IPP Mail Archive: IPP> Re: SEC - IPP Security Requirements

IPP> Re: SEC - IPP Security Requirements

Harald.T.Alvestrand@uninett.no
Thu, 04 Sep 1997 20:26:28 +0200

Keith is doing fine.....

two things:

1) IPP has to ANALYZE risks of using IPP on the open Internet (NOT behind
firewalls or in "spammable" environments)

IPP must then DEFINE how a reasonable number of these risks can be defended
against using security mechanisms, and REQUIRE that valid IPP
implementations
implement at least a minimum set of these

The USER of an IPP device can then decide to use or not to use those
security mechanisms.

2) I'd like you to tell me which security lists are discussing SASL; it
seems that the list set up to discuss SASL is either totally dead or
I've fallen off it. We need to know!

Thanks for your help!

Harald A