Minutes of IPP Security Conference call - 4/24/97
Participants: Roger deBry, Keith Carter, Carl-Uno Manros (and
Xerox team - Daniel, Steve, John), Keith Carter, Jerry Hadsell,
Steve Zilles
Carl-Uno reviewed an internal meeting held at Xerox where Dave Crocker,
a long time IETF person, participated in a security discussion. Key
points that came out of the Xerox meeting were
o Need to limit the scope of IPP security to problems that are
solvable with current or close in technology. Specifically
need to exclude secure print by reference from the current scope.
No work going on in the ietf which will solve this problem.
o Defined four levels of security.
- No security at all
- Privacy only, within a trusted environment
- Client authentication only, mainly for authorization
- Mutual authentication and privacy, only for highest security
o Some threats are not important enough to try to solve. Others can
be solved without additional specific security mechanisms. Spamming
was given as an example of a threat that could easily be solved
without requiring a specific security mechanism in IPP.
o Two places were mentioned where we would like to see the ietf security
work:
- authorization
- key management
o Two approaches to security were discussed
- Channel level security
- Object level security
o There was some discussion on the use of Mime types for IPP.
Dave Crocker thought that this was a useful idea. Mimes can be
encrypted and signed. There was also some discussion on the call
on creating unique mime types for each pdl. We concluded that this
was a good idea but that each mime-type would have to declare how
versions of the pdl were to be handled. The protocol group should
look into this.
o There was some discussion on firewalls. Do firewalls trigger off
port 80? If they do, there may be some benefit to having a unique
port number for IPP. We agreed that this would also be desired if
we ended up using some subset of http.
o Dave suggested that some candidates for IPP security not be
considered:
- SHTTP - not widely deployed and not favored by the ietf
- SASL - too new to consider, won't meet our time frame
o For channel security, the following were recommended:
- RFC 2069, digest authentication for use with http 1.1
- Transport Layer Security (TLS)
o For object level security the following were recommended:
- Secure mime (has some problems because of RSA prprietary stuff)
- PGP-Mime - still a bit new and not yet deployed
o It was agreed that we needed guidance from Netscape and Microsoft on
which of these protocols we ought to be using for IPP. Carl-Uno will
ask Netscape and Microsoft for recommendations.
o Xerox will write up a more formal note on the results of their meeting
and will make this available to the working group. In the meantime we
should all review the security mechanisms recommended. For information
SASL specification is draft-myers-auth-sasl-10.txt
TSL specification is draft-ietf-tls-protocol-02.txt
o Next call will be Thursday, May 1st
1 - 3pm PDT