[cups.general] Securing IPP traffic

[none]

Thanks for the advice.

We are a Kyocera house (you won't belive it when you see how many 
drivers we use.). Some of our reports are written partly in prescribe. 
As Kyocera don't appear to support IPP it looks like we will be speaking 
to Axis. Good to know that we are on the right track though.

Don't suppose you know if there are any case studies for CUPS? Fail over 
clustering sort of thing.

Funny thing is that I have just said no to a much larger cups 
deployment. We have over 1100 printers being shared off a windows print 
server. Recently the server failed and we found that recovering a large 
scale windows print environment is no joke. Over 100 drivers on the 
server.. 2 days later and we are still catching problems which affect 
one or two users. Management wanted to know of alternatives. As I am the 
only UNIX guy I took two long steps backwards. No way I want to be the 
only point of support.

Cheers,

Matthew.



Michael R Sweet wrote:
> none wrote:
>> ...
>> Has anybody attempted such work?
> 
> Yes, and in general it works; the main issue is that we don't
> validate or revoke certificates so man-in-the-middle attacks are
> possible.  See:
> 
>     http://www.cups.org/documentation.php/security.html
> 
>> Any suggestions for printers / embedded print servers which support 
>> encrypted IPP?
> 
> I've seen a few non-production laser printers recently start
> supporting encryption.  I have a Brother MFC-9840 at home that does,
> and I'm pretty sure all of Brother's current network laser printers
> support encryption as well.  I've also heard that Ricoh and Xerox
> have some that do SSL/TLS, although I've not played with it.
> 
> Axis has several "professional" print servers (the 5000 series) that
> support SSL and TLS for printing via parallel/USB.
>