PWG May 2022 Face-to-Face Meeting - SummaryJune 3, 2022

The PWG held its May 2022 Virtual Face-to-Face Meeting on May 17-19, 2022 via Webex teleconference. This event was held in collaboration with Linux Foundation OpenPrinting Workgroup. Sessions were presented by both organizations over the event's 3 days. Representatives from Artifex, Canon, Canonical, Google, High North, HP Inc., Konica Minolta, Kyocera Document Solutions, Lakeside Robotics, Lexmark, Okidata, PDF Association, Qualcomm, Red Hat, Ricoh, TCS, and TIC attended the meetings, among others. Attendees reviewed work in progress, including drafts of a number of in-progress specifications, and discussed liaisons with partner groups. Here is a summary of the proceedings.

PWG Plenary

The F2F event began with the PWG Plenary session. The PWG Chair began with the PWG Antitrust Policy, which was presented at the start of each session at this F2F, as well as the PWG Intellectual Property Policy and the PWG Patent Statement.   The PWG Chair then reviewed the overall state of the PWG, its programs and initiatives, and briefly discussed upcoming face-to-face meeting scheduling.  We noted that there are currently 854 printers certified under the PWG's IPP Everywhere™ Self Certification program, and climbing.  We discussed the PWG Steering Committee's activities and initiatives, including progress on Process 4.0, new policies, and recently approved documents. Officers from the IDS Workgroup and IPP Workgroup briefly summarized their Workgroup's status, and PWG Liaison Officers also briefly reported on the status of our partners' work in Mopria Alliance and a number of 3D Additive Manufacturing organizations (including AMSC, ASTM Commitee F42, INCITS, 3MF Consortium, American Concrete Institute Committee 564, PDF Association, and VDMA OPC UA for Additive Manufacturing Joint Working Group 40 450). 

Complete minutes from the plenary are available here:

Linux Foundation OpenPrinting Workgroup

The Linux Foundation OpenPrinting Workgroup held seven sessions on the first and second days, covering a variety of topics. On the first day in the OpenPrinting Plenary, Ira McDonald reviewed the Linux OpenPrinting project's accomplishments from 2021 and surveyed the efforts under way for 2022.

Following lunch, Aveek Basu (Linux Foundation OpenPrinting) presented a summary of the OpenPrinting Workgroup's upcoming activities for Google Summer of Code (GSoC) events in 2022. Following this, several of the 2021 GSoC students presented their work.  Pranshu Kharkwal presented his universal filter function to replace the chain of individual CUPS filters, and Divyasheel Kumar presented his GUI for listing and managing IPP print and scan services.  Finally, Aveek presented the upcoming OP Initiatives and the GSoC 2022 Mentors and Admins.

Next, Michael Vrhel (Artifex) presented on the state of Ghostscript and MuPDF, covering all of the changes made since our last meeting.  For Ghostscript, this included a new PDF interpreter, a stand-along PDF only binary, passthrough for JPX/JPG2000, Object specific halftoning, and some demo app improvements.   MuPDF changes included Microsoft Word DOCX output format, OpenOffice ODT output format, changes to a number of features including undo/redo/autosave/restore, OCR enhancements, a Python binding (PyMuPDF) and others.  Michael closed out the session discussing some code security/analysis methods and detailed the current and future work, including forcing vector and text content to black or white, improved page control for PDF files, and preservation of PDF accessibility content for pdfwrite.

Following the afternoon break, Benjamin Gordon and Piotr Pawliczek (Google) concluded the day by presenting on the state of Chrome OS printing, reviewing the open source components used in the Chromium OS / Chrome OS printing system, including CUPS, cups-filters, Avahi, Ghostscript, sane-airscan, and ippusb_bridge. Recent additions include the general scalability of existing features (more PPDs, more manufacturer-specific PPD keywords, more automated testing, mock printer improvements) and better sharing of USB devices between print and scan.  The final upcoming improvement, OAuth2 support for IPP, was discussed in-depth for the rest of the day and we decided that the conversation should be extended into upcoming IPP workgroup meetings due to the complexity of the feature.

