[IPP] Fwd: IPP Scan operational attribute

[IPP] Fwd: IPP Scan operational attribute

[IPP] Fwd: IPP Scan operational attribute

Michael Sweet msweet at apple.com
Mon Jun 16 15:19:36 UTC 2014


On Jun 16, 2014, at 11:02 AM, Ira McDonald <blueroofmusic at gmail.com> wrote:
> Hi Mike,
> The reason for some sparse syntax was to support Pete's use case (over the phone)
> of wanting two or more credentials for the *same* destination (i.e., multi-factor auth is
> in use).  This is a critically important real-world use case.

Then we need to define it and its requirements.

> With the straight parallel 1setOf approach, there has to be a nested collection to hold
> the auth-type, auth-data, etc. for each credential for one destination - ugly and fragile.

If the auth type defines multiple credentials then those can be provided via separate data values in the 1setOf, or using type-specific member attributes.  In short, we need to define what the attributes contain, not provide a BLOB holder that will become an interoperability nightmare.

> Pete and I particularly liked the use of the simple (1setOf octetString(MAX)) with auto
> concatenation to support large credentials (X.509 certificates, etc.).

That is indeed a simple solution, but let's not make it an opaque blob.

Michael Sweet, Senior Printing System Engineer, PWG Chair

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20140616/e207f0b3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4881 bytes
Desc: not available
URL: <http://www.pwg.org/pipermail/ipp/attachments/20140616/e207f0b3/attachment.p7s>

More information about the ipp mailing list