The IESG has approved the following document: - 'Internet Printing Protocol(IPP): Job and Printer Administrative Operations ' <draft-ietf-ipp-ops-set2-04.txt> as a Proposed Standard This document is the product of the Internet Printing Protocol Working Group. The IESG contact persons are Scott Hollenbeck and Ted Hardie. Technical Summary This document defines additional optional end user, operator, and administrator operations used to control Internet Printing Protocol Jobs and Printers. In addition, this document extends the semantic model of the Printer object by allowing them to be configured into trees and/or inverted trees that represent Printer object Fan-Out and Printer object Fan-In, respectively. The special case of a tree with only a single Subordinate node represents Chained Printers. Working Group Summary This document is a product of the IPP Working Group. The IESG first reviewed this document in 2002. Though it has taken two years to address the review comments, the working group did eventually decide to update the document instead of letting it lapse. Protocol Quality Ned Freed and Scott Hollenbeck reviewed the specification for the IESG. RFC Editor Note Please change the second paragraph in section 16 (Security Considerations) from this: "Printer operations defined in this specification (see section 3) and Pause-Printer, Resume-Printer, and Purge-Job (defined in [RFC2911]) are intended for use by an operator and/or administrator. Job operations defined in this specification (see section 4) and Cancel- Job, Hold-Job, Release-Job defined in [RFC2911]) are intended for use by the job owner or may be an operator or administrator of the Printer object. These operator and administrative operations affect the service of all users. In appropriate use of an administrative operation by an un-authenticated end user could affect the quality of service for all users. Therefore, for both inter-net and intra-net, conformance to this specification REQUIRES that initial configuration of IPP Printer implementations MUST require successful certificate- based TLS [RFC2246] client authentication and successful operator and administrator authorization (see [RFC2911] sections 5.2.7 and 8 and [RFC2910]) for any administrative operations defined in this document. [RFC2910] REQUIRES the IPP Printer to support the minimum cypher suite required for TLS/1.0. The means for authorizing an operator or administrator of the Printer object are outside the scope of this specification, [RFC2911], and [RFC2910]." to this: "Printer operations defined in this specification (see section 3) and Pause-Printer, Resume-Printer, and Purge-Job (defined in [RFC2911]) are intended for use by an operator and/or administrator. Job operations defined in this specification (see section 4) and Cancel-Job, Hold-Job, and Release-Job (defined in [RFC2911]) are intended for use by the job owner, operator, or administrator of the Printer object. These operator and administrative operations affect service for all users. Inappropriate use of an administrative operation by an unauthenticated end user can affect the quality of service for all users. Therefore, IPP Printer implementations MUST support both successful certificate-based TLS [RFC2246] client authentication and successful operator/administrator authorization (see [RFC2911] sections 5.2.7 and 8 and [RFC2910]) to perform the administrative operations defined in this document. [RFC2910] requires the IPP Printer to support the minimum cipher suite specified for TLS/1.0. The means for authorizing an operator or administrator of the Printer object are outside the scope of this specification, RFC 2910, and RFC 2911." A normative reference to RFC 2119 must be added. The "change history" comment at the end of the list of informative references should be removed. _______________________________________________ IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce
