attachment
<div dir="ltr"><div><div><div><div><div><div>Hi Mike,<br><br></div>The reason for some sparse syntax was to support Pete's use case (over the phone)<br></div>of wanting two or more credentials for the *same* destination (i.e., multi-factor auth is<br>
</div>in use). This is a critically important real-world use case.<br><br></div>With the straight parallel 1setOf approach, there has to be a nested collection to hold<br>the auth-type, auth-data, etc. for each credential for one destination - ugly and fragile.<br>
<br></div><div>Pete and I particularly liked the use of the simple (1setOf octetString(MAX)) with auto<br>concatenation to support large credentials (X.509 certificates, etc.).<br><br></div>Cheers,<br></div>- Ira<br><br>
</div>
<div class="gmail_extra"><br clear="all"><div><div dir="ltr">Ira McDonald (Musician / Software Architect)<br>Co-Chair - TCG Trusted Mobility Solutions WG<br>Chair - Linux Foundation Open Printing WG<br>Secretary - IEEE-ISTO Printer Working Group<br>
Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG<br>IETF Designated Expert - IPP & Printer MIB<br>Blue Roof Music / High North Inc<br><a style="color:rgb(51,51,255)" href="http://sites.google.com/site/blueroofmusic" target="_blank">http://sites.google.com/site/blueroofmusic</a><br>
<a style="color:rgb(102,0,204)" href="http://sites.google.com/site/highnorthinc" target="_blank">http://sites.google.com/site/highnorthinc</a><br>mailto: <a href="mailto:blueroofmusic@gmail.com" target="_blank">blueroofmusic@gmail.com</a><br>
Winter 579 Park Place Saline, MI 48176 734-944-0094<br>Summer PO Box 221 Grand Marais, MI 49839 906-494-2434<br><br><div style="display:inline"></div><div style="display:inline"></div><div style="display:inline"></div>
<div></div><div></div><div></div><div></div></div></div>
<br><br><div class="gmail_quote">On Mon, Jun 16, 2014 at 7:45 AM, Michael Sweet <span dir="ltr"><<a href="mailto:msweet@apple.com" target="_blank">msweet@apple.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word">Ira,<div><br></div><div>I'm not a big fan of this proposal - I'd prefer the parallel 1setOf that we typically use in IPP rather than invent a sparse syntax, particularly when the most common use case is a single destination (and the second most common is probably a list of email recipients that won't need this...)</div>
<div><br></div><div>Also, if we want to generalize this in the future, perhaps prefix the member attributes with "access-" instead of "destination-", with the operation attribute being "destination-accesses (1setOf collection)". That would make it:</div>
<div><br></div><div> Operation Attributes:</div><div><br></div><div> destination-accesses (1setOf collection)</div><div> access-data (1setOf octetString(MAX))</div><div><div> access-type (type3 keyword | name)</div>
</div><div><div> access-user-name (name(MAX))</div></div><div><br></div><div><br></div><div> Printer Description Attributes:</div><div><br></div> access-type-supported (1setOf type3 keyword | name)<br><div></div>
<div> destination-accesses-supported (1setOf type2 keyword)</div><div> (required values 'access-data', 'access-type', and 'access-user-type' if supported)</div><div><br></div><div>For the access-data member attribute, I wouldn't hardcode it to be concatenation of values, since there are auth methods that require multiple "passwords", but rather define it for each access-type value.</div>
<div><br></div><div>....</div><div><br></div><div>(Future for Print-URI/Send-URI)</div><div><br></div><div> Operation Attribute:</div><div><br></div><div> document-access (collection)</div><div><br></div><div><br></div>
<div> Printer Description Attribures:</div><div><br></div><div> document-access-supported (1setOf type2 keyword)</div><div><div> (required values 'access-data', 'access-type', and 'access-user-type' if supported)</div>
</div><div><br></div><div><br></div><div><div><div><div class="h5"><div>On Jun 15, 2014, at 6:21 PM, Ira McDonald <<a href="mailto:blueroofmusic@gmail.com" target="_blank">blueroofmusic@gmail.com</a>> wrote:</div><br>
</div></div><blockquote type="cite"><div dir="ltr"><div><div class="h5"><div><div dir="ltr"><div style="display:inline">[forwarding to IPP WG list for our Scan discussion on Monday 16 June]<br></div><div style="display:inline">
</div><div style="display:inline"></div><div></div><div>
</div><div></div><div></div></div></div>
<br></div></div><div class="gmail_quote"><div><div class="h5">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Ira McDonald</b> <span dir="ltr"><<a href="mailto:blueroofmusic@gmail.com" target="_blank">blueroofmusic@gmail.com</a>></span><br>
Date: Fri, Jun 13, 2014 at 5:22 PM<br>Subject: Re: IPP Scan operational attribute<br>To: "Zehler, Peter" <<a href="mailto:Peter.Zehler@xerox.com" target="_blank">Peter.Zehler@xerox.com</a>>, Ira McDonald <<a href="mailto:blueroofmusic@gmail.com" target="_blank">blueroofmusic@gmail.com</a>><br>
<br><br><div dir="ltr"><div><div><div><div><div><div><div><div><div><div><div>Hi Pete,<br><br></div>So here's a fragment of IPP stuff for the operation attribute<br></div>that can be sparse (i.e., does NOT have to be parallel to the <br>
"destinations" array)<br></div><br></div>destination-acceses (1setOf destination-access)<br><br></div>destination-access (collection)<br></div><div>- member attributes below<br></div><br>destination-numbers (1setOf Integer)<br>
</div><div>- required to supply in every row</div>- ordinals of rows in "destinations" Job attribute<br></div><div>- out-of-range ordinal is a fatal Job submission error<br><br></div><div>destination-user-name (name(MAX))<br>
</div><div>- optional to supply in a given row<br></div><div>- for username/password authentication<br><br></div></div><div>destination-auth-type (type3 keyword | name)<br></div><div>- required to supply in every row<br>
