Hi folks,
PSI and IPP are NOT equivalent in their operations and
semantics here!
PSI defines basic AddDocumentByValue (read IPP 'Send-Document')
and AddDocumentByReference (read IPP 'Send-URI').
PSI also defines AddDocumentByPush (not really equivalent to
IPP 'Create-Document'), which MUST be promptly followed by
PushDocumentDocumentDelivered (after the data has been pushed
_out_of_band_ to one of the server offered push URI that were
sent back in the AddDocumentByPush response message).
PSI does NOT define a 'Send-Data' inband operation. This is
an IPP artifact. And IPP does not define an equivalent to
PushDocumentDataDelivered (unfortunately).
Note that security is NOT an issue for AddDocumentByPush or
AddDocumentByReference because in both cases PSI REQUIRES support
only of 'http:' schemed URLs (no credentials required, typically).
Cheers,
- Ira McDonald
High North Inc
-----------------------------
Michael Sweet wrote:
I personally don't think that Create-Job and Send-Data are necessary,
and as presently defined they open up a serious (and obvious)
security hole WRT DoS attacks. While we cannot provide absolute
protection against such attacks, we *can* provide the necessary hooks
so that implementations can provide controls/limits/algorithms and
properly handle DoS cases.
<th>
Let's see if the PSI folks have a compelling use case for Create-Document,
Send-Data.
Let's see whether others find the two use cases that I cited to be useful
enough to warrant the added complexity of Create-Document and Sent-Data.
</th>