I'm sorry if I wasn't clear in Munich.
(I botched several things in that meeting -- must have been a bad day for me!)
For the most part, it's up to the IPP working group to determine the
minimum security needs for the IPP protocol -- and then to document
the level of protection provided, threats, etc. in the security section.
The group will need to establish some minimum security level -- what
minimum degree of authentication and/or confidentiality should be
required for all clients and/or servers (the two could be different),
to ensure that all clients and servers can interoperate "out of the
box", once they are given the necessary credentials, and with a
degree of security that is appropriate for *most* (not just some)
uses of the protocol. (The group could argue that the minimum security
level is "none" for both clients and servers, but it would have to
convince IESG that this is adequate for most installations....)
Note that a implementation requiremnt is not a requirement of any
particular installation -- any installation can disable authentication
and/or require stronger authentication than the default, according
to that installation's policy.
Keith