IPP Mail Archive: RE: IPP> Firewalls etc.

IPP Mail Archive: RE: IPP> Firewalls etc.

RE: IPP> Firewalls etc.

Paul Moore (paulmo@microsoft.com)
Thu, 11 Jun 1998 13:20:57 -0700

I think that you'll find that many corporate IT managers would
strenuously disagree. Your sending a print job from your desk
could:

- print company confidential documents in an unsecure place
- incur print charges on behalf of the company (if you are sending
it to
a commercial print shop)

The security agrument is not valid (I can copy a file to diskette
and take it home, I can remeber it and retryp it when I get home, I can
print it locally and put the paper in my pocket, I can email it, I can do a
web based file upload to a web site, I can display it on the screen and take
photos of it, I can phone my answering machine at home and dictate it). If I
am trusted to have access to the document then I am assumed to be trustable.
The only place where this is not the case is in ultra secure enviroments
(DOD Orange book Class b or greater). This will have no external
connectivity at all.

Actually I dont see how they can incur print charges for their
company. I use all sorts of online services from my desk - I cant see how I
could incur charges to my company (I pay for them myself with my credit
card).

Still if a company has that degree of paranoia they wont allow any
web access at all.
In this case they will disallow outbound POST as you point out
later.
>