IPP> Re: New protocol document & Security issues

IPP> Re: New protocol document & Security issues

Carl-Uno Manros cmanros at cp10.es.xerox.com
Wed May 28 15:44:03 EDT 1997


Randy,


a couple of comments to your latest comments below.


At 11:40 AM 5/28/97 PDT, you wrote:
>We talked about basic authentication in Memphis and we decided that
>low-end IPP
>servers could use this because it is simple.  We really only need two
>levels of security,
>simple and advanced, for interoperability's sake. The simple case would
>be basic auth.,
>which alot of vendors are already supporting (username and password) in
>their products.
>The advanced case would be something like SSL or TLS/SSL, something that
>meets
>all of the security requirements discussed in past meetings. In my
>opinion, just two
>security models is all we need.


When you say that we discussed this in Memphis, I think that you might
have a different view of what was meant with "simple security".


You can certainly use the basic stuff that is in your document,
but if used, that will fall into the category "no security" as seen by the 
SEC subgroup. What we mean by "simple security" is the stuff in RFC 2069,
and "avanced security" would be things like TSL (equal to SSL3).  If you
are unhappy with this, I suggest you join in the SEC subfroup discussions. 
The SEC subgroup will soon have a new draft for review. 


Carl-Uno




Carl-Uno Manros
Principal Engineer - Advanced Printing Standards - Xerox Corporation
701 S. Aviation Blvd., El Segundo, CA, M/S: ESAE-231
Phone +1-310-333 8273, Fax +1-310-333 5514
Email: manros at cp10.es.xerox.com



More information about the Ipp mailing list