whitepaper
HP Jetdirect and SSL/TLS
June 2008
Table of Contents: |
|
Introduction | 1 |
What is SSL/TLS? | 2 |
HTTPS Decoded | 3 |
Digital Certificates | 9 |
Public Key Infrastructure and Public Key Certificate Basics | 12 |
SSL/TLS Protocol Basics | 20 |
Using HTTPS with HP Jetdirect | 26 |
A Detailed Look at the SSL/TLS Connection | 52 |
SSL/TLS Server Settings | 60 |
HP Jetdirect as an SSL/TLS Client | 61 |
SSL/TLS Client: Understanding Certificate Chains | 77 |
SSL/TLS Client: Certificates and Name Verification | 83 |
IPP over SSL/TLS | 89 |
HP Jetdirect Certificate Guidelines | 94 |
Embedded Devices and Digital Certificates | 94 |
Which HP Jetdirect Products Support SSL/TLS? | 95 |
Summary | 95 |
Introduction
HP Jetdirect introduced SSL/TLS support in early 2002 with the 615n EIO Print Server. A free firmware upgrade allowed the 610n EIO print server, shipped in 2000, the same capability. Suddenly, a few million HP Jetdirect EIO cards had SSL/TLS capability. Why?
The answer was secure management. HP printing and imaging devices were becoming more complex and more feature oriented. They were becoming valuable assets to a company’s infrastructure. Having the ability to use a browser to manage a device using HTTP was one thing, using the same browser and using HTTPS to manage it securely was a great benefit. Unfortunately, many users of HTTPS are under a false sense of security because they have not deployed SSL/TLS
1