attachment

<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Hi Willem,<div class=""><br class=""></div><div class="">Thanks for the feedback! Replies below. </div><div class=""><br class=""><div class="">
Smith<br class=""><br class="">/**<br class="">    Smith Kennedy<br class="">    HP Inc.<br class="">*/

</div>
<div><br class=""><blockquote type="cite" class=""><div class="">On Jan 5, 2020, at 4:36 PM, Willem Groenewald <<a href="mailto:willem.groenewald@papercut.com" class="">willem.groenewald@papercut.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><meta http-equiv="Content-Type" content="text/html; charset=utf-8" class=""><div dir="ltr" class=""><div dir="ltr" class="">Hi Smith<div class=""><br class=""></div><div class="">Apologies for the delay, just returned from leave.</div><div class=""><br class=""></div><div class="">Here are a few comments on the naming (probably more "thoughts" to spark some thinking):<br class=""><br class="">1) The use-cases and flows around "Password Protected Job" and "User Credential Protected Job" are very similar.  The names should be related.  e.g. both are "release" and path "protect" the job.  It's the means of protection that are changing.  Hence we'd recommend having very similar names.  If you're keen to add the word "release", we'd suggest making sure this also exists on the password protected job too.<br class=""></div></div></div></div></blockquote><div><br class=""></div><div>Mike Sweet earlier responded with a similar suggestion that I name them "Release Printing", so I'm going to go with that in the next revision, that I'm working on currently.</div><div><br class=""></div><blockquote type="cite" class=""><div class=""><div dir="ltr" class=""><div dir="ltr" class=""><div class=""><br class="">2) We've taken a look at the draft of the Enterprise Printing Extensions v2.0 w.r.t these mentioned features, and would love an opportunity to dive a little deeper around security. Some immediate thoughts from a quick look, that may or may not have been considerer, are:<br class=""><ul class=""><li class="">The use of hashing methods that are no longer considered "secure".  Would it make sense for a standard released in 2020 include these as options?</li><li class="">Requiring these features to be available over TLS connections</li><li class="">Have downgrade (or reply) attacks been considered?</li></ul></div></div></div></div></blockquote><div>These are all very good questions, but require some explanation. Let's see how I do here and if you have more questions, we can continue to discuss.</div><div><br class=""></div><div>This IPP Enterprise Printing Extensions v2.0 is a v2.0 because it is a refactoring and renaming of the PWG 5100.11-2010 (IPP Job and Printing Extensions - Set 2 (JPS2)) specification that dates to 2010. </div><div><br class=""></div><div>The "job-password" and "job-password-encryption" attributes originated in that spec. When I worked on adding the "job-password-repertoire" registration in 2015, that registration deprecated a number of the "job-password-encryption" methods and added newer ones. We deprecated MD2, MD4, MD5 and SHA1. In the PWG, "deprecated" means that Printers SHOULD NOT support them, and operators SHOULD NOT use them if they are supported by one of their printers. We have yet to obsolete them out of concern for backward compatibility, but it has now been 4 years. If you are suggesting that we obsolete these in IPP Enterprise Printing Extensions v2.0, I think we should consider it in the IPP WG. Are there others you think should be deprecated or added?</div><div><br class=""></div><div>I don't think we can require TLS when "job-password" is used without breaking backward compatibility. I personally think TLS ought to be required by all Printers deployed in the field. Some of this comes down to a delta between conformance requirements and deployment policy.</div><div><br class=""></div><div>When you ask about downgrade or replay attacks (you meant "replay", not "reply", right?), can you be more specific about your concerns?</div><div><br class=""></div><br class=""><blockquote type="cite" class=""><div class=""><div dir="ltr" class=""><div dir="ltr" class=""><div class="">Cheers,<br class=""><br class="">Chris & Bez in the PaperCut Dev Team (plus now Willem)<br class=""></div><div class=""><br class=""></div><div class=""><br class=""></div></div><br class=""><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 19 Dec 2019 at 04:12, Kennedy, Smith (Wireless & IPP Standards) via ipp <<a href="mailto:ipp@pwg.org" target="_blank" class="">ipp@pwg.org</a>> wrote:<br class=""></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi there,<br class="">