On the second day, Mike Sweet (Lakeside Robotics) presented the CUPS Plenary, starting with a brief overview of CUPS and then covering the recent and upcoming release schedule for CUPS 2.4.x and CUPS 2.5.   Some features expected in CUPS 2.5 include wide-area DNS-SD lookups and configuration profiles, localization improvements, OAuth 2.0/OpenID authentication, job-sheets-col and better media-col attribute support, and X.509 certificate management improvements.  Mike next went into more depth while discussing some of the nuances of OAuth 2.0/OpenID support.  Finally, Mike presented the future plans for CUPS 3.0, which will make use of a modular printing architecture including a local server, sharing server, CUPS commands, tools, and libraries.   Mike outlined the challenges with CUPS 3.0, including the broader scope, desktop support work, and the need for more developers. 

In the next session, Mike took us through the status of Printer Applications.  This included an overview of PAPPL, a simple CUPS-based C framework for developing Printer Applications, including feature/function, platforms supported, key contributors, and recent and upcoming releases.   Next was the HP Printer Application (hp-printer-app), a simple tool that originally started as sample code for printing to a variety of network or USB-connected PCL 3/5 printers.   Finally, Mike discussed LPrint, an application to support label and receipt printing.

In the final session before the lunch break, Till Kamppeter presented PPD/Classic CUPS driver retro-fit Printer Applications Library, a PAPPL-based libary to retro-fit classic CUPS drivers (ie, PPDs, filters, and backends) into Printer Applications, pappl-retrofit.   The library provides the capabilities to manage collections of PPD files, converts between PPD options and IPP attributes, wrap CUPS filters and backends, and convert standard IPP formats such as PWG Raster and PDF into printer formats.  Till noted that this work was nearly complete, and only lacking features that were just recently available in PAPPL.  Once these features are done, pappl-retrofit 1.x will be released. 

After lunch, Till presented an overview of the status of cups-filters, CUPS SNAP, IPP USB, and other projects. The cups-filters project is evolving with CUPS in many ways, including encapsulating filter binary functions within discrete library functions, reducing the overhead of spawning independent processes. The libcupsfilters, libppd, and cups-browsed features were discussed, as well as the major changes going from version 1.x to 2.x.  A major effort is underway to release CUPS as a Snap. Driverless scanning is also a major area of engagement by the OpenPrinting Workgroup currently, and the complexities of that effort were covered in detail. Implementation issues with IPP USB were also discussed. Till concluded with a discussion about GUI requirements.

Complete minutes available here:

Internet Printing Protocol (IPP) Workgroup

IPP Workgroup sessions began in the afternoon on the second day of the F2F event with a status summary of IPP Workgroup activities currently in progress.  As noted, IPP/2.x Fourth Edition and IPP Everywhere 2.0 were both in Interim status, IPP Driverless Printing Extensions v2.0, IPP Encrypted Jobs and Documents v1.0, IPP Production Printing Extenstions v2.0, and IPP Enterprise Printing Extentions v2.0 were all in Prototype, while IPP Everywhere Printer Self-Certification Manual v2.0 was at the Initial stage and IPP Finishings v3.0 was in Formal Vote through 5/27/22.   We then went on to briefly discuss pending IANA registrations followed by an update on IPP Everywhere Printer Self-Certification, noting that update 4 of the self cert tool was currently in beta test.   Next, we briefly reviewed the list of pending and in-progress errata and the Prototype-Ready and Stable specifications.  

