On Aug 30, 2010, at 8:20 AM, Ira McDonald wrote:
> ...
> I do think we should RECOMMEND against the practice,
> because it supplies ambiguous security to the IPP Printer
> object.
FWIW, while it is certainly possible I think it would be better to simply require that printers supporting both ipp and ipps report the appropriate keywords for uri-security-supported (ssl3 and/or tls) along with mandatory support for HTTP Upgrade. That would be consistent with our "message" since IPP/1.1 and gives us what we want on the standards side of things.
Whether a Printer allows clear-text connections when configured with SSL/TLS support is, IMHO, a site-specific policy outside the scope of IPP, and in particular HTTP Upgrade allows both the Client and Printer to enforce a particular policy dynamically. Moreover, some communications channels may already be secured, making any transport-level encryption optional over those channels.
________________________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20100830/34e96daa/attachment-0001.html>