IPP Mail Archive: RE: IPP> Delay of IPP ratification

RE: IPP> Delay of IPP ratification

Turner, Randy (rturner@sharplabs.com)
Sat, 10 Jan 1998 09:51:15 -0800

If a corporate entity wants to protect internal printing resources,
which I agree are valuable (consumables, time, etc...) then
the current IPP documents support the protection of these
resources via authentication. I would propose that this
authentication be done with TLS, but HTTP-specific
autnentication might also be considered. What you have outlined
as the ability to open up something between "wide-open", and
"authenticated-access" I'm not sure would be used by entities
attempting to protect internal printing resources. If I open my
printing resources to the internet, then I want to know "who"
is using the resource. IPP has provided a transport-independent
protocol (TLS/SSL3) to accomplish this. And I believe most
current web servers support SSL3, which is configurable to
interoperate with TLS.

If there is a security concern with the use of SSL3/TLS, then
perhaps we should be discussing this, and not changing the
entire nature of the protocol encoding.

Randy

> -----Original Message-----
> From: Josh Cohen [SMTP:joshco@microsoft.com]
> Sent: Friday, January 09, 1998 2:54 PM
> To: 'Jay Martin'; Robert Herriot; Paul Moore; Yaron Goland;
> 'masinter@parc.xerox.com'
> Cc: ipp@pwg.org
> Subject: RE: IPP> Delay of IPP ratification
>
> I think that the current IPP does not adequately address
> security concerns, and that the landscape wrt XML has
> changed such that it should be reconsidered.
>
> At this point our efforts are not to conclusively move
> IPP to XML, but to open it for consideration.
> XML is becoming a widely accepted way of expressing
> arbitrary data types, schemas, or property attributes.
>
> As it stands IPP is a new binary protocol specifically
> for printing. Any firewall or proxy that wishes to
> securely support it will have to have IPP specific features
> coded into it. In the future if other Internet protocols
> continue this trend, proxies and firewalls will need
> continual update for each protocol.
>
> At first glance XML appears to offer a standard way of
> expressing the functionality of IPP in a standard way.
> While an administrator might need to configure his
> firewall or proxy to specifically look for IPP
> verbs or XML schemas, it doesnt require the proxy product
> to be re-coded or altered. It also shouldnt require
> CGI, NSAPI, or ISAPI coding either.
>
> Our point is that we should investigate this as a
> possibility. You might respond by saying that
> "we already looked at XML". I would respond
> to that by saying that the landscape has changed.
> XML has progressed a lot, and it is gaining
> widespread acceptance in many efforts as a
> schema definition method. Therefore it is worthy
> to consider again with the new facts at hand.
>
> In addition to the XML issue, I also beleive that
> using POST is not optimal. I think that printing
> as a function is not something that firewalls and proxies
> would want to allow just because they allow HTTP.
> Rather then depending on HTTP to carry IPP through
> the "problem" of firewalls and proxies, proceeding
> on the current path is actually circumventing security
> policies without the consent of the administrators.
> Something that can work with existing proxies, but
> only after being explicitly configured or allowed
> (in most proxies) is more appropriate for the print
> functionality.
>
> As a firewall administrator it is up to me what
> funtionality I permit through my firewall and as it
> stands now IPP tricks me into thinking that Im
> allowing HTTP when Im really exposing printers to
> potentially unwanted load and resource consumption.
>
>
> If we need to change IPP to fit future needs and
> interoperability, we should do so.
>
> If we hold off on IESG last call, we can have frank
> technical discussions on how to improve IPP.
>
> If IPP moves forward to IESG last call without
> considering these options, by which we mean working
> group discussion for a period of time, I beleive
> that IPP present a less than optimal solution.
> Given the choice of spending extra time to get it
> right and holding off on moving to IESG, or
> standing up during IESG last call to oppose the
> IETF standardization of IPP, I would prefer the first.
> (wait and fix it)
>
> On the other hand, if IPP moves IESG last call as is,
> I beleive that we will stand up in opposition.
>
> --
> Josh Cohen <joshco@microsoft.com>
> Program Manager - Internet Technologies
>
> > -----Original Message-----
> > From: Jay Martin [mailto:jkm@underscore.com]
> > Sent: Friday, January 09, 1998 2:06 PM
> > To: Robert Herriot; Paul Moore
> > Cc: ipp@pwg.org
> > Subject: Re: IPP> Delay of IPP ratification
> >
> >
> > Bob and Paul,
> >
> > Care to elucidate on the merits and applicability of XML to the IPP
> > model? Any known/expected problems in mapping? Any particular
> > benefits over alternative approaches?
> >
> > Perhaps most importantly, exactly *why* should XML even be
> > considered in the first place?
> >
> > Bob says that "XML is becoming an important protocol." We can all
> > think of lots of emerging protocols that may be viewed as important,
> > but are they applicable to network printing? How and why is XML
> > applicable to a network printing protocol?
> >
> > Please understand that I am not casting any kind of early vote
> > against XML here. Just trying to figure out why XML has suddenly
> > entered the fray.
> >
> > ...jay
> >
> >
> ----------------------------------------------------------------------
> > -- JK Martin | Email: jkm@underscore.com
> --
> > -- Underscore, Inc. | Voice: (603) 889-7000
> --
> > -- 41C Sagamore Park Road | Fax: (603) 889-2699
> --
> > -- Hudson, NH 03051-4915 | Web: http://www.underscore.com
> --
> >
> ----------------------------------------------------------------------
> >
> >
> > Robert Herriot wrote:
> > >
> > > I agree with Paul that we should spend some time looking at XML
> before
> > > we commit to the current protocol. XML is becoming an important
> protocol.
> > >
> > > Bob Herriot
> > >
> > > > From ipp-owner@pwg.org Fri Jan 9 10:42:58 1998
> > > > From: Paul Moore <paulmo@microsoft.com>
> > > > To: "'ipp@pwg.org'" <ipp@pwg.org>
> > > > Subject: IPP> Delay of IPP ratification
> > > > Date: Fri, 9 Jan 1998 10:21:33 -0800
> > > > X-Mailer: Internet Mail Service (5.5.1960.3)
> > > > Sender: ipp-owner@pwg.org
> > > > Content-Length: 942
> > > > X-Lines: 19
> > > >
> > > > This is a formal request that we delay the finalization of the
> IPP
> spec
> > > > until we have looked at the possibility of using XML as the
> > protocol format.
> > > >
> > > > I know this is revisiting an old issue but we need to make sure
> we do
> the
> > > > right thing. When the current format was proposed there was no
> good
> method
> > > > for representing structured data in an ASCII data stream. XML is
> now
> > > > available and seem to be the coming wave. I also know that most
> of the
> new
> > > > standards that will come out over the next year will be based
> around
> XML
> > > > (and protocol specific HTTP commands). By ensuring that we are
> in
> > the centre
> > > > of these standards we will be able to leverage many common tools
> that
> will
> > > > emerge to support and manage these protocols.
> > > >
> > > > There will definitely be down-sides so we need to debate this
> issue -
> not
> > > > least the investment that some of us have already made in
> > building using the
> > > > current spec.
> > > >
> > > > I think that somebody from MS will be in Hawaii.
> > > >
> > > > Paul Moore
> > > >
> >

Our website uses cookies on your device to give you the best user experience. By using our website, you agree to the placement of these cookies. To learn more, read our privacy policy. Read Privacy Policy