<br class="">
I'm in the process of producing a new draft of IPP Enterprise Printing Extensions v2.0 (EPX) and I'm trying to nail down the "feature names" and "job types" for the several features defined therein.<br class="">
<br class="">
What I have thus far is this:<br class="">
<br class="">
Job Password<br class="">
        • Feature: Password Job Protection<br class="">
        • Job Type: Password Protected Job<br class="">
        • Use Case: Protecting a Job with a Password<br class="">
<br class="">
Job Storage<br class="">
        • Feature: Job Storage<br class="">
        • Job Type: Stored Job<br class="">
        • Use Case: Storing a Job for Later Reprinting, Reprinting a Stored Job<br class="">
<br class="">
Proof Print<br class="">
        • Feature: Proof Print<br class="">
        • Job Type: Proof Job<br class="">
        • Use Case: Proof Printing<br class="">
<br class="">
Authenticated Release<br class="">
        • Feature: Authenticated Release? Credential Job Protection?<br class="">
        • Job Type: User Credential Protected Job?<br class="">
        • Use Case: Protecting a Job with User Authentication Credentials<br class="">
<br class="">
Any feedback on any of these labels? Thanks for any help!<br class="">
<br class="">
Smith<br class="">
<br class="">
/**<br class="">
    Smith Kennedy<br class="">
    HP Inc.<br class="">
*/<br class="">
<br class="">
_______________________________________________<br class="">
ipp mailing list<br class="">
<a href="mailto:ipp@pwg.org" target="_blank" class="">ipp@pwg.org</a><br class="">
<a href="https://www.pwg.org/mailman/listinfo/ipp" rel="noreferrer" target="_blank" class="">https://www.pwg.org/mailman/listinfo/ipp</a><br class="">
</blockquote></div><br clear="all" class=""><div class=""><br class=""></div>-- <br class=""><div dir="ltr" class=""><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div style="color:rgb(136,136,136);font-size:12.8px" class=""><div style="font-size:12.8px" class=""><font color="#6aa84f" face="tahoma, sans-serif" size="2" class=""><b class="">Willem Groenewald</b></font></div><div style="font-size:12.8px" class=""><font face="tahoma, sans-serif" size="1" class="">Product Owner</font></div></div><div style="color:rgb(136,136,136);font-size:12.8px" class=""><font size="1" class=""><a href="http://www.papercut.com/" style="color:rgb(17,85,204)" target="_blank" class=""><img alt="" src="http://cdn.papercut.com/files/email/papercut.png" class=""></a><br class=""></font></div><div style="color:rgb(136,136,136);font-size:12.8px" class=""><span style="font-size:x-small" class="">mob:  +61 439 584 646</span><br class=""></div><div style="color:rgb(136,136,136);font-size:12.8px" class=""><font size="1" class="">web:    <span style="color:rgb(61,133,198)" class=""><a href="http://www.papercut.com/" style="color:rgb(17,85,204)" target="_blank" class="">www.papercut.com</a></span><br class=""></font></div><div style="color:rgb(136,136,136);font-size:12.8px" class=""><br class=""></div><div dir="ltr" style="color:rgb(136,136,136);font-size:12.8px" class=""><a href="https://twitter.com/papercutdev" style="color:rgb(17,85,204)" target="_blank" class=""><img alt="" src="http://cdn.papercut.com/files/email/twitter-grey.png" class=""></a>  <a href="https://facebook.com/papercutsoftware" style="color:rgb(17,85,204)" target="_blank" class=""><img alt="" src="http://cdn.papercut.com/files/email/facebook-grey.png" class=""></a>  <a href="http://www.linkedin.com/company/papercut-software" style="color:rgb(17,85,204)" target="_blank" class=""><img alt="" src="http://cdn.papercut.com/files/email/linkedin-grey.png" class=""></a>  <a href="https://google.com/+PaperCutSoftware" style="color:rgb(17,85,204)" target="_blank" class=""><img src="http://cdn.papercut.com/files/email/google-plus-grey.png" class=""></a>  <a href="https://youtube.com/papercutsoftware" style="color:rgb(17,85,204)" target="_blank" class=""><img alt="" src="http://cdn.papercut.com/files/email/youtube-grey.png" class=""></a><br class=""><font color="#cccccc" size="1" class=""><br class="">Please consider the environment before printing this email... or install PaperCut and let it do the considering for you!</font></div></div></div></div></div>
</div>
</div></blockquote></div><br class=""></div></body></html>

Comments are owned by the poster. All other material is Copyright © 2001-2024 The Printer Working Group. All rights reserved. IPP Everywhere, the IPP Everywhere logo, and the PWG logo are trademarks of the IEEE-ISTO.
About the PWG · Privacy Policy · PWG Webmaster