IPP Mail Archive: Re: IPP> IPP Meeting Discussion about IPP URL Sch

Re: IPP> IPP Meeting Discussion about IPP URL Sch

Carl Kugler (kugler@us.ibm.com)
18 Nov 1998 23:21:53 -0000

Just to follow up on this.

The draft-ietf-ipp-ipp-scheme-01.txt says:

> An IPP/1.0 client MUST use an http-URL for non-secure printers and an https-URL for secure printers.

I don't understand why. In fact, a counter- example is shown in section 4.4.2, "uri-security-supported", of draft-ietf-ipp-model-11.txt:

> For a single Printer object, an administrator configures the "printer-uri-supported" and "uri-security-supported" attributes as follows:
"printer-uri-supported": 'http://acme.com/open-use-printer', 'http://acme.com/restricted-use-printer', 'http://acme.com/private-printer'
"uri-security-supported": 'none', 'none', 'ssl3'
...
>For the third URI, 'http://acme.com/private-printer', the value 'ssl3' in "uri-security-supported" indicates that SSL3 is being used to secure the channel. The client SHOULD be prepared to use SSL3 framing to negotiate an acceptable ciphersuite to use while communicating with the Printer object. In this case, the name implies the use of a secure communications channel, but the fact is made explicit by the presence of the 'ssl3' value in "uri-security-supported". The client does not need to resort to understanding which security it must use by following naming conventions or by parsing the URI to determine which security mechanisms are implied.

There must be some rationale I've missed that explains why the approach in MOD is insufficient.

-Carl

> -----
> See the original message at http://www.egroups.com/list/ipp/?start=4875
>
>

-----
See the original message at http://www.egroups.com/list/ipp/?start=4876