was nearly complete, and
only lacking features that were just recently available in
PAPPL. Once these features are done, pappl-retrofit 1.x will
be released.
After lunch, Till presented an overview of the status of
cups-filters, CUPS SNAP, IPP USB, and other projects. The cups-filters
project is evolving with CUPS in many ways, including
encapsulating filter binary functions within discrete library
functions, reducing the overhead of spawning independent
processes. The libcupsfilters, libppd, and cups-browsed features
were discussed, as well as the major changes going from version
1.x to 2.x. A major effort is underway to release CUPS as a
Snap. Driverless scanning is also a major area of engagement by
the OpenPrinting Workgroup currently, and the complexities of that
effort were covered in detail. Implementation issues with IPP USB
were also discussed. Till concluded with a discussion about GUI
requirements.
Complete minutes available here: https://ftp.pwg.org/pub/pwg/liaison/openprinting/minutes/OP-Summit-Minutes-20220517.htm
IPP Workgroup sessions began in the afternoon on the second day
of the F2F event with a status summary of IPP Workgroup activities
currently in progress. As noted, IPP/2.x Fourth Edition and
IPP Everywhere 2.0 were both in Interim status, IPP Driverless
Printing Extensions v2.0, IPP Encrypted Jobs and Documents v1.0,
IPP Production Printing Extenstions v2.0, and IPP Enterprise
Printing Extentions v2.0 were all in Prototype, while IPP
Everywhere Printer Self-Certification Manual v2.0 was at the
Initial stage and IPP Finishings v3.0 was in Formal Vote through
5/27/22. We then went on to briefly discuss pending
IANA registrations followed by an update on IPP Everywhere Printer
Self-Certification, noting that update 4 of the self cert tool was
currently in beta test. Next, we briefly reviewed the
list of pending and in-progress errata and the Prototype-Ready and
Stable specifications.
After the status review was completed, we discussed "ACME-Based
Provisioning of IoT Devices", which is intended to extend the
current ACME (Automatic Certificate Management Environment) RFC
[RFC8555] to provision X.509 certificates for local Internet of
Things devices that are accepted by existing web browsers and
software running on end user client devices with the purpose of
eliminating browser warnings when accessing embedded web servers.
This would be accomplished by adding a local trusted
ACME service to the network. Michael Sweet gave an
overview of how ACME works on the internet and why it can fail to
function with IoT devices on a local area network, followed by a
visual demonstration of how a local ACME service could solve the
issue in various configurations. We briefly discussed
the potential issue of mobile devices discovering different
printers with the same hostname, and determined that this is a
known issue that needs to be documented, with the understanding
that collisions are unlikely given the default hostname mechanism
that most printers use.
After a brief break, we concluded the afternoon with 3D printing
topics. The session began with a brief overview of existing
3D standards (PWG 5100.21-2019: IPP 3d Printing Extensions v1.1
and PWG 5199.5-2017: PWG 3d Print Job Ticket and Associated
Capabilities v1.0), and the proposed future work items (IPP 3D
Scan Service v1.0, IPP 3D Production Printing Extensions v1.0, and
Updated PWG 3D Print Job Ticket and Associated Capabilites
v2.0). We then discussed recent 3D printing news and
the upcoming 3D meetings for the rest of 2022.
Following the introduction to 3D printing, Peter Wyatt from PDF
Association joined us to present a session on understanding 3D
PDF. Peter led us through the basics of 3D file
formats for PDF and available software packages before diving into
a little more detail regarding PDF2.0 and RichMedia
support.
Day 3 opened with the final IPP WG session of the F2F
event. We began the session discussing IPP/2.x Fourth
Edition, and noted the Errata update of PWG 5100.12-2015 and the
proposed schedule. We then moved on to discuss IPP
Everywhere 1.1 and the recent update to section 12 (Logo Usage
Guidelines). There had been some concern that the existing
usage guidelines might prevent companies from using the logo in
marketing materials before any certification had completed, which
could complicate timing between publications containing the logo
and the product announcement. This new update to the
logo policy will allow members to use the logo in preparation of
product and marketing materials, subject to passing the IPP
Everywhere self-certification tests and eventual submission of
those results within 90 days of public release (see https://ftp.pwg.org/pub/pwg/general/process/ippevelogo-policy.pdf
for the full guidelines).
Next, we moved into the discussion of IPP Everywhere v2.0 and IPP
Everywhere Printer Self-Certification Manual v2.0. We
noted that this is a major update from IPP Everywhere 1.1, with
most of the RECOMMENDED items becoming REQUIRED, some new
CONDITIONALLY REQUIRED items, TLS support becoming REQUIRED, and
support for IPP-USB. The current proposed schedule is to
have a draft available in Q3/Q4 2022. It was the consensus
of the group to make IPP-USB support RECOMMENDED for now, even
though other mobile standards require it. We discussed
the potential for a GUI front-end to the self-certification tools,
and Mike took the action item to put together a proposed UI.
Finally, we concluded the IPP WG sessions with our next steps,
reviewing the target dates for our existing work items.
