[IPP] Initial draft of IPPS URI Scheme (25 August 2010)

[IPP] Initial draft of IPPS URI Scheme (25 August 2010)

Michael Sweet msweet at apple.com
Mon Aug 30 21:34:08 UTC 2010


On Aug 30, 2010, at 8:20 AM, Ira McDonald wrote:
> ...
> I do think we should RECOMMEND against the practice,
> because it supplies ambiguous security to the IPP Printer
> object.

FWIW, while it is certainly possible I think it would be better to simply require that printers supporting both ipp and ipps report the appropriate keywords for uri-security-supported (ssl3 and/or tls) along with mandatory support for HTTP Upgrade.  That would be consistent with our "message" since IPP/1.1 and gives us what we want on the standards side of things.

Whether a Printer allows clear-text connections when configured with SSL/TLS support is, IMHO, a site-specific policy outside the scope of IPP, and in particular HTTP Upgrade allows both the Client and Printer to enforce a particular policy dynamically.  Moreover, some communications channels may already be secured, making any transport-level encryption optional over those channels.

________________________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair





-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20100830/34e96daa/attachment-0001.html>


More information about the ipp mailing list