[IPP] Subject: Xerox has reviewed the IPP Authentication Methods and has one comment

[IPP] Subject: Xerox has reviewed the IPP Authentication Methods and has one comment

Kennedy, Smith (Wireless & Standards Architect) smith.kennedy at hp.com
Thu Feb 28 15:16:16 UTC 2019 

Thanks Cihan! I didn't go back to the document and read the full paragraph (first paragraph from section 4.7) in place before replying to Alan. The current paragraph is this:

The 'certificate' IPP Authentication method uses X.509 certificate authentication via TLS. X.509 certificate authentication via TLS is initiated by the Printer by sending a Certificate Request message during the Transport Layer Security (TLS) [RFC5246] handshake. The Client then sends the X.509 certificate identifying the User and/or Client in a corresponding Certificate message, and a subsequent Certificate Verify message to prove to the Printer that the Client has the corresponding private key. If the Client has no configured X.509 certificate to provide, it sends an empty Certificate message.

After re-reading it, I think it ought to be this:

The 'certificate' IPP Authentication method uses X.509 certificate authentication via TLS. This authentication method is initiated by the Printer when it sends a Certificate Request message during the Transport Layer Security (TLS) [RFC5246] handshake. The Client responds by sending a Certificate message with the X.509 certificate identifying the User and/or Client. The Client then sends a Certificate Verify message to prove to the Printer that the Client has the corresponding private key. If the Client has no X.509 certificate to provide to the Printer, it sends an empty Certificate message.

Any objections to this rewrite?

