attachment

<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Thanks Mike! So to put this all together:<div class=""><br class=""></div><div class=""><ul class="MailOutline"><li class="">RFC 8011 section 5.1.11 defines octetString as being simply a collection of octets</li><li class="">"job-password" is defined in PWG 5100.11 as "job-password (octetString(255))" which means its value will be raw octets</li><li class="">If "job-password-encryption" is "none" then there is no hashing, so presumably the plain octets are passed along (which is a bad security choice and also makes it possible for encoding confusion in the absence of "job-password-repertoire")</li><li class="">If "job-password-encryption" is one of the other keywords identifying a particular hashing algorithm, then the raw octets of the out put of that hashing algorithm are to be used.</li></ul><div class=""><br class=""></div><div class="">Did I get that right?</div><div class=""><br class=""></div><div class="">
Smith<br class=""><br class=""><br class="">

</div>

<br class=""><div><blockquote type="cite" class=""><div class="">On Apr 21, 2017, at 4:12 PM, Michael Sweet <<a href="mailto:msweet@apple.com" class="">msweet@apple.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">Smith,<br class=""><br class="">The octetString syntax is a BLOB type, so the raw MD5 bytes are transferred, not the ASCII representation.<br class=""><br class=""><blockquote type="cite" class="">On Apr 21, 2017, at 1:28 PM, Kennedy, Smith (Wireless Architect) <<a href="mailto:smith.kennedy@hp.com" class="">smith.kennedy@hp.com</a>> wrote:<br class=""><br class="">Greetings,<br class=""><br class="">Given the following scenario:<br class=""><span class="Apple-tab-span" style="white-space:pre">   </span>• An IPP Printer has reported via Get-Printer-Attributes:<br class=""><span class="Apple-tab-span" style="white-space:pre">    </span><span class="Apple-tab-span" style="white-space:pre">    </span>• "job-password-supported" = 32<br class=""><span class="Apple-tab-span" style="white-space:pre">    </span><span class="Apple-tab-span" style="white-space:pre">    </span>• "job-password-encryption-supported" = 'none', 'md5'<br class=""><span class="Apple-tab-span" style="white-space:pre">      </span><span class="Apple-tab-span" style="white-space:pre">    </span>• (going to ignore "job-password-repertoire-configured" and "job-password-length-supported" for now...)<br class=""><span class="Apple-tab-span" style="white-space:pre">  </span>• An IPP Client acquires from the User a job password "beeblebrox"<br class=""><br class="">If the Client chooses 'none', then it should send in a Validate-Job operation<br class=""><br class="">"job-password-encryption" = 'none'<br class="">"job-password" = 'beeblebrox'<br class=""><br class="">However, if the Client chooses 'md5', how does it encode the md5 hash octets? Does it encode it as hex-ascii in 32 octets like so?<br class=""><br class="">"job-password-encryption" = 'none'<br class="">"job-password" = '3f73fde3af41b6a50c84a75f84892b85'<br class=""><br class="">Or since 'job-password' is defined in 5100.11 as "job-password (octetString(255))", is it reasonable for it to provide the raw binary value? I cannot find any statement in PWG 5100.11, RFC 8010, or wp-job-password-repertoire-20160101.pdf that makes this clear. Is the Printer expected to handle both scenarios?<br class=""><br class="">Thoughts?<br class=""><br class="">Smith<br class=""><br class="">/**<br class="">    Smith Kennedy<br class="">    Wireless Architect - Client Software - IPG-PPS<br class="">    Standards - IEEE ISTO PWG / Bluetooth SIG / Wi-Fi Alliance / NFC Forum / USB IF<br class="">    Chair, IEEE ISTO Printer Working Group<br class="">    HP Inc.<br class="">*/<br class=""><br class=""><br class=""><br class="">_______________________________________________<br class="">ipp mailing list<br class=""><a href="mailto:ipp@pwg.org" class="">ipp@pwg.org</a><br class="">https://www.pwg.org/mailman/listinfo/ipp<br class=""></blockquote><br class="">_________________________________________________________<br class="">Michael Sweet, Senior Printing System Engineer<br class=""><br class=""></div></div></blockquote></div><br class=""></div></body></html>

Comments are owned by the poster. All other material is Copyright © 2001-2024 The Printer Working Group. All rights reserved. IPP Everywhere, the IPP Everywhere logo, and the PWG logo are trademarks of the IEEE-ISTO.
About the PWG · Privacy Policy · PWG Webmaster