> But it officially requires support for IPP version 1.0, which used > SSLv3. > I assume that there are printers, perhaps many were sold, which did use > version 1.0. That version used SSLv3 for encrypted communication. Which > is now gone.
Almost certainly. > > How should we deal with this problem? Here's a nickel kid - buy a better printer? Seriously. we just won't be conformant. These protocols are designed by industry consortiums who want to sell product at lowest cost, not care about security. If you seriously must have insecure stuff, well, that's why OpenSSL still exists, you can always build with that.
