> From: Carl Kugler/Boulder/IBM [mailto:kugler@us.ibm.com]
> firewall issues are well known and understood from HTTP
> experience. You
> can allow outbound print through a firewall with no more risk
> than allowing
> HTTP POST. You can set up a secure inbound IPP gateway with
> no more risk than running a secure web server.
<snip>
> If it takes two protocols to print (one for obtaining the
> driver, one for submitting the job), the chances of success get cut in
> half.
If one protocol can both print and install software, the chances that a
security-conscious organization will allow it at all go down. Such an
organization might be willing to allow printing to external printers, but if
the same protocol/software will allow a user to download and install
externally-provided (and unvetted) software, then that same organization
might be very upset with it, and not allow its use at all. If there are
separate protocols, then the software could be allowed, as the problem can
be blocked at the firewall, perhaps allowing driver installs from internal
sources, but blocking those external to the organization.
-- Mike "worked for such organizations more than once" Bartman --
This archive was generated by hypermail 2b29 : Mon Nov 13 2000 - 11:12:51 EST