After the status review was completed, we discussed "ACME-Based Provisioning of IoT Devices", which is intended to extend the current ACME (Automatic Certificate Management Environment) RFC [RFC8555] to provision X.509 certificates for local Internet of Things devices that are accepted by existing web browsers and software running on end user client devices with the purpose of eliminating browser warnings when accessing embedded web servers.    This would be accomplished by adding a local trusted ACME service to the network.   Michael Sweet gave an overview of how ACME works on the internet and why it can fail to function with IoT devices on a local area network, followed by a visual demonstration of how a local ACME service could solve the issue in various configurations.   We briefly discussed the potential issue of mobile devices discovering different printers with the same hostname, and determined that this is a known issue that needs to be documented, with the understanding that collisions are unlikely given the default hostname mechanism that most printers use.

After a brief break, we concluded the afternoon with 3D printing topics.  The session began with a brief overview of existing 3D standards (PWG 5100.21-2019: IPP 3d Printing Extensions v1.1 and PWG 5199.5-2017: PWG 3d Print Job Ticket and Associated Capabilities v1.0), and the proposed future work items (IPP 3D Scan Service v1.0, IPP 3D Production Printing Extensions v1.0, and Updated PWG 3D Print Job Ticket and Associated Capabilites v2.0).   We then discussed recent 3D printing news and the upcoming 3D meetings for the rest of 2022.   Following the introduction to 3D printing, Peter Wyatt from PDF Association joined us to present a session on understanding 3D PDF.   Peter led us through the basics of 3D file formats for PDF and available software packages before diving into a little more detail regarding PDF2.0 and RichMedia support.  

Day 3 opened with the final IPP WG session of the F2F event.  We began the session discussing IPP/2.x Fourth Edition, and noted the Errata update of PWG 5100.12-2015 and the proposed schedule.   We then moved on to discuss IPP Everywhere 1.1 and the recent update to section 12 (Logo Usage Guidelines).  There had been some concern that the existing usage guidelines might prevent companies from using the logo in marketing materials before any certification had completed, which could complicate timing between publications containing the logo and the product announcement.   This new update to the logo policy will allow members to use the logo in preparation of product and marketing materials, subject to passing the IPP Everywhere self-certification tests and eventual submission of those results within 90 days of public release (see for the full guidelines).  

Next, we moved into the discussion of IPP Everywhere v2.0 and IPP Everywhere Printer Self-Certification Manual v2.0.   We noted that this is a major update from IPP Everywhere 1.1, with most of the RECOMMENDED items becoming REQUIRED, some new CONDITIONALLY REQUIRED items, TLS support becoming REQUIRED, and support for IPP-USB.  The current proposed schedule is to have a draft available in Q3/Q4 2022.  It was the consensus of the group to make IPP-USB support RECOMMENDED for now, even though other mobile standards require it.   We discussed the potential for a GUI front-end to the self-certification tools, and Mike took the action item to put together a proposed UI.  Finally, we concluded the IPP WG sessions with our next steps, reviewing the target dates for our existing work items.

Complete minutes available here: 

Imaging Device Security (IDS) Workgroup

The Imaging Device Security session was held in the afternoon session of the third day.  Al started by presenting the current status of the HCD iTC and its efforts to develop HCD cPP v1.0 and HCD SD v1.0.   Al presented a new way of showing comments for this F2F.  He showed all the comments received to date across all of the drafts to date.   Specifically for the 2nd Public Draft of the HCD cPP, there have been 83 comments submitted, all of which have been adjudicated as follows:   56 'Accepted', 0 'Accepted in Principle', 10 'Deferred', and 17 not accepted or rejected.  Al also reviewed the total comments against the HCD cPP so far, and Ira noted that there was a positive trend of the total comments going down for each successive draft.   It was noted that the 2nd Public Draft of the HCD SD was released for public review on 2/24/2022, and Al presented a summary of the 28 total comments that were submitted against that draft:  25 were 'Accepted', 1 'Accepted in Principle', 0 Deferred, a 3 not accepted or rejected.

