Hi Mike,
Thanks. I agree with Uli and Smith that this is a good improvement.
Cheers,
- Ira
*Ira McDonald (Musician / Software Architect)*
*Chair - SAE Trust Anchors and Authentication TF*
*Co-Chair - TCG Trusted Mobility Solutions WG*
*Co-Chair - TCG Metadata Access Protocol SG*
*Chair - Linux Foundation Open Printing WGSecretary - IEEE-ISTO Printer
Working GroupCo-Chair - IEEE-ISTO PWG Internet Printing Protocol WGIETF
Designated Expert - IPP & Printer MIBBlue Roof Music / High North
Inchttp://sites.google.com/site/blueroofmusic
<http://sites.google.com/site/blueroofmusic>http://sites.google.com/site/highnorthinc
<http://sites.google.com/site/highnorthinc>mailto: blueroofmusic at gmail.com
<blueroofmusic at gmail.com>(permanent) PO Box 221 Grand Marais, MI 49839
906-494-2434*
On Wed, May 8, 2024 at 11:13 AM Kennedy, Smith (Wireless & IPP Standards)
via ipp <ipp at pwg.org> wrote:
> I concur with Uli - much more clear! And thanks for the legwork, as
> always.
>> Smith
>> /**
> Smith Kennedy
> HP Inc.
> */
>> On May 8, 2024, at 8:54 AM, Uli Wehner via ipp <ipp at pwg.org> wrote:
>> *CAUTION: External Email*
> Mike,
>> I think this is much clearer.
>>> Regards
>> *Uli Wehner*
> ウリ・ヴェーナー
>> *From:* ipp <ipp-bounces at pwg.org> *On Behalf Of *Michael Sweet via ipp
> *Sent:* Wednesday, May 8, 2024 10:19 AM
> *To:* Jimmy Wu <Jimmy.Wu at microsoft.com>
> *Cc:* Michael Sweet <msweet at msweet.org>; PWG IPP Workgroup <ipp at pwg.org>
> *Subject:* Re: [IPP] [EXTERNAL] Feedback request on "printer-icons" and
> "printer-more-info-manufacturer" in PWG IPP-Infra
>> All,
>> Continuing this thread concerning resource URIs and the Same Origin policy
> that is used in web browsers for this sort of thing:
>> 1. Web Browsers support a HTTP extension called Cross-Origin Resource
> Sharing (CORS), which is documented here:
>>https://fetch.spec.whatwg.org/#http-extensions>> The kicker is that this extension is used to allow PUT and POST
> requests - GET, HEAD, and OPTIONS requests are *not* limited in any way. So
> it doesn't look like CORS is a solution for IPP resources.
>> 2. Sharing OAuth bearer tokens across domain names probably won't work in
> the general case, either, because the resource URI passed in the
> authorization request will be different...
>> Given these discoveries, I think we just need to reword the conformance
> requirements to be explicitly clear, something like:
>>> 4.2.6 Printer ICC Profiles, Icons, and Other URIs
>> URIs reported by the Proxy to the Infrastructure Printer in an
> Update-Output-Device-Attributes (section 5.10) request MUST be Public
> Internet Accessible, Network Accessible without credentials, or hosted by
> the Infrastructure Printer (with the same credentials) so that both the
> Infrastructure Printer and Client can access them. The following Printer
> attributes, if supported by the Proxy, MUST be reported with Public
> Internet Accessible, Network Accessible, or Infrastructure Printer hosted URIs:
> "printer-icc-profiles" ("profile-uri" member attribute), "printer-icons",
> "printer-more-info-manufacturer", and "printer-strings-uri".
>>> In short: public Internet, private Intranet, or server-hosted using the
> same credentials.
>> Thoughts?
>> ________________________
> Michael Sweet
>> _______________________________________________
> ipp mailing list
>ipp at pwg.org>https://www.pwg.org/mailman/listinfo/ipp>>> _______________________________________________
> ipp mailing list
>ipp at pwg.org>https://www.pwg.org/mailman/listinfo/ipp>-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20240509/65d516a8/attachment.html>