Ahem...the reference from RFC 2817 (HTTP Upgrade) to IPP is an *informative*
reference to the *obsolete* RFC 2565 (IPP/1.0 Model), which itself contains
IESG "poison pill" that says (partially):
"This document defines an Experimental protocol for the Internet
community. The IESG expects that a revised version of this protocol
will be published as Proposed Standard protocol. The Proposed
Standard, when published, is expected to change from the protocol
defined in this memo. In particular, it is expected that the
standards-track version of the protocol will incorporate strong
authentication and privacy features, and that an "ipp:" URL type will
be defined which supports those security measures."
The IESG really disliked IPP/1.0 (for valid security flaw reasons).
IPP/1.0 was marked obsolete when RFC 2911 (IPP/1.1) was published
15 years ago, so the discussions in RFC 2817 are not a good source
for guidance on port usage (dual or overloaded single).
Ira McDonald (Musician / Software Architect)
Co-Chair - TCG Trusted Mobility Solutions WG
Chair - Linux Foundation Open Printing WG
Secretary - IEEE-ISTO Printer Working Group
Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
IETF Designated Expert - IPP & Printer MIB
Blue Roof Music / High North Inc
mailto: blueroofmusic at gmail.com
Winter 579 Park Place Saline, MI 48176 734-944-0094
Summer PO Box 221 Grand Marais, MI 49839 906-494-2434
On Wed, Dec 10, 2014 at 2:53 PM, Kennedy, Smith (Wireless Architect) <
smith.kennedy at hp.com> wrote:
> Hi Ira,
>> I know this is a long-stale thread, but I was just re-reading RFC 2817,
> and Section 1 “Motivation” says this, which is germane to this subject (and
> even references IPP!):
>> 1. Motivation
>> The historical practice of deploying HTTP over SSL3  has
> distinguished the combination from HTTP alone by a unique URI scheme
> and the TCP port number. The scheme ’http’ meant the HTTP protocol
> alone on port 80, while ’https’ meant the HTTP protocol over SSL on
> port 443. Parallel well-known port numbers have similarly been
> requested -- and in some cases, granted -- to distinguish between
> secured and unsecured use of other application protocols (e.g.
> snews, ftps). This approach effectively halves the number of
> available well known ports.
>> At the Washington DC IETF meeting in December 1997, the Applications
> Area Directors and the IESG reaffirmed that the practice of issuing
> parallel "secure" port numbers should be deprecated. The HTTP/1.1
> Upgrade mechanism can apply Transport Layer Security  to an open
> HTTP connection.
>> Just wanted to share this with the group, for whatever reason.
> Smith Kennedy
> Wireless Architect - Client Software - IPG-PPS
> Hewlett-Packard Co.
>>>> On 2014-04-07, at 2:50 PM, Ira McDonald <blueroofmusic at gmail.com> wrote:
>> Found this afternoon by browsing of I-Ds from the active IETF WGs
> top-level list:
>>https://datatracker.ietf.org/doc/draft-ietf-tsvwg-port-use/>> NOTE: This document does consider reuse of the same port for both
> ordinary and secure implementations of the same service. It doesn't
> take a position, except that the whole document is about conservation
> of the IANA-assigned port space.
>> Certainly our port 631 reuse in 'ipp:' and 'ipps:' URI is allowed (and
> apparently encouraged) by this I-D.
> - Ira
>> Ira McDonald (Musician / Software Architect)
> Co-Chair - TCG Trusted Mobility Solutions WG
> Chair - Linux Foundation Open Printing WG
> Secretary - IEEE-ISTO Printer Working Group
> Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
> IETF Designated Expert - IPP & Printer MIB
> Blue Roof Music / High North Inc
>http://sites.google.com/site/blueroofmusic>http://sites.google.com/site/highnorthinc> mailto: blueroofmusic at gmail.com> Winter 579 Park Place Saline, MI 48176 734-944-0094
> Summer PO Box 221 Grand Marais, MI 49839 906-494-2434
>>>-------------- next part --------------
An HTML attachment was scrubbed...