Tech-invite3GPPspaceIETFspace
959493929190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 8010

Internet Printing Protocol/1.1: Encoding and Transport

Pages: 51
Internet Standard: 92
Obsoletes:  29103382
Part 2 of 3 – Pages 18 to 35
First   Prev   Next

Top   ToC   RFC8010 - Page 18   prevText

3.4. Required Parameters

Some operation elements are called parameters in the Model. They MUST be encoded in a special position and they MUST NOT appear as operation attributes. These parameters are described in the subsections below.

3.4.1. "version-number"

The "version-number" field consists of a major and minor version- number, each of which is represented by a SIGNED-BYTE. The major version-number is the first byte of the encoding and the minor version-number is the second byte of the encoding. The protocol described in [RFC8011] has a major version-number of 1 (0x01) and a minor version-number of 1 (0x01). The ABNF for these two bytes is %x01.01. Note: See Section 9 for more information on the "version-number" field and IPP version numbers.

3.4.2. "operation-id"

The "operation-id" field contains an operation-id value as defined in the Model. The value is encoded as a SIGNED-SHORT and is located in the third and fourth bytes of the encoding of an operation request.
Top   ToC   RFC8010 - Page 19

3.4.3. "status-code"

The "status-code" field contains a status-code value as defined in the Model. The value is encoded as a SIGNED-SHORT and is located in the third and fourth bytes of the encoding of an operation response. If an IPP status-code is returned, then the HTTP status-code MUST be 200 (OK). With any other HTTP status-code value, the HTTP response MUST NOT contain an IPP message body, and thus no IPP status-code is returned.

3.4.4. "request-id"

The "request-id" field contains the request-id value as defined in the Model. The value is encoded as a SIGNED-INTEGER and is located in the fifth through eighth bytes of the encoding.

3.5. Tags

There are two kinds of tags: o delimiter tags: delimit major sections of the protocol, namely attribute groups and data o value tags: specify the type of each attribute value Tags are part of the IANA IPP registry [IANA-IPP]

3.5.1. "delimiter-tag" Values

Table 2 specifies the values for the delimiter tags defined in this document. These tags are registered, along with tags defined in other documents, in the "Attribute Group Tags" registry. +-----------------+------------------------------+ | Tag Value (Hex) | Meaning | +-----------------+------------------------------+ | 0x00 | Reserved | | 0x01 | "operation-attributes-tag" | | 0x02 | "job-attributes-tag" | | 0x03 | "end-of-attributes-tag" | | 0x04 | "printer-attributes-tag" | | 0x05 | "unsupported-attributes-tag" | +-----------------+------------------------------+ Table 2: "delimiter-tag" Values
Top   ToC   RFC8010 - Page 20
   When a "begin-attribute-group-tag" field occurs in the protocol, it
   means that zero or more following attributes up to the next group tag
   are attributes belonging to the attribute group specified by the
   value of the "begin-attribute-group-tag".  For example, if the value
   of "begin-attribute-group-tag" is 0x01, the following attributes are
   members of the Operations Attributes group.

   The "end-of-attributes-tag" (value 0x03) MUST occur exactly once in
   an operation and MUST be the last "delimiter-tag".  If the operation
   has a document-data group, the Document data in that group follows
   the "end-of-attributes-tag".

   The order and presence of "attribute-group" fields (whose beginning
   is marked by the "begin-attribute-group-tag" subfield) for each
   operation request and each operation response MUST be that defined in
   the Model.

   A Printer MUST treat a "delimiter-tag" (values from 0x00 through
   0x0f) differently from a "value-tag" (values from 0x10 through 0xff)
   so that the Printer knows there is an entire attribute group as
   opposed to a single value.

3.5.2. "value-tag" Values

The remaining tables show values for the "value-tag" field, which is the first octet of an attribute. The "value-tag" field specifies the type of the value of the attribute. Table 3 specifies the "out-of-band" values for the "value-tag" field defined in this document. These tags are registered, along with tags defined in other documents, in the "Out-of-Band Attribute Value Tags" registry. +-----------------+-------------+ | Tag Value (Hex) | Meaning | +-----------------+-------------+ | 0x10 | unsupported | | 0x12 | unknown | | 0x13 | no-value | +-----------------+-------------+ Table 3: Out-of-Band Values
Top   ToC   RFC8010 - Page 21
   Table 4 specifies the integer values defined in this document for the
   "value-tag" field; they are registered in the "Attribute Syntaxes"
   registry.

