IPP Mail Archive: Re: IPP> September Meeting Minutes

Re: IPP> September Meeting Minutes

papowell@astart.com
Tue, 23 Sep 1997 12:28:34 -0700 (PDT)

> SECURITY

> There are reserved port numbers for TLS & SSL on HTTP (port
> 443)

> TLS is backwards compatible with SSL3. Actually TLS is
> SSL3.1 The TLS I-D describes how to support SSL3
> interoperability.

> The group then discussed wording choices for stating the
> security protocol requirements (SSL3, TLS, etc.) There were
> four wording alternatives explored:

> 1) IPP Client/Servers must implement TLS with SSL3
> compatibility
> 2) IPP Client/Servers shall be interoperable with a TLS
> communicant
> 3) IPP Client/Servers must be TLS compliant.
> 4) #2 above plus "with SSL3 backward compatibility"

> Decision: #1 with some section talking about a transition to
> TLS.

I will note carefully that this closely follows the model of having
different ports for different protocols. Note that TSL/SSL actually are
HTTP over TSL and HTTP over SSL. We are similarly doing IPP over HTTP.

Should this be the same port or a different port?

Patrick