Complete minutes available here: https://ftp.pwg.org/pub/pwg/ipp/minutes/ippv2-f2f-minutes-20220518.pdf
The Imaging Device Security session was held in the afternoon
session of the third day. Al started by presenting the
current status of the HCD iTC and its efforts to develop HCD cPP
v1.0 and HCD SD v1.0. Al presented a new way of
showing comments for this F2F. He showed all the comments
received to date across all of the drafts to date.
Specifically for the 2nd Public Draft of the HCD cPP, there have
been 83 comments submitted, all of which have been adjudicated as
follows: 56 'Accepted', 0 'Accepted in Principle', 10
'Deferred', and 17 not accepted or rejected. Al also
reviewed the total comments against the HCD cPP so far, and Ira
noted that there was a positive trend of the total comments going
down for each successive draft. It was noted that the
2nd Public Draft of the HCD SD was released for public review on
2/24/2022, and Al presented a summary of the 28 total comments
that were submitted against that draft: 25 were 'Accepted',
1 'Accepted in Principle', 0 Deferred, a 3 not accepted or
rejected.
Al presented the overall HCD SD total comment numbers before
reviewing the key issues that were resolved in the 2nd Public
Draft of the HCD SD. Highlights of these key issues included
adding and changing some Test Assurance Activities, a number of
content and URL corrections, as well as some significant updates
to Test Assurance Activities requested by ITSCC (the Korean Common
Criteria Scheme) for a number of cryptographic SFRs.
Al noted that this last set of changes was very significant and
could have a big impact on vendors who certifiy HCDs against the
HCD cPP/SD once they are published. The primary
concern here is that vendors will be responsible for performing
all the necessary testing for these cryptographic SFRs, but most
vendors do not have the capability to do this type of
testing. Thus, they may have to contract the testing out,
which can be expensive, and there is no guarantee that NIAP will
accept these additional tests.
Next, Al provided an update on the Cryptographic Erase issue
currently facing the HCD iTC. The proposal to add the Data
Wiping SFR FPT_WIPE_EXT that was discussed at the February 9th
Face to Face had been modified multiple times by the Secure Erase
Subgroup and the full HCD iTC since February 9th . At the
beginning of May, the HCD iTC finally received comments against
the proposal from NIAP (the US Common Criteria Scheme), ITSSC and
JISEC (the Japanese Common Criteria Scheme). After
evaluation and discussion of the comments, the Secure Erase
Subgroup and the full HCD iTC agreed to make changes to address
the comments from the three schemes (details available in the full
meeting minutes). Al discussed some of the other
issues that the HCD cPP is facing, including some new NIAP TDs
written by the Network Device Interpretation Team against SFRs and
Assurance Activities that the HCD iTC inserted into the HCD cPP
and HCD SD, "Deferred" comments that need disposition, whether to
include removal of support for Cipher suites with RSA Key
Generation with keys < 2048 bits as required by NIST SP 800-56B
and NIST SP 800-131A as well as for SHA-1 and all RSA and DHE Key
Exchange, and noted that the HCD iTC needs to make a final
decision on whether or not to include NTP in Version 1.0 or put in
in the “Parking Lot” for the next release.
Al reviewed the current schedule that was just revised on May
16th, but shared concerns that the schedule may not allow time
enough for comments since the final draft is when most people
finally read the documents for the first time and may result in
technical comments requiring updates to the drafts. Al
reviewed the items to be considered for inclusion in the HCD
cPP/SD Post-v1.0, including coordination with the EUCC, inclusion
of AVA_VAN and ALC_FLR, incorporation of CCDB and CCUF Crypto WG
Packages, and others. We then reviewd the next steps
and lessons learned that were presented at the previous IDS
Face-to-Face meetings.
Next, Mike Sweet gave a presentation on IPP
Encrypted Jobs and Documents as a part of a series of
presentations to familiarize the IDS WG with the security aspects
of IPP. Mike gave an overview of the document purpose,
which is to define new encrypted IPP message formats that provide
IPP with end-to-end encryption of IPP Job Attributes, Document
Attributes, and Document Data, before diving in to the details of
how it works and the security benefits that it
provides.
Ira McDonald then provided the latest status on the HCD Security Guidelines, stating that essentially nothing has changed since the February IDS Face to Face. For the final topic of the IDS session, Ira presented his Liaison report on current standards developments for the Trusted Computing Group (TCG) and Internet Engineering Task Force (IETF). The key points from Ira’s Liaison Report included the schedule for upcoming TCG Members Meetings, updates on a number of TCG documents (including TCG MARS 1.0 Mobile Profile, TCG DICE Endorsement Architecture for Devices, TCG EK Credential Profile for TPM 2.0, and TCG Canonical Event Log Format), updates on a long list of key IETF standards activities, and finally, updates from the IRTF Crypto Forum Research Group (CFRG).
Complete minutes are available here: https://ftp.pwg.org/pub/pwg/ids/minutes/ids-f2f-minutes-20220519.pdf
The next PWG Face-to-Face meeting will be held August 16-18, 2022 via Webex teleconference. Be sure to subscribe to the pwg-announce@pwg.org mailing list to receive announcements about upcoming events and event changes or check the PWG Meetings page for updates on plans for upcoming meetings.