   +----------------+--------------------------------------------------+
   | Tag Value      | Meaning                                          |
   | (Hex)          |                                                  |
   +----------------+--------------------------------------------------+
   | 0x20           | Unassigned integer data type (see IANA IPP       |
   |                | registry)                                        |
   | 0x21           | integer                                          |
   | 0x22           | boolean                                          |
   | 0x23           | enum                                             |
   | 0x24-0x2f      | Unassigned integer data types (see IANA IPP      |
   |                | registry)                                        |
   +----------------+--------------------------------------------------+

                           Table 4: Integer Tags

   Table 5 specifies the octetString values defined in this document for
   the "value-tag" field; they are registered in the "Attribute
   Syntaxes" registry.

   +---------------+---------------------------------------------------+
   | Tag Value     | Meaning                                           |
   | (Hex)         |                                                   |
   +---------------+---------------------------------------------------+
   | 0x30          | octetString with an unspecified format            |
   | 0x31          | dateTime                                          |
   | 0x32          | resolution                                        |
   | 0x33          | rangeOfInteger                                    |
   | 0x34          | begCollection                                     |
   | 0x35          | textWithLanguage                                  |
   | 0x36          | nameWithLanguage                                  |
   | 0x37          | endCollection                                     |
   | 0x38-0x3f     | Unassigned octetString data types (see IANA IPP   |
   |               | registry)                                         |
   +---------------+---------------------------------------------------+

                         Table 5: octetString Tags
Top   ToC   RFC8010 - Page 22
   Table 6 specifies the character-string values defined in this
   document for the "value-tag" field; they are registered in the
   "Attribute Syntaxes" registry.

   +---------------+---------------------------------------------------+
   | Tag Value     | Meaning                                           |
   | (Hex)         |                                                   |
   +---------------+---------------------------------------------------+
   | 0x40          | Unassigned character-string data type (see IANA   |
   |               | IPP registry)                                     |
   | 0x41          | textWithoutLanguage                               |
   | 0x42          | nameWithoutLanguage                               |
   | 0x43          | Unassigned character-string data type (see IANA   |
   |               | IPP registry)                                     |
   | 0x44          | keyword                                           |
   | 0x45          | uri                                               |
   | 0x46          | uriScheme                                         |
   | 0x47          | charset                                           |
   | 0x48          | naturalLanguage                                   |
   | 0x49          | mimeMediaType                                     |
   | 0x4a          | memberAttrName                                    |
   | 0x4b-0x5f     | Unassigned character-string data types (see IANA  |
   |               | IPP registry)                                     |
   +---------------+---------------------------------------------------+

                           Table 6: String Tags

   Note: An attribute value always has a type, which is explicitly
   specified by its tag; one such tag value is "nameWithoutLanguage".
   An attribute's name has an implicit type, which is keyword.

   The values 0x60-0xff are reserved for future type definitions in
   Standards Track documents.

   The tag 0x7f is reserved for extending types beyond the 255 values
   available with a single byte.  A tag value of 0x7f MUST signify that
   the first four bytes of the value field are interpreted as the tag
   value.  Note this future extension doesn't affect parsers that are
   unaware of this special tag.  The tag is like any other unknown tag,
   and the value length specifies the length of a value, which contains
   a value that the parser treats atomically.  Values from 0x00000000 to
   0x3fffffff are reserved for definition in future Standards Track
   documents.  The values 0x40000000 to 0x7fffffff are reserved for
   vendor extensions.
Top   ToC   RFC8010 - Page 23

3.6. "name-length"

The "name-length" field consists of a SIGNED-SHORT and specifies the number of octets in the immediately following "name" field. The value of this field excludes the two bytes of the "name-length" field. For example, if the "name" field contains 'sides', the value of this field is 5. If a "name-length" field has a value of zero, the following "name" field is empty and the following value is treated as an additional value for the attribute encoded in the nearest preceding "attribute- with-one-value" field. Within an attribute group, if two or more attributes have the same name, the attribute group is malformed (see [RFC8011]). The zero-length name is the only mechanism for multi- valued attributes.

3.7. (Attribute) "name"

The "name" field contains the name of an attribute. The Model specifies such names.

