[IPP] Document Encryption design notions - some initial thoughts

[IPP] Document Encryption design notions - some initial thoughts

Ira McDonald blueroofmusic at gmail.com
Sat Feb 28 20:40:11 UTC 2015


Hi,

I agree with Mike.  Certainly operation attributes are the right place to
pass signatures, credentials, and other security ticket-like info in IPP.

Cheers,
- Ira

Ira McDonald (Musician / Software Architect)
Co-Chair - TCG Trusted Mobility Solutions WG
Chair - Linux Foundation Open Printing WG
Secretary - IEEE-ISTO Printer Working Group
Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
IETF Designated Expert - IPP & Printer MIB
Blue Roof Music / High North Inc
http://sites.google.com/site/blueroofmusic
http://sites.google.com/site/highnorthinc
mailto: blueroofmusic at gmail.com
Winter  579 Park Place  Saline, MI  48176  734-944-0094
Summer  PO Box 221  Grand Marais, MI 49839  906-494-2434


On Sat, Feb 28, 2015 at 12:57 PM, Michael Sweet <msweet at apple.com> wrote:

> FWIW, I don't think putting the actual security information in
> document-format-details is the right approach.  *If* the document format
> was a wrapper containing the document data and security info, then
> document-format and document-format-details could be used to identify the
> wrapper used.  But I don't think we want to stuff a signature or public key
> in there.
>
> (Consider how we have handled the destination-accesses and document-access
> attributes - they are operation attributes with explicit security
> requirements that are not "public" Document Description attributes...)
>
>
> > On Feb 8, 2015, at 10:40 AM, Ira McDonald <blueroofmusic at gmail.com>
> wrote:
> >
> > Hi Smith,
> >
> > Extending "document-format-details" is the preferable approach.  Note
> that
> > the JDF to PJT mapping spec has a considerable amount of detail already
> > mapped to this single IPP collection attribute.  More could be mapped in
> > future versions of JDF and PJT/Semantic Model.
> >
> > If you use an exotic MIME type, it will simply be ignored by most MIME
> parsers
> > (and may be "squashed" in transit).  I don't think generic MIME
> libraries are a
> > good place to depend on for your desired functionality.
> >
> > Cheers,
> > - Ira
> >
> >
> > Ira McDonald (Musician / Software Architect)
> > Co-Chair - TCG Trusted Mobility Solutions WG
> > Chair - Linux Foundation Open Printing WG
> > Secretary - IEEE-ISTO Printer Working Group
> > Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
> > IETF Designated Expert - IPP & Printer MIB
> > Blue Roof Music / High North Inc
> > http://sites.google.com/site/blueroofmusic
> > http://sites.google.com/site/highnorthinc
> > mailto: blueroofmusic at gmail.com
> > Winter  579 Park Place  Saline, MI  48176  734-944-0094
> > Summer  PO Box 221  Grand Marais, MI 49839  906-494-2434
> >
> >
> > On Sun, Feb 8, 2015 at 8:16 AM, Kennedy, Smith (Wireless Architect) <
> smith.kennedy at hp.com> wrote:
> > Greetings,
> >
> > After the F2F meetings on Wednesday in El Segundo, I chatted with Joe
> Murdock for a few minutes about the overlap between this and what the IDS
> WG has been up to.  At the moment, for some reason my instinct is to try to
> identify an appropriate MIME Media Type, if one exists, that has a header
> that encapsulates information on the format and any metadata, as well as
> the encrypted payload (if the payload is present).  A document format that
> encapsulates all this information would allow the encrypted document to
> more easily traverse complex print system topologies that may contain
> mixtures of IPP and non-IPP transports, without requiring transcoding of
> the metadata at each hop.
> >
> > However, IF it is decided that that is an inappropriate direction in
> which to proceed, I was looking in JPS1 (5100.7) and found the
> “document-format-details” attribute, which is a collection of various
> things including attributes to describe a digital signature.  If we were to
> pursue describing this information via IPP attributes, extending this
> attribute’s “members” might be the right place to capture such information.
> >
> > Please share your thoughts!
> >
> > Cheers,
> > Smith
> >
> > /**
> >     Smith Kennedy
> >     Hewlett-Packard Co.
> > */
> >
> >
> > _______________________________________________
> > ipp mailing list
> > ipp at pwg.org
> > https://www.pwg.org/mailman/listinfo/ipp
> >
> >
> > _______________________________________________
> > ipp mailing list
> > ipp at pwg.org
> > https://www.pwg.org/mailman/listinfo/ipp
>
> _________________________________________________________
> Michael Sweet, Senior Printing System Engineer, PWG Chair
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20150228/6bdbbc55/attachment.html>


More information about the ipp mailing list
Our website uses cookies on your device to give you the best user experience. By using our website, you agree to the placement of these cookies. To learn more, read our privacy policy. Read Privacy Policy