IETF Logo Mail Archive

Re: IPP> possible compromise?

Keith Moore <moore@cs.utk.edu> Wed, 15 July 1998 16:16 UTC

Delivery-Date: Wed, 15 Jul 1998 12:16:05 -0400
Return-Path: ipp-owner@pwg.org
Received: from cnri.reston.va.us (ns [132.151.1.1]) by ietf.org (8.8.5/8.8.7a) with ESMTP id MAA19134 for <ietf-archive@ietf.org>; Wed, 15 Jul 1998 12:16:04 -0400 (EDT)
Received: from lists.underscore.com (uscore-1.mv.com [199.125.85.30]) by cnri.reston.va.us (8.8.5/8.8.7a) with ESMTP id MAA15539 for <ietf-archive@cnri.reston.va.us>; Wed, 15 Jul 1998 12:15:53 -0400 (EDT)
Received: from localhost (daemon@localhost) by lists.underscore.com (8.7.5/8.7.3) with SMTP id MAA26302 for <ietf-archive@cnri.reston.va.us>; Wed, 15 Jul 1998 12:15:54 -0400 (EDT)
Received: by pwg.org (bulk_mailer v1.5); Wed, 15 Jul 1998 12:10:38 -0400
Received: (from daemon@localhost) by lists.underscore.com (8.7.5/8.7.3) id MAA25365 for ipp-outgoing; Wed, 15 Jul 1998 12:07:28 -0400 (EDT)
Message-Id: <199807151607.MAA16598@spot.cs.utk.edu>
X-URI: http://www.cs.utk.edu/~moore/
From: Keith Moore <moore@cs.utk.edu>
To: Harry Lewis <harryl@us.ibm.com>
cc: ipp@pwg.org, moore@cs.utk.edu, moore@cs.utk.edu
Subject: Re: IPP> possible compromise?
In-reply-to: Your message of "Wed, 15 Jul 1998 11:28:58 EDT." <5030050015552513000002L532*@MHS>
Date: Wed, 15 Jul 1998 12:07:05 -0400
Sender: owner-ipp@pwg.org

> Keith, I am trying very hard to follow this discussion to some form =
> of bedrock.  I'm not so adamant about the URL scheme... as long as 
> I can base my initial implementation on existing, off-the-shelf HTTP 
> servers, which I think we have safely agreed upon.
> 
> What I do need, however, is a timely end to the development process 
> for this standards specification. I suspect you would agree - none of 
> us have inexhaustible resources.
> 
> To this end, security appears to be a real "monkey wrench". Your 
> statement represents a basic "open loop" in my estimation.
> 
> It is insufficient, at this point, to be in the position of taking a 
> proposal to the IESG which we know will fail to ratify and which is 
> completely "Catch22" in context. We can't have security because it's 
> not there yet... yet we can't use the security which is there. 
> Unless there is some certainty of a very near term resolution of 
> the security issue which will satisfy the IESG, I claim we MUST 
> focus (and adjust, if appropriate) the IPP effort on utilization 
> of a viable interim security method.

Harry,

I share your concern about the need for a timely end to the development
process.  

While I do have doubts about the viability of IPP security for some
of the scenarios that IPP has envisioned, I also recognize that my
expertise is limited in this area.  I would rather leave it to 
the security ADs to evaluate the adequacy of IPP security.  If it's 
okay with them, it will be okay with me.

Even if the security ADs share my concerns, I will push to get the
Proposed Standard versions of the IPP specifications published quickly 
and with as few changes as possible -- perhaps with some sort of
disclaimer about the limitations of the current security setup.  The 
vast majority of printing applications do not need a fully general 
security solution, and IPP should not be kept waiting until such a 
solution exists.  It may be that IPP needs additional work to 
define URL parameters and/or profiles for how TLS should be used 
in some of the scenarios, but even if this is necessary I believe 
that most of the work can be done in separate documents that aren't 
in the critical path for the main IPP set.

I am pushing for the IESG review to be complete by the end of July,
though there is some chance that the review will take two weeks
longer than that.  But I am hopeful that IESG can get the feedback to
IPP by end July, and complete IESG approval of any revisions before 
the Chicago IETF.

Keith

v2.8.7 | Report a Bug | By Email