</div>
<div>- taken from Joe's list with extensions<br></div><div>- type3 to allow ease-of-extensions (w/out new IPP spec) <br></div><br>destination-auth-data (1setOf octetString(MAX))<br>- required to supply in every row<br>
</div><div>- binary or UTF-8 text<br></div><div>- multiple values are concatenated<br></div><div>- solves the large attribute problem w/out a new datatype<br><br></div><div>WDYT?<br><br></div><div>Cheers,<br></div><div>- Ira<br>
<br></div></div><div><br></div></div></div></div><div class="gmail_extra"><div><div class="h5"><br clear="all"><div><div dir="ltr">Ira McDonald (Musician / Software Architect)<br>Co-Chair - TCG Trusted Mobility Solutions WG<br>
Chair - Linux Foundation Open Printing WG<br>Secretary - IEEE-ISTO Printer Working Group<br>Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG<br>IETF Designated Expert - IPP & Printer MIB<br>Blue Roof Music / High North Inc<br>
<a style="color:rgb(51,51,255)" href="http://sites.google.com/site/blueroofmusic" target="_blank">http://sites.google.com/site/blueroofmusic</a><br><a style="color:rgb(102,0,204)" href="http://sites.google.com/site/highnorthinc" target="_blank">http://sites.google.com/site/highnorthinc</a><br>
mailto: <a href="mailto:blueroofmusic@gmail.com" target="_blank">blueroofmusic@gmail.com</a><br>Winter 579 Park Place Saline, MI 48176 <a href="tel:734-944-0094" value="+17349440094" target="_blank">734-944-0094</a><br>
Summer PO Box 221 Grand Marais, MI 49839 <a href="tel:906-494-2434" value="+19064942434" target="_blank">906-494-2434</a><br><br><div style="display:inline">
</div><div style="display:inline"></div><div style="display:inline"></div><div></div><div></div><div></div><div></div></div></div></div></div><div><div>
<br><br><div class="gmail_quote"><div><div class="h5">On Fri, Jun 13, 2014 at 12:24 PM, Zehler, Peter <span dir="ltr"><<a href="mailto:Peter.Zehler@xerox.com" target="_blank">Peter.Zehler@xerox.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div link="blue" vlink="purple" lang="EN-US">
<div><div><div class="h5"><p class="MsoNormal">Ira, <u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">As you know I need to add an operational attribute to IPP Scan that contains the information necessary for a Scan Service to store a document at a specified location. I imagine it would contain items like access tokens or even (yuk) username/password.
The operational attribute will be a parallel collection to IPP Scan’s destinations collection. In the Imaging Device Security Identification, Authentication and Authorization specification the UserIdentificationType looks close to what I need. On the wire
I do not think I need the UserUuid and I’ll need a username/password.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Any idea what I should be using and where I might obtain the detailed definition?<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Pete<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal"><u></u> <u></u></p></div></div><p class="MsoNormal"><span style="font-family:"Impact","sans-serif";color:navy">Peter Zehler</span><span style="color:#1f497d"><br>
<br>
</span><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:navy"><span><image001.png></span><br>
</span></p><div class=""><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:navy">Email:
</span><a href="mailto:Peter.Zehler@Xerox.com" target="_blank"><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:blue">Peter.Zehler@Xerox.com</span></a><span style="color:#1f497d"><br>
</span><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:navy">Office: <a href="tel:%2B1%20%28585%29%20265-8755" value="+15852658755" target="_blank">+1 (585) 265-8755</a><u></u><u></u></span></div>
<p></p><div class=""><p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:navy">Mobile: <a href="tel:%2B1%20%28585%29%20329-9508" value="+15853299508" target="_blank">+1 (585) 329-9508</a></span><span style="color:#1f497d"><br>
</span><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:navy">FAX: <a href="tel:%2B1%20%28585%29%20265-7441" value="+15852657441" target="_blank">+1 (585) 265-7441</a></span><span style="color:#1f497d"><br>
</span><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:navy">US Mail: Peter Zehler</span><span style="color:#1f497d"><br>
</span><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:navy">Palo Alto Research Center Incorporated</span><span style="color:#1f497d"><br>
</span><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:navy">800 Phillips Rd.</span><span style="color:#1f497d"><br>
</span><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:navy">M/S 128-25E</span><span style="color:#1f497d"><br>
</span><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:navy">Webster NY, 14580-9701</span><span style="color:#1f497d">
</span><span style="font-size:12.0pt;font-family:"Times New Roman","serif";color:#1f497d"><u></u><u></u></span></p><p class="MsoNormal"><u></u> <u></u></p>
</div></div>
</div>
</blockquote></div><br></div></div></div>
</div><br></div>
_______________________________________________<br>ipp mailing list<br><a href="mailto:ipp@pwg.org" target="_blank">ipp@pwg.org</a><br><a href="https://www.pwg.org/mailman/listinfo/ipp" target="_blank">https://www.pwg.org/mailman/listinfo/ipp</a><br>
</blockquote></div><br><div>
<span style="border-collapse:separate;border-spacing:0px"><span style="border-collapse:separate;color:rgb(0,0,0);font-family:'Andale Mono';font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><div style="word-wrap:break-word">
_________________________________________________________<br>Michael Sweet, Senior Printing System Engineer, PWG Chair</div></span></span>
</div>
<br></div></div></blockquote></div><br></div>