Smith,
Thanks for this, I will update the F2F slide accordingly...
FWIW, the current text still adds the save password to job-save-disposition which has the unfortunate security implication of exposing the password as part of the job ticket. I also think we still need to better define the use cases and flow of information - not only for definition of the attribute(s) but for the security considerations. Finally, I think our discussions on encrypted documents may overlap with this one... :/
> On Feb 5, 2018, at 7:13 PM, Kennedy, Smith (Wireless & Standards Architec) <smith.kennedy at hp.com <mailto:smith.kennedy at hp.com>> wrote:
>> Greetings,
>> I have just posted an updated draft of IPP Job Save Password. It is available here:
>>https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-savepassword-20180205.pdf <https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-savepassword-20180205.pdf>
>https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-savepassword-20180205.odt <https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-savepassword-20180205.odt>
>https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-savepassword-20180205-rev.pdf <https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-savepassword-20180205-rev.pdf>
>https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-savepassword-20180205-rev.odt <https://ftp.pwg.org/pub/pwg/ipp/whitepaper/tb-savepassword-20180205-rev.odt>
>> Although I think that the changes I have made to produce this new draft have resolved some of the points of feedback from the last review on Dec. 14, 2017, these changes may still not have resolved these issues. Here are the minutes from the last meeting:
>> Comments from IPP mailing list:
> Section 1: some mention of job-password being a Job Template attribute, but it is an operation attribute (which is correctly noted in subsequent sections
> Section 4.2: Any password attribute needs to be protected, so these should be operation attributes and not Job Template...
> Section 6: Will obviously need a lot of discussion of how to protect and handle the passwords.
> Overall I'm still not sure about the use case for this, or how it would all work together. Is this an extension of "job-save-disposition", where the password would be used for the saved document? If so,I'd recommend that the attributes be called "job-save-password[-xxx]" to make that clearer, and add some discussion of that.
> Also, how does a Client re-print the saved job? Resubmit-Job with "document-password"?
> Maybe we need to refactor this: "job-save-accesses (1setOf collection)" attribute to provide credentials for saving to a URI like we do for document-access (INFRA) and destination-accesses (FaxOut).
> Don't specify an IPP way to do the "allow another user to reprint the saved content", e.g. Smith saves to network storage and then grants access to Bob through an out-of-band interface
> Encryption isn't a requirement, but access control *is*
> Two use cases for save + reprint:
> Using an IPP client to look at saved jobs and resubmit through IPP
> Reprint through printer console (most common scenario for HP)
> Reprint user may or may not be the person that submitted the original job
>> Please review the draft and come to discuss this in the session on Wednesday afternoon at the February 2018 vF2F.
>> Cheers,
>> Smith
>> /**
> Smith Kennedy
> Wireless & Standards Architect - IPG-PPS
> Standards - IEEE ISTO PWG / Bluetooth SIG / Wi-Fi Alliance / NFC Forum / USB-IF
> Chair, IEEE ISTO Printer Working Group
> HP Inc.
> */
>>>> _______________________________________________
> ipp mailing list
>ipp at pwg.org <mailto:ipp at pwg.org>
>https://www.pwg.org/mailman/listinfo/ipp
_________________________________________________________
Michael Sweet, Senior Printing System Engineer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20180206/36971c8a/attachment.html>