Al presented the overall HCD SD total comment numbers before reviewing the key issues that were resolved in the 2nd Public Draft of the HCD SD.  Highlights of these key issues included adding and changing some Test Assurance Activities, a number of content and URL corrections, as well as some significant updates to Test Assurance Activities requested by ITSCC (the Korean Common Criteria Scheme) for a number of cryptographic SFRs.   Al noted that this last set of changes was very significant and could have a big impact on vendors who certifiy HCDs against the HCD cPP/SD once they are published.   The primary concern here is that vendors will be responsible for performing all the necessary testing for these cryptographic SFRs, but most vendors do not have the capability to do this type of testing.  Thus, they may have to contract the testing out, which can be expensive, and there is no guarantee that NIAP will accept these additional tests.

Next, Al provided an update on the Cryptographic Erase issue currently facing the HCD iTC.  The proposal to add the Data Wiping SFR FPT_WIPE_EXT that was discussed at the February 9th Face to Face had been modified multiple times by the Secure Erase Subgroup and the full HCD iTC since February 9th . At the beginning of May, the HCD iTC finally received comments against the proposal from NIAP (the US Common Criteria Scheme), ITSSC and JISEC (the Japanese Common Criteria Scheme).  After evaluation and discussion of the comments, the Secure Erase Subgroup and the full HCD iTC agreed to make changes to address the comments from the three schemes (details available in the full meeting minutes).   Al discussed some of the other issues that the HCD cPP is facing, including some new NIAP TDs written by the Network Device Interpretation Team against SFRs and Assurance Activities that the HCD iTC inserted into the HCD cPP and HCD SD, "Deferred" comments that need disposition, whether to include removal of support for Cipher suites with RSA Key Generation with keys < 2048 bits as required by NIST SP 800-56B and NIST SP 800-131A as well as for SHA-1 and all RSA and DHE Key Exchange, and noted that the HCD iTC needs to make a final decision on whether or not to include NTP in Version 1.0 or put in in the “Parking Lot” for the next release.

Al reviewed the current schedule that was just revised on May 16th, but shared concerns that the schedule may not allow time enough for comments since the final draft is when most people finally read the documents for the first time and may result in technical comments requiring updates to the drafts.  Al reviewed the items to be considered for inclusion in the HCD cPP/SD Post-v1.0, including coordination with the EUCC, inclusion of AVA_VAN and ALC_FLR, incorporation of CCDB and CCUF Crypto WG Packages, and others.   We then reviewd the next steps and lessons learned that were presented at the previous IDS Face-to-Face meetings.  

Next, Mike Sweet gave a presentation on IPP Encrypted Jobs and Documents as a part of a series of presentations to familiarize the IDS WG with the security aspects of IPP.   Mike gave an overview of the document purpose, which is to define new encrypted IPP message formats that provide IPP with end-to-end encryption of IPP Job Attributes, Document Attributes, and Document Data, before diving in to the details of how it works and the security benefits that it provides.  

Ira McDonald then provided the latest status on the HCD Security Guidelines, stating that essentially nothing has changed since the February IDS Face to Face.  For the final topic of the IDS session, Ira presented his Liaison report on current standards developments for the Trusted Computing Group (TCG) and Internet Engineering Task Force (IETF). The key points from Ira’s Liaison Report included the schedule for upcoming TCG Members Meetings, updates on a number of TCG documents (including TCG MARS 1.0 Mobile Profile, TCG DICE Endorsement Architecture for Devices, TCG EK Credential Profile for TPM 2.0, and TCG Canonical Event Log Format), updates on a long list of key IETF standards activities, and finally, updates from the IRTF Crypto Forum Research Group (CFRG).

Complete minutes are available here:

Next PWG Face-to-Face Meeting

The next PWG Face-to-Face meeting will be held August 16-18, 2022 via Webex teleconference. Be sure to subscribe to the mailing list to receive announcements about upcoming events and event changes or check the PWG Meetings page for updates on plans for upcoming meetings.