attachment-0001
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Hi Randy,<br>
<br>
HCD Configuration Flags is composed of some boolean attributes in the
IDS attribute doc. Look at the end of 4.1.1.4 "For additional
information, refer to HCD_Forwarding_Enabled,
HCD_Default_Password_Enabled, and HCD_PSTN_Fax_Enabled in
[HCD-ATR],...".<br>
<br>
However, there are some other inconsistencies that we should work out
during the F2F in this area:<br>
<ol>
<li>In HCD-ATR, they are single-bit attributes. In HCD-NAP, they have
two bits, one bit for the attribute as described in HCD-ATR, and the
second bit indicates whether the function is supported or not.<br>
</li>
<li>If it is correct to have that second bit (and I think it is, at
least for Forwarding and PSTN Fax), then shouldn't those attributes be
listed in HCD-ATR as conditionally mandatory?</li>
<li>In HCD-ATR, PSTN Fax does not appear in either the mandatory list
or the conditionally mandatory list.</li>
<li>In HCD-NAP, the flag is called "Administrative Password
Configuration" and the meaning is "configured / not configured".
However, in HCD-ATR, it is "Default Password Enabled" and the meaning
is "no default passwords / some default passwords".<br>
</li>
</ol>
<pre class="moz-signature" cols="76">--
Regards,
Brian Smithson
PM, Security Research
PMP, CSM, CISSP, CISA, ISO 27000 PA
Advanced Imaging and Network Technologies
Ricoh Americas Corporation
(408)346-4435</pre>
<br>
<br>
Randy Turner wrote:
<blockquote
cite="mid:CDE068F1-754A-417A-A2DD-F90D819C02E1@amalfisystems.com"
type="cite">Hi Brian,
<br>
<br>
In section 4.1.1.4 of your latest doc the name of this section is "HCD
Configuration Flags" but I can't find a reference for this attribute in
<br>
the high-level IDS attribute doc? Is this meant to be "HCD
Configuration State" ?
<br>
<br>
Thanks,
<br>
Randy
<br>
<br>
<br>
On Aug 12, 2009, at 5:28 PM, Brian Smithson wrote:
<br>
<br>
<blockquote type="cite">Joe made quite a few edits (in red) and I
added a few (in blue). It is
<br>
here <a class="moz-txt-link-freetext" href="ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090811.pdf">ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090811.pdf</a> with
<br>
change marks, and here
<br>
<a class="moz-txt-link-freetext" href="ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090811_ncb.pdf">ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090811_ncb.pdf</a>
without.
<br>
<br>
-- <br>
Regards,
<br>
Brian Smithson
<br>
PM, Security Research
<br>
PMP, CSM, CISSP, CISA, ISO 27000 PA
<br>
Advanced Imaging and Network Technologies
<br>
Ricoh Americas Corporation
<br>
(408)346-4435
<br>
<br>
<br>
-- <br>
This message has been scanned for viruses and
<br>
dangerous content by MailScanner, and is
<br>
believed to be clean.
<br>
<br>
_______________________________________________
<br>
ids mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:ids@pwg.org">ids@pwg.org</a>
<br>
<a class="moz-txt-link-freetext" href="https://www.pwg.org/mailman/listinfo/ids">https://www.pwg.org/mailman/listinfo/ids</a>
<br>
<br>
</blockquote>
<br>
<br>
</blockquote>
<br />--
<br />This message has been scanned for viruses and
<br />dangerous content by
<a href="http://www.mailscanner.info/"><b>MailScanner</b></a>, and is
<br />believed to be clean.
</body>
</html>