Hi Pete,
Given RFC 2911 and RFC 3510 examples, I'd say that
2 or more printer-uri-supported values can legally differ
only by the URI scheme - I've seen printers that list both
"http:" (for IPP/1.0 compatibility) and "ipp:" (for IPP/1.1)
to the same target.
I think it's *unwise*.
But I don't think we can actually prohibit using both "ipp:"
(unsecured) and "ipps:" (TLS always) for the same IPP
Printer.
I do think we should RECOMMEND against the practice,
because it supplies ambiguous security to the IPP Printer
object.
I've urged all of my printer vendor clients to NOT allow
both unauthenticated (guest) and authenticated (with at
least HTTP Basic/Digest) access to the same instance
of IPP Printer object, because denial-of-service attacks
become much easier in this case.
All - your opinions?
Cheers,
- Ira
Ira McDonald (Musician / Software Architect)
Chair - Linux Foundation Open Printing WG
Co-Chair - TCG Hardcopy WG
IETF Designated Expert - IPP & Printer MIB
Blue Roof Music/High North Inc
http://sites.google.com/site/blueroofmusichttp://sites.google.com/site/highnorthinc
mailto:blueroofmusic at gmail.com
winter:
579 Park Place Saline, MI 48176
734-944-0094
summer:
PO Box 221 Grand Marais, MI 49839
906-494-2434
On Mon, Aug 30, 2010 at 8:35 AM, Zehler, Peter <Peter.Zehler at xerox.com>wrote:
> Is it legal for two or more printer-uri-supported to differ only in the
> URI scheme?
>>> Peter Zehler
>> Xerox Research Center Webster
> Email: Peter.Zehler at Xerox.com> Voice: (585) 265-8755
> FAX: (585) 265-7441
> US Mail: Peter Zehler
> Xerox Corp.
> 800 Phillips Rd.
> M/S 128-25E
> Webster NY, 14580-9701
>>> -----Original Message-----
> From: ipp-bounces at pwg.org [mailto:ipp-bounces at pwg.org] On Behalf Of Ira
> McDonald
> Sent: Wednesday, August 25, 2010 2:53 PM
> To: ipp at pwg.org; Michael R Sweet; Ira McDonald
> Subject: [IPP] Initial draft of IPPS URI Scheme (25 August 2010)
>> Hi,
>> I've just posted an Initial draft of IPPS URI Scheme:
>>>ftp://ftp.pwg.org/pub/pwg/ipp/wd/draft-mcdonald-ipps-uri-scheme-00-20100> 825.txt<ftp://ftp.pwg.org/pub/pwg/ipp/wd/draft-mcdonald-ipps-uri-scheme-00-20100%0A825.txt>
> - plaintext Internet-Draft format (w/ explicit formfeeds)
>>>ftp://ftp.pwg.org/pub/pwg/ipp/wd/draft-mcdonald-ipps-uri-scheme-00-20100> 825.htm<ftp://ftp.pwg.org/pub/pwg/ipp/wd/draft-mcdonald-ipps-uri-scheme-00-20100%0A825.htm>
> - HTML w/ live table of contents
>> Hint: You can view and print the plaintext file easily with
> MS WordPad.
>> We agreed to do an IPP WG review first before submitting
> this document to the IETF Internet-Drafts Editor.
>> This document was created by rewriting IPP URI Scheme
> [RFC3510].
>> Comments?
>> Cheers,
> - Ira (IPPS URI Scheme co-editor)
>> -----------------------------------------------------
> Change Log
>> 25 August 2010 - draft-mcdonald-ipps-uri-scheme-00.txt
> - Editorial - complete rewrite of RFC 3510 for new transport binding
> - Technical - added section 3.2 IPP over HTTP Transport Binding
> - Technical - added section 3.3 IPP over HTTPS Transport Binding
> - Editorial - updated Appendix A w/ registration template from RFC 4395
>> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>> _______________________________________________
> ipp mailing list
>ipp at pwg.org>https://www.pwg.org/mailman/listinfo/ipp>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20100830/68cb531e/attachment-0001.html>