The IETF could eliminate SMTP over TLS (RFC 3207), because it's
hop-by-hop security (only works well _within_ an enterprise
network, which is of course one of the best IPP environments).
But both S/MIME v3 and OpenPGP are recent and Proposed Std.
Do you know if OpenPGP is any more common in infrastructure
and clients than S/MIME? Annecdotally, the IETF Registrar
(for conferences), the RFC Editor and others regularly post
their OpenPGP public keys on their Web pages, but I don't
see S/MIME keys usually.
- Ira McDonald
From: Michael Sweet [mailto:mike at easysw.com]
Sent: Monday, April 01, 2002 12:28 PM
To: McDonald, Ira
Cc: 'Carl'; ipp at pwg.org
Subject: Re: IPP> RE: Mandatory Delivery Method for Notifications -
Commen ts by April 15
McDonald, Ira wrote:
> Except that most MUA's don't support S/MIME... :(
> Good point - could we say SHOULD support use of S/MIME (RFC 2633) and/or
> MIME with OpenPGP (RFC 3165) or SMTP over TLS (RFC 3207), all of which
> are IETF 'standards track'?
I'd say that that would be the best route, although the IETF might want
us to narrow the focus to one method?
> For INDP, TLS may improve security, however the current spec doesn't
> require authentication at all for incoming IPP operations, so
> encrypting the channel doesn't make INDP more secure by itself.
> For INDP, we could say that the job submission (in IPP) SHOULD use
> TLS security and the INDP delivery SHOULD use TLS, right?
Michael Sweet, Easy Software Products mike at easysw.com
Printing Software for UNIX http://www.easysw.com