As you read the new security internet-draft you will see that four common usage
scenarios are described. These are:
o no security
o message protection
o client authentication and authorization
o mutual authentication, authorization, and message protection
In order to let a person who is searching a directory know what to expect in
terms of security, we need some Printer attributes that would be stored in the
directory to help indicate this. For example, when I search a directory, I want
to know which printers require authentication. There are undoutbedly many ways
to do this. I would appreciate your comments on the following proposal as a
way to get some discussion going on this ...
New Printer Attributes:
values are none, supported or required
values are none, supported, or required
Supported means that the Printer is capable of supporting this security
feature, but it is does not require the client to use it. For example, if
message protection is supported, it means that a client can encrypt a message
if privacy is required, but does not have to.
Required means that the Printer is capable of supporting this privacy feature,
and the client is required to use it. For example, if
authentication/authorization is required, then the client must be authenticated
before using the Printer.
Alternatives include listing each security protocol supported as an attribute
with values as above, or having one attribute called security with the names
of the supported protocols as values.
Roger K deBry
Senior Techncial Staff Member
Architecture and Technology
IBM Printing Systems
email: rdebry at us.ibm.com