Smith



> On Feb 28, 2019, at 3:54 AM, Cihan Colakoglu <Cihan.Colakoglu at dda.kyocera.com> wrote:
> 
> Hello,
> 
> I see a repetition below (blue color)
> 
> The 'certificate' IPP Authentication method uses X.509 certificate authentication via TLS. X.509 certificate authentication via TLS. This authentication method is initiated by the Printer by sending a Certificate Request message during the Transport Layer Security (TLS) [RFC5246] handshake.
> 
> I guess the intent was the following?
> 
> The 'certificate' IPP Authentication method uses X.509 certificate authentication via TLS.  This authentication methodis initiated by the Printer by sending a Certificate Request message during the Transport Layer Security (TLS) [RFC5246] handshake.
> 
> 
> Best Regards,
> Cihan Colakoglu
> Kyocera Document Solutions
> 
> From: ipp <ipp-bounces at pwg.org> On Behalf Of Ira McDonald via ipp
> Sent: Tuesday, February 26, 2019 8:21 AM
> To: Kennedy, Smith (Wireless & Standards Architect) <smith.kennedy at hp.com>; Ira McDonald <blueroofmusic at gmail.com>
> Cc: ipp at pwg.org; Alan Sukert <alan.sukert at xerox.com>
> Subject: Re: [IPP] Subject: Xerox has reviewed the IPP Authentication Methods and has one comment
> 
> Hi Smith and Alan,
> 
> I strongly prefer the two sentences solution.
> 
> We should all try to avoid long sentences with operational content in more than one
> subclause, because they interfere w/ clarity.
> 
> Cheers,
> - Ira
> 
> Ira McDonald (Musician / Software Architect)
> Co-Chair - TCG Trusted Mobility Solutions WG
> Co-Chair - TCG Metadata Access Protocol SG
> Chair - Linux Foundation Open Printing WG
> Secretary - IEEE-ISTO Printer Working Group
> Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
> IETF Designated Expert - IPP & Printer MIB
> Blue Roof Music / High North Inc
> http://sites.google.com/site/blueroofmusic <https://protect-us.mimecast.com/s/_U1ICpYK0Ki3kzDEsPnRzM?domain=sites.google.com>
> http://sites.google.com/site/highnorthinc <https://protect-us.mimecast.com/s/0wk_Cqx5v5ujBOW6UXw4fA?domain=sites.google.com>
> mailto: blueroofmusic at gmail.com <mailto:blueroofmusic at gmail.com>
> PO Box 221  Grand Marais, MI 49839  906-494-2434
> 
> 
> 
> On Tue, Feb 26, 2019 at 10:17 AM Kennedy, Smith (Wireless & Standards Architect) <smith.kennedy at hp.com <mailto:smith.kennedy at hp.com>> wrote:
> Thanks Alan! This editorial feedback is important, and I'll make this change before we go to Formal Vote. As an alternative, I could replace the "and" with a period, and make the second half of the (pretty long) sentence a new sentence, like so:
> 
> The 'certificate' IPP Authentication method uses X.509 certificate authentication via TLS. X.509 certificate authentication via TLS. This authentication method is initiated by the Printer by sending a Certificate Request message during the Transport Layer Security (TLS) [RFC5246] handshake.
> 
> Any strong opinions either way? I'm also not sure that I should be capitalizing "Authentication" in "The 'certificate' IPP Authentication method...".
> 
> Smith
> 
> 
> 
> 
> On Feb 26, 2019, at 6:01 AM, Sukert, Alan <alan.sukert at xerox.com <mailto:alan.sukert at xerox.com>> wrote:
> 
> Minor comment (grammatically sentence did not read correctly; suggested addition is in red type) that can be ignored if needed to approve - Lines 272-274: The 'certificate' IPP Authentication method uses X.509 certificate authentication via TLS. X.509 certificate authentication via TLS and is initiated by the Printer by sending a Certificate Request message during the Transport Layer Security (TLS) [RFC5246] handshake.
> 
> Alan Sukert
> Product Security Specialist
> Xerox Research and Product Development/ Product Security and Development Process Controls
> Xerox Certified Green Belt
> Alan.Sukert at xerox.com <mailto:Alan.Sukert at xerox.com>| tel 585.427.1413
> MS 0111-03A | 800 Phillips Road | Webster, NY 14580 USA
> 
> -----Original Message-----
> From: pwg-announce <pwg-announce-bounces at pwg.org <mailto:pwg-announce-bounces at pwg.org>> On Behalf Of Michael Sweet
> Sent: Friday, February 1, 2019 12:36 PM
> To: PWG Announcements <pwg-announce at pwg.org <mailto:pwg-announce at pwg.org>>
> Subject: [PWG-Announce] PWG Last Call: IPP Authentication Methods (Ends February 28, 2019)
> 
> Hi,
> 
> [This PWG Last Call starts today, February 1, 2019, and ends Thursday, February 28, 2019 at 10pm US Pacific time.]
> 
> This is the formal announcement of the IPP Authentication Methods best practice docuemnt, located at:
> 
>    https://ftp.pwg.org/pub/pwg/ipp/wd/wd-ippauth-20190116.pdf <https://protect-us.mimecast.com/s/kd-vCrk5w5flMA93U460M6?domain=ftp.pwg.org>
> 
> The IPP WG has completed extensive review of the various revisions of this document and a workgroup last call.
> 
> The PWG Process/3.0 requires that a quorum of PWG members (30% or 7 members) must acknowledge a PWG Last Call (with or without comments), before any document can progress to PWG Formal Vote.  This PWG Last Call is NOT a Formal Vote but it DOES require your review acknowledgment.  The PWG Definition of the Standards Development Process Version 3.0 is located at:
> 
>    https://www.pwg.org/chair/membership_docs/pwg-process30.pdf <https://protect-us.mimecast.com/s/AOXrCv25A5hz1WX0hA3lKY?domain=pwg.org>
> 
> 
> HOW TO RESPOND
> 
> Send an email with *exactly* the following subject line format:
> 
>    Subject: <Company Name> has reviewed the IPP Authentication Methods and has [no] comments
> 
> 
> WHERE TO SEND YOUR RESPONSE
> 
> Please do NOT simply reply to this note on the PWG-Announce list.
> 
> Please send your response to *all* of the following email addresses:
> 
>    ipp at pwg.org <https://protect-us.mimecast.com/s/M03GCwp5B5I36LpZs1sVDy?domain=pwg.org> (IPP WG mailing list - you must be subscribed!);
>    smith.kennedy at hp.com <https://protect-us.mimecast.com/s/9ht6Cxk5D5fo8JOqTWWxvt?domain=hp.com> (Smith Kennedy, PWG Chair, IPP Authentication Methods editor)
>    blueroofmusic at gmail.com <https://protect-us.mimecast.com/s/DcQxCyP5E5u5DNnmcPi4nA?domain=gmail.com> (Ira McDonald, PWG Secretary, IPP WG Co-Chair)
>    ptykod at tykodi.com <https://protect-us.mimecast.com/s/1fS2Czp5G5IoDRLNTMxko5?domain=tykodi.com> (Paul Tykodi, IPP WG Co-Chair)
>    msweet at apple.com <https://protect-us.mimecast.com/s/ASrkCADo5oTA09YJFBooN-?domain=apple.com> (Mike Sweet, IPP WG Secretary)
> 
> Note: You must be subscribed to the IPP WG mailing list to send email to that list - otherwise your email will be silently discarded. You can subscribe to this list at:
> 
>    https://www.pwg.org/mailman/listinfo/ipp <https://protect-us.mimecast.com/s/NL3NCBBp5pu5qVoJcQGmyW?domain=pwg.org>
> 
> 
> _________________________________________________________
> Michael Sweet, Senior Printing System Engineer
> 
> _______________________________________________
> pwg-announce mailing list
> pwg-announce at pwg.org <mailto:pwg-announce at pwg.org>
> https://www.pwg.org/mailman/listinfo/pwg-announce <https://protect-us.mimecast.com/s/2nZSCDkr5rflpBPrUv_Y7t?domain=pwg.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20190228/e93dfcbd/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://www.pwg.org/pipermail/ipp/attachments/20190228/e93dfcbd/attachment.sig>

More information about the ipp mailing list