attachment
<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><br></div>Right - I had a brain fizzle thinking that ATR was an acronym like the other examples SOH=statement of health, etc.<div><br></div><div>The ATR is the attributes document that we've been working on...</div><div><br></div><div>Just a note to anyone else on the list, I took an action item to spend time on the NEA/TNC mapping document on a previous teleconference.</div><div><br></div><div>I was hoping to use the NAP mapping document as an outline (ideally structuring the document according to the TOC of the NAP document).</div><div><br></div><div>I will take a look at the NAP document to see if it's possible to reuse the basic structure of this document for NEA. It would be nice if mapping documents</div><div>had a similar TOC (table of contents)</div><div><br></div><div>Randy</div><div><br></div><div><br><div><div>On Feb 2, 2009, at 12:04 PM, Brian Smithson wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"> <div bgcolor="#ffffff" text="#000000"> Randy,<br> <br> This is all correct except that the ATR document isn't a change, it's the document that we've already drafted (and Jerry just posted an update today).<br> <pre class="moz-signature" cols="76">--
Regards,
Brian Smithson
PM, Security Research
PMP, CISSP, CISA, ISO 27000 PA
Advanced Imaging and Network Technologies
Ricoh Americas Corporation
(408)346-4435</pre> <br> <br> Randy Turner wrote: <blockquote cite="mid:FD735333-CC33-4745-B776-87E109A96C23@amalfisystems.com" type="cite"> <div><br> </div> Ok, so when we're done, we would have 3 documents that the PWG/IDS group authors: <div><br> </div> <div>[HCD-ATR]</div> <div>[HCD-NAP]</div> <div>[HCD-NEA] or [HCD-TNC], depending on your perspective</div> <div><br> </div> <div>and these documents would reference [MS-SOH], [IETF-NEA], etc.</div> <div><br> </div> <div>If I have captured your proposal correctly, then the ATR document is the only change to what we've been doing. correct?</div> <div><br> </div> <div>Randy</div> <div><br> </div> <div><br> <div> <div> <div>On Feb 2, 2009, at 11:24 AM, Brian Smithson wrote:</div> <br class="Apple-interchange-newline"> <blockquote type="cite"> <div bgcolor="#ffffff" text="#000000"> Randy,<br> <br> Well, now I'm not sure what I'm proposing :-).<br> <br> By "IDS mapping document", do you mean a document that contains describes how the IDS attributes apply to all of the schemes that we plan to support, e.g. NAP, NEA, TNC, ...?<br> <br> What I was think I was proposing was something like this:<br> <ul> <li>[MS-SOH] specifies what is expected to support NAP. Other non-PWG documents specify what is expected for other schemes (NEA, TNC...).</li> <li>[HCD-ATR] specifies the HCD-specific attributes that shall/should be supported in all schemes.</li> <li>[HCD-NAP] specifies how the HCD-specific attributes are mapped to [MS-SOH], and if necessary, also contains describes how the standard NAP attributes should be interpreted when applied to HCDs. It would fully specify the bits and bytes of NAP support for HCDs, including both the standard NAP stuff and the HCD-specific stuff. [HCD-NEA], [HCD-TNC], ... would do the same thing for other schemes.</li> </ul> There would be some information in [HCD-NAP] that is also presented in [MS-SOH] and [HCD-ATR], and we would need to be careful to ensure that they stay in sync. I think that the main distinction between them would be that the protocol binding spec would focus on the bits and bytes, and the other documents (particularly [HCD-ATR]) would contain more descriptive information.<br> <pre class="moz-signature" cols="76">--
Regards,
Brian Smithson
PM, Security Research
PMP, CISSP, CISA, ISO 27000 PA
Advanced Imaging and Network Technologies
Ricoh Americas Corporation