3.8. "value-length"

The "value-length" field consists of a SIGNED-SHORT, which specifies the number of octets in the immediately following "value" field. The value of this field excludes the two bytes of the "value-length" field. For example, if the "value" field contains the keyword (string) value 'one-sided', the value of this field is 9. For any of the types represented by binary signed integers, the sender MUST encode the value in exactly four octets. For any of the types represented by binary signed bytes, e.g., the boolean type, the sender MUST encode the value in exactly one octet. For any of the types represented by character strings, the sender MUST encode the value with all the characters of the string and without any padding characters. For "out-of-band" values for the "value-tag" field defined in this document, such as 'unsupported', the "value-length" MUST be 0 and the "value" empty; the "value" has no meaning when the "value-tag" has one of these "out-of-band" values. For future "out-of-band" "value- tag" fields, the same rule holds unless the definition explicitly states that the "value-length" MAY be non-zero and the "value" non- empty
Top   ToC   RFC8010 - Page 24

3.9. (Attribute) "value"

The syntax types (specified by the "value-tag" field) and most of the details of the representation of attribute values are defined in the Model. Table 7 augments the information in the Model and defines the syntax types from the Model in terms of the five basic types defined in Section 3. The five types are US-ASCII-STRING, LOCALIZED-STRING, SIGNED-INTEGER, SIGNED-SHORT, SIGNED-BYTE, and OCTET-STRING. +----------------------+--------------------------------------------+ | Syntax of Attribute | Encoding | | Value | | +----------------------+--------------------------------------------+ | textWithoutLanguage, | LOCALIZED-STRING | | nameWithoutLanguage | | +----------------------+--------------------------------------------+ | textWithLanguage | OCTET-STRING consisting of four fields: a | | | SIGNED-SHORT, which is the number of | | | octets in the following field; a value of | | | type natural-language; a SIGNED-SHORT, | | | which is the number of octets in the | | | following field; and a value of type | | | textWithoutLanguage. The length of a | | | textWithLanguage value MUST be 4 + the | | | value of field a + the value of field c. | +----------------------+--------------------------------------------+ | nameWithLanguage | OCTET-STRING consisting of four fields: a | | | SIGNED-SHORT, which is the number of | | | octets in the following field; a value of | | | type natural-language; a SIGNED-SHORT, | | | which is the number of octets in the | | | following field; and a value of type | | | nameWithoutLanguage. The length of a | | | nameWithLanguage value MUST be 4 + the | | | value of field a + the value of field c. | +----------------------+--------------------------------------------+ | charset, | US-ASCII-STRING | | naturalLanguage, | | | mimeMediaType, | | | keyword, uri, and | | | uriScheme | | +----------------------+--------------------------------------------+ | boolean | SIGNED-BYTE where 0x00 is 'false' and 0x01 | | | is 'true' | +----------------------+--------------------------------------------+ | integer and enum | a SIGNED-INTEGER |
Top   ToC   RFC8010 - Page 25
   +----------------------+--------------------------------------------+
   | dateTime             | OCTET-STRING consisting of eleven octets   |
   |                      | whose contents are defined by              |
   |                      | "DateAndTime" in RFC 2579 [RFC2579]        |
   +----------------------+--------------------------------------------+
   | resolution           | OCTET-STRING consisting of nine octets of  |
   |                      | two SIGNED-INTEGERs followed by a SIGNED-  |
   |                      | BYTE.  The first SIGNED-INTEGER contains   |
   |                      | the value of cross-feed direction          |
   |                      | resolution.  The second SIGNED-INTEGER     |
   |                      | contains the value of feed direction       |
   |                      | resolution.  The SIGNED-BYTE contains the  |
   |                      | units value.                               |
   +----------------------+--------------------------------------------+
   | rangeOfInteger       | Eight octets consisting of two SIGNED-     |
   |                      | INTEGERs.  The first SIGNED-INTEGER        |
   |                      | contains the lower bound and the second    |
   |                      | SIGNED-INTEGER contains the upper bound.   |
   +----------------------+--------------------------------------------+
   | 1setOf X             | Encoding according to the rules for an     |
   |                      | attribute with more than one value.  Each  |
   |                      | value X is encoded according to the rules  |
   |                      | for encoding its type.                     |
   +----------------------+--------------------------------------------+
   | octetString          | OCTET-STRING                               |
   +----------------------+--------------------------------------------+
   | collection           | Encoding as defined in Section 3.1.6.      |
   +----------------------+--------------------------------------------+

                     Table 7: Attribute Value Encoding

   The attribute syntax type of the value determines its encoding and
   the value of its "value-tag".

