IPP> RE: Mandatory Delivery Method for Notifications - Commen ts by April 15

IPP> RE: Mandatory Delivery Method for Notifications - Commen ts by April 15

IPP> RE: Mandatory Delivery Method for Notifications - Commen ts by April 15

McDonald, Ira imcdonald at sharplabs.com
Mon Apr 1 13:36:46 EST 2002


Hi Michael,

The IETF could eliminate SMTP over TLS (RFC 3207), because it's
hop-by-hop security (only works well _within_ an enterprise
network, which is of course one of the best IPP environments).

But both S/MIME v3 and OpenPGP are recent and Proposed Std.
Do you know if OpenPGP is any more common in infrastructure 
and clients than S/MIME?  Annecdotally, the IETF Registrar
(for conferences), the RFC Editor and others regularly post
their OpenPGP public keys on their Web pages, but I don't
see S/MIME keys usually.

Cheers,
- Ira McDonald

-----Original Message-----
From: Michael Sweet [mailto:mike at easysw.com]
Sent: Monday, April 01, 2002 12:28 PM
To: McDonald, Ira
Cc: 'Carl'; ipp at pwg.org
Subject: Re: IPP> RE: Mandatory Delivery Method for Notifications -
Commen ts by April 15


McDonald, Ira wrote:
> ...
> Except that most MUA's don't support S/MIME... :(
> 
> <ira>
> Good point - could we say SHOULD support use of S/MIME (RFC 2633) and/or 
> MIME with OpenPGP (RFC 3165) or SMTP over TLS (RFC 3207), all of which
> are IETF 'standards track'?
> </ira>

I'd say that that would be the best route, although the IETF might want
us to narrow the focus to one method?

> ...
> For INDP, TLS may improve security, however the current spec doesn't
> require authentication at all for incoming IPP operations, so
> encrypting the channel doesn't make INDP more secure by itself.
> 
> <ira>
> For INDP, we could say that the job submission (in IPP) SHOULD use
> TLS security and the INDP delivery SHOULD use TLS, right?
> </ira>
> 

Right.

-- 
______________________________________________________________________
Michael Sweet, Easy Software Products                  mike at easysw.com
Printing Software for UNIX                       http://www.easysw.com



More information about the Ipp mailing list