IETF Logo Mail Archive

RE: IPP> Re: IPP Scheme

Rich Gray <RichG@digital-controls.com> Mon, 13 July 1998 15:15 UTC

Delivery-Date: Mon, 13 Jul 1998 11:15:08 -0400
Return-Path: ipp-owner@pwg.org
Received: from cnri.reston.va.us (ns [132.151.1.1]) by ietf.org (8.8.5/8.8.7a) with ESMTP id LAA00374 for <ietf-archive@ietf.org>; Mon, 13 Jul 1998 11:15:03 -0400 (EDT)
Received: from lists.underscore.com (uscore-1.mv.com [199.125.85.30]) by cnri.reston.va.us (8.8.5/8.8.7a) with ESMTP id LAA03643 for <ietf-archive@cnri.reston.va.us>; Mon, 13 Jul 1998 11:14:59 -0400 (EDT)
Received: from localhost (daemon@localhost) by lists.underscore.com (8.7.5/8.7.3) with SMTP id LAA24224 for <ietf-archive@cnri.reston.va.us>; Mon, 13 Jul 1998 11:14:59 -0400 (EDT)
Received: by pwg.org (bulk_mailer v1.5); Mon, 13 Jul 1998 11:09:55 -0400
Received: (from daemon@localhost) by lists.underscore.com (8.7.5/8.7.3) id LAA23628 for ipp-outgoing; Mon, 13 Jul 1998 11:06:27 -0400 (EDT)
Message-ID: <C544ABD0476AD11198490000C02B9F1506FB75@DCCEXCH>
From: Rich Gray <RichG@digital-controls.com>
To: "'Keith Moore'" <moore@cs.utk.edu>
Cc: ipp@pwg.org
Subject: RE: IPP> Re: IPP Scheme
Date: Mon, 13 Jul 1998 11:05:33 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.1960.3)
Content-Type: text/plain
Sender: owner-ipp@pwg.org

> -----Original Message-----
> From: Keith Moore [mailto:moore@cs.utk.edu]
> Sent: Sunday, July 12, 1998 7:39 PM
> To: Randy Turner
> Cc: moore@cs.utk.edu; ipp@pwg.org; moore@cs.utk.edu
> Subject: IPP> Re: IPP Scheme 

[snips]

Keith writes:
> 
> With due respect, the IESG disagrees.  The layering of a new protocol
> over HTTP, and the proposed reuse of http: URLs, has 
> generated concerns
> about breaking widely-held assumptions - specifically, 
> firewall policies
> and assumptions about what http: means and how it is used.

What can one assume about http?  That it is the "browsing" application??
Using conventional http/html one can indeed browse a vast "library" of
information.  Many of us are now quite dependant upon this access.  But
one can also upload/download files, control routers and other gear
(including printers!), cop a peek at a porn site, get news & other
information, send and receive e-mail and all sorts of services that
imaginative people have managed to implement on these protocols.   So it
seems to me that the only meaning http: has it that it is Hypertext
Transport.  One cannot tell what is being transported.  It is not
possible to infer "application" based upon http:.  One would have to dig
into the content of the messages (or filter on hosts) to do much
effective blocking if one wanted to restrict http to a small set of
legitimate applications.   So it does not seem like this is much help
for the firewall administrator.  The barndoor is already pretty wide
open. 

MIME type would seem to provide a most adequate filtering hook for IPP
and other protocols which also wish to ride on http.  

> 
> Keith
> 

Another $.02,

Rich

Richard B. Gray, Sr. Software Egr.| Tel: 513/746-8118 ext. 2405
Digital Controls Corporation      | Fax: 513/743-8575
305 South Pioneer Blvd.           | Net: rich.gray@digital-controls.com
Springboro OH 45066-1100, USA     | Http://lpplus.digital-controls.com

v2.8.7 | Report a Bug | By Email