3.10. Data

The "data" field MUST include any data required by the operation.
Top   ToC   RFC8010 - Page 26

4. Encoding of Transport Layer

HTTP/1.1 [RFC7230] is the REQUIRED transport layer for this protocol. HTTP/2 [RFC7540] is an OPTIONAL transport layer for this protocol. The operation layer has been designed with the assumption that the transport layer contains the following information: o the target URI for the operation; and o the total length of the data in the operation layer, either as a single length or as a sequence of chunks each with a length. Printer implementations MUST support HTTP over the IANA-assigned well-known port 631 (the IPP default port), although a Printer implementation can support HTTP over some other port as well. Each HTTP operation MUST use the POST method where the request-target is the object target of the operation and where the "Content-Type" of the message body in each request and response MUST be "application/ ipp". The message body MUST contain the operation layer and MUST have the syntax described in Section 3.2, "Syntax of Encoding". A Client implementation MUST adhere to the rules for a Client described for HTTP [RFC7230]. A Printer (server) implementation MUST adhere to the rules for an origin server described for HTTP [RFC7230]. An IPP server sends a response for each request that it receives. If an IPP server detects an error, it MAY send a response before it has read the entire request. If the HTTP layer of the IPP server completes processing the HTTP headers successfully, it MAY send an intermediate response, such as "100 Continue", with no IPP data before sending the IPP response. A Client MUST expect such a variety of responses from an IPP server. For further information on HTTP, consult the HTTP documents [RFC7230]. An HTTP/1.1 server MUST support chunking for IPP requests, and an IPP Client MUST support chunking for IPP responses according to HTTP/1.1 [RFC7230].

4.1. Printer URI, Job URI, and Job ID

All Printer and Job objects are identified by a Uniform Resource Identifier (URI) [RFC3986] so that they can be persistently and unambiguously referenced. Jobs can also be identified by a combination of Printer URI and Job ID.
Top   ToC   RFC8010 - Page 27
   Some operation elements are encoded twice, once as the request-target
   on the HTTP request-line and a second time as a REQUIRED operation
   attribute in the application/ipp entity.  These attributes are the
   target for the operation and are called "printer-uri" and "job-uri".

   Note: The target URI is included twice in an operation referencing
   the same IPP object, but the two URIs can be different.  For example,
   the HTTP request-target can be relative while the IPP request URI is
   absolute.

   HTTP allows Clients to generate and send a relative URI rather than
   an absolute URI.  A relative URI identifies a resource with the scope
   of the HTTP server but does not include scheme, host, or port.  The
   following statements characterize how URIs are used in the mapping of
   IPP onto HTTP:

   1.  Although potentially redundant, a Client MUST supply the target
       of the operation both as an operation attribute and as a URI at
       the HTTP layer.  The rationale for this decision is to maintain a
       consistent set of rules for mapping "application/ipp" to possibly
       many communication layers, even where URIs are not used as the
       addressing mechanism in the transport layer.

   2.  Even though these two URIs might not be literally identical (one
       being relative and the other being absolute), they MUST both
       reference the same IPP object.

   3.  The URI in the HTTP layer is either relative or absolute and is
       used by the HTTP server to route the HTTP request to the correct
       resource relative to that HTTP server.

   4.  Once the HTTP server resource begins to process the HTTP request,
       it can get the reference to the appropriate IPP Printer object
       from either the HTTP URI (using to the context of the HTTP server
       for relative URIs) or from the URI within the operation request;
       the choice is up to the implementation.

