[IPP] RFC: Recommend same port/origin policy for resources in IPP Everywhere v1.1[EXTERNAL]

[IPP] RFC: Recommend same port/origin policy for resources in IPP Everywhere v1.1[EXTERNAL]

Uli Wehner ulrich.wehner at ricoh-usa.com
Thu Aug 23 13:57:44 UTC 2018 

Mike,

This sounds reasonable. 

One note: many customers use IPP/SSL for print data encryption, which uses the same certificate as Port 443. From a security perspective this is advantageous I think. Port 80 is often turned off, which has been an issue for airprint.



regards

Uli Wehner
ulrich.wehner at ricoh-usa.com

 

-----Original Message-----
From: ipp <ipp-bounces at pwg.org> On Behalf Of Michael Sweet
Sent: Thursday, August 23, 2018 9:46 AM
To: PWG Workgroup <ipp at pwg.org>
Subject: [IPP] RFC: Recommend same port/origin policy for resources in IPP Everywhere v1.1[EXTERNAL]

All,

I've had some recent discussions internally at Apple concerning some network management issues with IPP printers that serve their resource files over a different port (typically port 80) than their IPP endpoint.  Basically, it is "easy" to whitelist communications over port 631 (or 443, as is still often the case) for IPP but less desirable to whitelist port 80 which is also used for web content.

Effectively this means that we'd like to see printers advertise their printer-icc-profiles, printer-icons, printer-more-info, printer-strings-uri, and printer-supply-info-uri URLs with the same host and port as in printer-uri-supported and printer-xri-supported, which is supposed to match the HTTP Host header.  We can't make this a requirement in IPP Everywhere v1.1, but I'd like to add it as an explicit recommendation (Printers SHOULD ...) in sections 5.3 and 5.4, and note that the port number should also be included in section 5.1.1 which talks about using the HTTP Host header value.

I also notice that printer-more-info should be listed as a Printer Status attribute and we need to add the missing printer-strings-uri and printer-strings-languages-supported attributes as RECOMMENDED...

Thoughts?

_________________________________________________________
Michael Sweet, Senior Printing System Engineer

_______________________________________________
ipp mailing list
ipp at pwg.org
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.pwg.org_mailman_listinfo_ipp&d=DwICAg&c=5hYF0Zu0Yz-C6S-kaHDItw&r=Kf2OsKTEH35gSgu0U6HqdHzbU1TrLWRQF9AyGiFJjds&m=5x9aipJWUe-lzWygkP2sKd1ZLZ3v7qj8MfDzGBXKQlc&s=ESHJXS3aCxT2O5PBS8jZzCvb-poiHzyZyGxQ_91koKo&e=

More information about the ipp mailing list