(408)346-4435</pre> <br> <br> Randy Turner wrote: <blockquote cite="mid:CC159EAE-9543-42AF-9CB6-5C3004B829D9@amalfisystems.com" type="cite">Hi Brian, <div><br> </div> <div>I think what you're really proposing is that there would be an "IDS mapping document" and not a NAP document. This one document would be single</div> <div>reference for implementers. Does this sound right?</div> <div><br> </div> <div>Randy</div> <div><br> </div> <div><br> <div> <div>On Feb 2, 2009, at 10:42 AM, Brian Smithson wrote:</div> <br class="Apple-interchange-newline"> <blockquote type="cite"> <div bgcolor="#ffffff" text="#000000"> Regarding the new NAP draft:<br> <br> I tried to remove information that was already specified in other specs (MS-SOH and HCD-ATR) but unless I am mistaken, it was not as straightforward as we may have thought it might be. Nine of the attributes are described in other specs, so they fit nicely into the tabular format that was suggested back in October's meeting. However, the other eleven needed to be described in the NAP spec and for those I referred to subsequent sections for the details. Looking at the overall result, I'm wondering if this has made the NAP spec less usable for implementers. Some of the necessary information is in the NAP spec itself, some of it needs to be retrieved from one of two other documents, and some of it needs to be retrieved from yet another document (PA-TNC) that is referenced by one of the referenced documents (HCD-ATR). <br> <br> Maybe it would be better to fully specify things in the NAP spec? I realize that this will place the same information in two documents and risking that they lose sync with one another, but ultimately I think we want a binding spec to be implementer-friendly. <br> <br> Let's discuss on Thursday's call...<br> <pre class="moz-signature" cols="76">--
Regards,
Brian Smithson
PM, Security Research
PMP, CISSP, CISA, ISO 27000 PA
Advanced Imaging and Network Technologies
Ricoh Americas Corporation
(408)346-4435</pre> <br> <br> Nevo, Ron wrote: <blockquote cite="mid:B7923DC68925CF4293920DA4ACB1F75F0910D9BD@NJCEVS01.sharpamericas.com" type="cite"><!-- Converted from text/rtf format --> <div><span lang="en-us"></span><br class="webkit-block-placeholder"> </div><p dir="ltr"><span lang="en-us"><font face="Consolas">New NAP binding spec. updated by Brian is now posted.</font></span><span lang="en-us"></span></p><p dir="ltr"><span lang="en-us"><u><font color="#00b0f0" face="Consolas"><a moz-do-not-send="true" href="ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090130_ncb.pdf">ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090130_ncb.pdf</a></font></u></span><span lang="en-us"></span></p> <div><span lang="en-us"></span><span lang="en-us"></span><br class="webkit-block-placeholder"> </div><p dir="ltr"><span lang="en-us"><font face="Consolas">Regards</font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">Ron Nevo</font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">Senior Product Manager </font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">Information Security, DVM, Standards and Compliance </font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">Sharp Imaging and Information Company of America</font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas"><a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="http://www.sharpusa.com/products/applications/home/">www.sharpusa.com/products/applications/home/</a></font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">______________________________________________</font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">Sharp Plaza Mahwah NJ 07430 <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:nevor@sharpsec.com">nevor@sharpsec.com</a></font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">Phone: 201-760-3937 Fax: 201-529-9673 Cell: 201-220-5945 </font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">The contents of this email are the property of the sender. </font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">If it was not addressed to you, you have no legal right to read it .</font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">If you think you received it in error, please notify the sender. </font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">Do not forward or copy without permission of the sender.</font></span></p><p dir="ltr"><span lang="en-us"><font face="Consolas">"Be Secure. Be Sharp."</font></span></p> <div><span lang="en-us"></span><span lang="en-us"></span><span lang="en-us"></span><span lang="en-us"> </span><br class="webkit-block-placeholder"> </div> </blockquote> </div> </blockquote> </div> <br> </div> </blockquote> </div> </blockquote> </div> <br> </div> </div> </blockquote> </div> </blockquote></div><br></div></body></html>