IPP> SEC: IPP 1.1 security (phone conference)

Wenn, John C (jwenn@cp10.es.xerox.com)
Tue, 2 Feb 1999 20:30:57 -0800

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Ira McDonald: "Re: IPP> SEC: IPP 1.1 security (phone conference)"
• Previous message: Ira McDonald: "IPP> RFC 2196 and RFC 2504 - Security FYI's"
• Next in thread: Ira McDonald: "Re: IPP> SEC: IPP 1.1 security (phone conference)"

For IPP 1.1 security (use of TLS), for the over the wire protocol, IPP is
happy with whatever standard methods exist (the leading contendor is HTTP
Upgrade: TLS/1.0 header). This avoids the extra security port problem by
negotiating a secure connection inside the normal connection.

Undecided is how a URL specifies that it should use a secure connection.
I'm in favor of using a "ipps://" scheme. The meaning is simple: when a
client sees a ipps: URI, it connects using the standard port with a
"Upgrade: TLS/1.0" header. This is analogous to the "https" scheme, which
connects using a special security port using the SSL handshake immediately.

This solution adds a new scheme, but no new ports.

/John

• Next message: Ira McDonald: "Re: IPP> SEC: IPP 1.1 security (phone conference)"
• Previous message: Ira McDonald: "IPP> RFC 2196 and RFC 2504 - Security FYI's"
• Next in thread: Ira McDonald: "Re: IPP> SEC: IPP 1.1 security (phone conference)"

Comments are owned by the poster. All other material is Copyright © 2001-2024 The Printer Working Group. All rights reserved. IPP Everywhere, the IPP Everywhere logo, and the PWG logo are trademarks of the IEEE-ISTO.
About the PWG · Privacy Policy · PWG Webmaster