Keith is doing fine.....
1) IPP has to ANALYZE risks of using IPP on the open Internet (NOT behind
firewalls or in "spammable" environments)
IPP must then DEFINE how a reasonable number of these risks can be defended
against using security mechanisms, and REQUIRE that valid IPP
implement at least a minimum set of these
The USER of an IPP device can then decide to use or not to use those
2) I'd like you to tell me which security lists are discussing SASL; it
seems that the list set up to discuss SASL is either totally dead or
I've fallen off it. We need to know!
Thanks for your help!