All,
I've done some testing with the current stable version of Wireshark on macOS to determine what is going on with IPPS support (one of my long-standing action items...)
The short of it is this: I am able to successfully decrypt IPPS traffic when I have the private key of the printer and RSA is used for the initial handshake. However, if a more secure handshake is in use (e.g. ECDHE) that provides forward secrecy, this all breaks because, well, that's the nature of the security offered by TLS... :) Short of getting a printer to log its session key (not something I'd recommend in production firmware!), there isn't anything that can be done in Wireshark to "fix" this.
I've filed a Github issue to track a possible future ipptool feature to log all network traffic to a file (decrypted) for analysis:
https://github.com/istopwg/ippsample/issues/168
_________________________________________________________
Michael Sweet, Senior Printing System Engineer