   5.  HTTP URIs can be relative or absolute, but the target URI in the
       IPP operation attribute MUST be an absolute URI.
Top   ToC   RFC8010 - Page 28

5. IPP URI Schemes

The IPP URI schemes are 'ipp' [RFC3510] and 'ipps' [RFC7472]. Clients and Printers MUST support the ipp-URI value in the following IPP attributes: o Job attributes: * job-uri * job-printer-uri o Printer attributes: * printer-uri-supported o Operation attributes: * job-uri * printer-uri Each of the above attributes identifies a Printer or Job. The ipp-URI and ipps-URI are intended as the value of the attributes in this list. All of these attributes have a syntax type of 'uri', but there are attributes with a syntax type of 'uri' that do not use the 'ipp' scheme, e.g., "job-more-info". If a Printer registers its URI with a directory service, the Printer MUST register an ipp-URI or ipps-URI. When a Client sends a request, it MUST convert a target ipp-URI to a target http-URL (or ipps-URI to a target https-URI) for the HTTP layer according to the following steps: 1. change the 'ipp' scheme to 'http' or 'ipps' scheme to 'https'; and 2. add an explicit port 631 if the ipp-URL or ipps-URL does not contain an explicit port. Note that port 631 is the IANA- assigned well-known port for the 'ipp' and 'ipps' schemes. The Client MUST use the target http-URL or https-URL in both the HTTP request-line and HTTP headers, as specified by HTTP [RFC7230]. However, the Client MUST use the target ipp-URI or ipps-URI for the value of the "printer-uri" or "job-uri" operation attribute within the application/ipp body of the request. The server MUST use the
Top   ToC   RFC8010 - Page 29
   ipp-URI or ipps-URI for the value of the "printer-uri", "job-uri", or
   "printer-uri-supported" attributes within the application/ipp body of
   the response.

   For example, when an IPP Client sends a request directly, i.e., no
   proxy, to an ipp-URI "ipp://printer.example.com/ipp/print/myqueue",
   it opens a TCP connection to port 631 (the IPP implicit port) on the
   host "printer.example.com" and sends the following data:

     POST /ipp/print/myqueue HTTP/1.1
     Host: printer.example.com:631
     Content-type: application/ipp
     Transfer-Encoding: chunked
     ...
     "printer-uri" 'ipp://printer.example.com/ipp/print/myqueue'
            (encoded in application/ipp message body)
     ...

                       Figure 11: Direct IPP Request

   As another example, when an IPP Client sends the same request as
   above via a proxy "myproxy.example.com", it opens a TCP connection to
   the proxy port 8080 on the proxy host "myproxy.example.com" and sends
   the following data:

     POST http://printer.example.com:631/ipp/print/myqueue HTTP/1.1
     Host: printer.example.com:631
     Content-type: application/ipp
     Transfer-Encoding: chunked
     ...
     "printer-uri" 'ipp://printer.example.com/ipp/print/myqueue'
            (encoded in application/ipp message body)
     ...

                      Figure 12: Proxied IPP Request

   The proxy then connects to the IPP origin server with headers that
   are the same as the "no-proxy" example above.

6. IANA Considerations

The IANA-PRINTER-MIB [RFC3805] has been updated to reference this document; the current version is available from <http://www.iana.org>. See the IANA Considerations in the document "Internet Printing Protocol/1.1: Model and Semantics" [RFC8011] for information on IANA considerations for IPP extensions. IANA has updated the existing
Top   ToC   RFC8010 - Page 30
   'application/ipp' media type registration (whose contents are defined
   in Section 3 "Encoding of the Operation Layer") with the following
   information.

   Type name: application

   Subtype name: ipp

   Required parameters: N/A

   Optional parameters: N/A

   Encoding considerations: IPP requests/responses MAY contain long
   lines and ALWAYS contain binary data (for example, attribute value
   lengths).

   Security considerations: IPP requests/responses do not introduce any
   security risks not already inherent in the underlying transport
   protocols.  Protocol mixed-version interworking rules in [RFC8011] as
   well as protocol-encoding rules in this document are complete and
   unambiguous.  See also the security considerations in this document
   and [RFC8011].

   Interoperability considerations: IPP requests (generated by Clients)
   and responses (generated by servers) MUST comply with all conformance
   requirements imposed by the normative specifications [RFC8011] and
   this document.  Protocol-encoding rules specified in RFC 8010 are
   comprehensive so that interoperability between conforming
   implementations is guaranteed (although support for specific optional
   features is not ensured).  Both the "charset" and "natural-language"
   of all IPP attribute values that are a LOCALIZED-STRING are explicit
   within IPP requests/responses (without recourse to any external
   information in HTTP, SMTP, or other message transport headers).

