RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 2910, "Internet Printing Protocol/1.1: Encoding and Transport", September 2000

Note: This RFC has been obsoleted by RFC 8010

Source of RFC: ipp (app)

Errata ID: 4100
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT

Reported By: Michael Sweet
Date Reported: 2014-09-05
Held for Document Update by: Barry Leiba
Date Held: 2014-09-17

Section 8.1.2 says:

   IPP Printers SHOULD support Transport Layer Security (TLS) [RFC2246]
   for Server Authentication and Operation Privacy. IPP Printers MAY
   also support TLS for Client Authentication.  If an IPP Printer
   supports TLS, it MUST support the TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
   cipher suite as mandated by RFC 2246 [RFC2246].  All other cipher
   suites are OPTIONAL.  An IPP Printer MAY support Basic Authentication
   (described in HTTP/1.1 [RFC2617])  for Client Authentication if the
   channel is secure. TLS with the above mandated cipher suite can
   provide such a secure channel.

   If a IPP client supports TLS, it MUST support the
   TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA cipher suite as mandated by RFC
   2246 [RFC2246].  All other cipher suites are OPTIONAL.

It should say:

   IPP Printers SHOULD support Transport Layer Security (TLS) [RFC2246]
   for Server Authentication and Operation Privacy. IPP Printers MAY
   also support TLS for Client Authentication.  An IPP Printer MAY
   support Basic Authentication (described in HTTP/1.1 [RFC2617]) for
   Client Authentication if the channel is secure.

Notes:

Per the PWG IPP WG discussions at the August 2014 F2F, any mention of cipher suites in RFC 2910 is inappropriate. In particular, the cipher suite mentioned is no longer mandatory in TLS/1.2.

----- Verifier notes -----
While the cipher suites listed were correct when RFC 2910 was written, the list of required/recommended cipher suites has changed since then, to the point that some what were required at the time are specifically *not* recommended now. For that reason, RFC 2910 is in need of an update. This errata report will serve to note that, until such time as the update is done and a new RFC is published.

Report New Errata