IPP> IPP Meeting Discussion about IPP URL Sch

IPP> IPP Meeting Discussion about IPP URL Sch

IPP> IPP Meeting Discussion about IPP URL Sch

Carl Kugler kugler at us.ibm.com
Wed Nov 18 18:21:53 EST 1998


Just to follow up on this.  

The draft-ietf-ipp-ipp-scheme-01.txt says: 

> An IPP/1.0 client MUST use an http-URL for non-secure printers and an https-URL for secure printers.

I don't understand why.  In fact, a counter- example is shown in section 4.4.2, "uri-security-supported", of draft-ietf-ipp-model-11.txt: 

> For a single Printer object, an administrator configures the "printer-uri-supported" and "uri-security-supported" attributes as follows:
  "printer-uri-supported": 'http://acme.com/open-use-printer', 'http://acme.com/restricted-use-printer', 'http://acme.com/private-printer'
  "uri-security-supported": 'none', 'none', 'ssl3'
...
>For the third URI, 'http://acme.com/private-printer', the value 'ssl3' in "uri-security-supported" indicates that SSL3 is being used to secure the channel.  The client SHOULD be prepared to use SSL3 framing to negotiate an acceptable ciphersuite to use while communicating with the Printer object.  In this case, the name implies the use of a secure communications channel, but the fact is made explicit by the presence of the 'ssl3' value in "uri-security-supported".  The client does not need to resort to understanding which security it must use by following naming conventions or by parsing the URI to determine which security mechanisms are implied.

There must be some rationale I've missed that explains why the approach in MOD is insufficient.

    -Carl

> -----
> See the original message at http://www.egroups.com/list/ipp/?start=4875
> 
> 



-----
See the original message at http://www.egroups.com/list/ipp/?start=4876



More information about the Ipp mailing list