   Published specifications: RFCs 8010 and 8011

   Applications that use this media type: Internet Printing Protocol
   (IPP) print clients and print servers that communicate using HTTP/
   HTTPS or other transport protocols.  Messages of type "application/
   ipp" are self-contained and transport independent, including
   "charset" and "natural-language" context for any LOCALIZED-STRING
   value.

   Fragment identifier considerations: N/A
Top   ToC   RFC8010 - Page 31
   Additional information:

      Deprecated alias names for this type: N/A
      Magic number(s): N/A
      File extension(s): N/A
      Macintosh file type code(s): N/A

   Person & email address to contact for further information:

      ISTO PWG IPP Workgroup <ipp@pwg.org>

   Intended usage: COMMON

   Restrictions on usage: N/A

   Author: ISTO PWG IPP Workgroup <ipp@pwg.org>

   Change controller: ISTO PWG IPP Workgroup <ipp@pwg.org>

   Provisional registration? (standards tree only): No

7. Internationalization Considerations

See the section on "Internationalization Considerations" in the document "Internet Printing Protocol/1.1: Model and Semantics" [RFC8011] for information on internationalization. This document adds no additional issues.

8. Security Considerations

The IPP Model and Semantics document [RFC8011] discusses high-level security requirements (Client Authentication, Server Authentication, and Operation Privacy). Client Authentication is the mechanism by which the Client proves its identity to the server in a secure manner. Server Authentication is the mechanism by which the server proves its identity to the Client in a secure manner. Operation Privacy is defined as a mechanism for protecting operations from eavesdropping. Message Integrity is addressed in the document "Internet Printing Protocol (IPP) over HTTPS Transport Binding and the 'ipps' URI Scheme" [RFC7472].

8.1. Security Conformance Requirements

This section defines the security requirements for IPP Clients and IPP objects.
Top   ToC   RFC8010 - Page 32

8.1.1. Digest Authentication

IPP Clients and Printers SHOULD support Digest Authentication [RFC7616]. Use of the Message Integrity feature (qop="auth-int") is OPTIONAL. Note: Previous versions of this specification required support for the MD5 algorithms; however, [RFC7616] makes SHA2-256 mandatory to implement and deprecates MD5, only allowing its use for backwards compatibility reasons. IPP implementations that support Digest Authentication MUST support SHA2-256 and SHOULD support MD5 for backwards compatibility. Note: The reason that IPP Clients and Printers SHOULD (rather than MUST) support Digest Authentication is that there is a certain class of Output Devices where it does not make sense. Specifically, a low- end device with limited ROM space and low paper throughput may not need Client Authentication. This class of device typically requires firmware designers to make trade-offs between protocols and functionality to arrive at the lowest-cost solution possible. Factored into the designer's decisions is not just the size of the code, but also the testing, maintenance, usefulness, and time-to- market impact for each feature delivered to the customer. Forcing such low-end devices to provide security in order to claim IPP/1.1 conformance would not make business sense. Print devices that have high-volume throughput and have available ROM space will typically provide support for Client Authentication that safeguards the device from unauthorized access because these devices are prone to a high loss of consumables and paper if unauthorized access occurs.

8.1.2. Transport Layer Security (TLS)

IPP Clients and Printers SHOULD support Transport Layer Security (TLS) [RFC5246] [RFC7525] for Server Authentication and Operation Privacy. IPP Printers MAY also support TLS for Client Authentication. IPP Clients and Printers MAY support Basic Authentication [RFC7617] for User Authentication if the channel is secure, e.g., IPP over HTTPS [RFC7472]. IPP Clients and Printers SHOULD NOT support Basic Authentication over insecure channels. The IPP Model and Semantics document [RFC8011] defines two Printer attributes ("uri-authentication-supported" and "uri-security- supported") that the Client can use to discover the security policy of a Printer. That document also outlines IPP-specific security considerations and is the primary reference for security implications with regard to the IPP itself.
Top   ToC   RFC8010 - Page 33
   Note: Because previous versions of this specification did not require
   TLS support, this version cannot require it for IPP/1.1.  However,
   since printing often involves a great deal of sensitive or private
   information (medical reports, performance reviews, banking
   information, etc.) and network monitoring is pervasive ([RFC7258]),
   implementors are strongly encouraged to include TLS support.

