IPP> SEC: IPP 1.1 security (phone conference)

IPP> SEC: IPP 1.1 security (phone conference)

IPP> SEC: IPP 1.1 security (phone conference)

Wenn, John C jwenn at cp10.es.xerox.com
Tue Feb 2 23:30:57 EST 1999


For IPP 1.1 security (use of TLS), for the over the wire protocol, IPP is
happy with whatever standard methods exist (the leading contendor is HTTP
Upgrade: TLS/1.0 header).  This avoids the extra security port problem by
negotiating a secure connection inside the normal connection.

Undecided is how a URL specifies that it should use a secure connection.
I'm in favor of using a "ipps://" scheme.  The meaning is simple: when a
client sees a ipps: URI, it connects using the standard port with a
"Upgrade: TLS/1.0" header.  This is analogous to the "https" scheme, which
connects using a special security port using the SSL handshake immediately.

This solution adds a new scheme, but no new ports.

/John




More information about the Ipp mailing list