IPP Mail Archive: IPP> SEC: IPP 1.1 security (phone conference)

IPP> SEC: IPP 1.1 security (phone conference)

Wenn, John C (jwenn@cp10.es.xerox.com)
Tue, 2 Feb 1999 20:30:57 -0800

For IPP 1.1 security (use of TLS), for the over the wire protocol, IPP is
happy with whatever standard methods exist (the leading contendor is HTTP
Upgrade: TLS/1.0 header). This avoids the extra security port problem by
negotiating a secure connection inside the normal connection.

Undecided is how a URL specifies that it should use a secure connection.
I'm in favor of using a "ipps://" scheme. The meaning is simple: when a
client sees a ipps: URI, it connects using the standard port with a
"Upgrade: TLS/1.0" header. This is analogous to the "https" scheme, which
connects using a special security port using the SSL handshake immediately.

This solution adds a new scheme, but no new ports.

/John