   Note: Because IPP Printers typically use self-signed X.509
   certificates, IPP Clients SHOULD support Trust On First Use (defined
   in [RFC7435]) in addition to traditional X.509 certificate
   validation.

8.2. Using IPP with TLS

IPP uses the "Upgrading to TLS Within HTTP/1.1" mechanism [RFC2817] for 'ipp' URIs. The Client requests a secure TLS connection by using the HTTP "Upgrade" header while the server agrees in the HTTP response. The switch to TLS occurs either because the server grants the Client's request to upgrade to TLS or a server asks to switch to TLS in its response. Secure communication begins with a server's response to switch to TLS. IPP uses the "HTTPS: HTTP over TLS" mechanism [RFC2818] for 'ipps' URIs. The Client and server negotiate a secure TLS connection immediately and unconditionally.

9. Interoperability with Other IPP Versions

It is beyond the scope of this specification to mandate conformance with versions of IPP other than 1.1. IPP was deliberately designed, however, to make supporting other versions easy. IPP objects (Printers, Jobs, etc.) SHOULD: o understand any valid request whose major "version-number" is greater than 0; and o respond appropriately with a response containing the same "version-number" parameter value used by the Client in the request (if the Client-supplied "version-number" is supported) or the highest "version-number" supported by the Printer (if the Client- supplied "version-number" is not supported). IPP Clients SHOULD: o understand any valid response whose major "version-number" is greater than 0.
Top   ToC   RFC8010 - Page 34

9.1. The "version-number" Parameter

The following are rules regarding the "version-number" parameter (see Section 3.3): 1. Clients MUST send requests containing a "version-number" parameter with the highest supported value, e.g., '1.1', '2.0', etc., and SHOULD try supplying alternate version numbers if they receive a 'server-error-version-not-supported' error return in a response. For example, if a Client sends an IPP/2.0 request that is rejected with the 'server-error-version-not-supported' error and an IPP/1.1 "version-number", it SHOULD retry by sending an IPP/1.1 request. 2. IPP objects (Printers, Jobs, etc.) MUST accept requests containing a "version-number" parameter with a '1.1' value (or reject the request for reasons other than 'server-error-version- not-supported'). 3. IPP objects SHOULD either accept requests whose major version is greater than 0 or reject such requests with the 'server-error- version-not-supported' status-code. See Section 4.1.8 of [RFC8011]. 4. In any case, security MUST NOT be compromised when a Client supplies a lower "version-number" parameter in a request. For example, if an IPP/2.0 conforming Printer accepts version '1.1' requests and is configured to enforce Digest Authentication, it MUST do the same for a version '1.1' request.

9.2. Security and URI Schemes

The following are rules regarding security, the "version-number" parameter, and the URI scheme supplied in target attributes and responses: 1. When a Client supplies a request, the "printer-uri" or "job-uri" target operation attribute MUST have the same scheme as that indicated in one of the values of the "printer-uri-supported" Printer attribute. 2. When the Printer returns the "job-printer-uri" or "job-uri" Job Description attributes, it SHOULD return the same scheme ('ipp', 'ipps', etc.) that the Client supplied in the "printer-uri" or "job-uri" target operation attributes in the Get-Job-Attributes or Get-Jobs request, rather than the scheme used when the Job was created. However, when a Client requests Job attributes using the Get-Job-Attributes or Get-Jobs operations, the Jobs and Job
Top   ToC   RFC8010 - Page 35
       attributes that the Printer returns depends on: (1) the security
       in effect when the Job was created, (2) the security in effect in
       the query request, and (3) the security policy in force.

   3.  The Printer MUST enforce its security and privacy policies based
       on the owner of the IPP object and the URI scheme and/or
       credentials supplied by the Client in the current request.

10. Changes since RFC 2910

The following changes have been made since the publication of RFC 2910: o Added references to current IPP extension specifications. o Added optional support for HTTP/2. o Added collection attribute syntax from RFC 3382. o Fixed typographical errors. o Now reference TLS/1.2 and no longer mandate the TLS/1.0 MTI ciphersuites. o Updated all references. o Updated document organization to follow current style. o Updated example ipp: URIs to follow guidelines in RFC 7472. o Updated version compatibility for all versions of IPP. o Updated HTTP Digest Authentication to optional for Clients. o Removed references to (Experimental) IPP/1.0 and usage of http:/https: URLs.


(next page on part 3)

Next Section