The fact that scenarios exist where security is not
necessary, do not obviate the need for the standard
to specify security as a requirement. Its possible
that one of the machines in one of these scenarios
might be moved or requested to communicate outside
of the scenario-specific domain and we don't want
to have to modify the configuration or install new
software in order to interoperate.
TCP supports re-ordering of packets and checksumming
but neither of these is really needed for hosts on
a single ethernet segment; nevertheless, the standard
specifies the capability in order to interoperate
outside of the segment, if need be.
The requirement for a specific security mechanism to
be used for IPP is closer to guaranteeing that some
level of security can be negotiated, end to end,
across any number of topologies.
Bob Van Andel wrote:
>> >The decision to require SSL3 framing has a number of consequences which
> >needs to be reflected in the Protocol document.
>> The minutes from the Boulder meeting do not reflect why this decision was
> made. Can you enlighten me?
>> I could envision the following scenarios where this requirement would not
> be necessary.
>> - IP level security is in place
> - the entire conversation is on a private intranets behind firewalls
> - the printer is designated as equivalent to a public fax machine.
>> This requirement increases implementation and execution costs for both
> clients and servers.
> Bob Van Andel
> Allegro Software Development Corporation
> 43 Waite Road
> Boxborough, MA 01719
> (978) 266-1375
> (978) 266-2839 fax
>> Information on the RomPager embedded web server toolkit is at