attachment-0001
Hi Nancy, Tuesday (12 May 2009)<br><br>Per my action from the Resource Service review during the April PWG<br>meeting, below is some text for the Security Considerations section of<br>
the Resource Service.<br><br>11.4 Security Threats from Executable Resources<br><br>Resources with a ResourceCategory of 'Executable' MUST be handled with<br>special care by implementations of the Resource Service. Such resources<br>
can pose serious threats to the integrity of the Imaging System that<br>hosts the Resource Service. In particular, such Resources can be used<br>to introduce Trojan Horses to the Imaging System. If an implementation<br>
of the Resource Service supports Executable resources, then that<br>implementation MUST restrict the storage of such resources (e.g., to<br>authorized administrators and manufacturers) and SHOULD verify the<br>safety of such resources (e.g., by virus scanning).<br>
<br>11.5 Security Threats from Static Resources<br><br>Resources with ResourceCategory of 'Static' SHOULD be treated with<br>special care by implementations of the Resource Service. Fonts that<br>have associated Intellectual Property rights (e.g., as part of their<br>
network licenses) can pose serious threats to the availability of the<br>Imaging System that hosts the Resource Service - security audits can<br>result in the shutdown or physical removal of the Imaging System. If an<br>
implementation of the Resource Service supports Static resources that<br>have associated Intellectual Property rights, then that implementation<br>SHOULD restrict the storage of such resources (e.g., to authorized<br>administrators and manufacturers) and SHOULD restrict the retrieval of<br>
such resources (e.g., to a configured group of authorized users).<br><br>Comments?<br><br>Cheers,<br>- Ira<br><br clear="all">Ira McDonald (Musician / Software Architect)<br>Chair - Linux Foundation Open Printing WG<br>Blue Roof Music/High North Inc<br>
email: <a href="mailto:blueroofmusic@gmail.com">blueroofmusic@gmail.com</a><br>winter:<br> 579 Park Place Saline, MI 48176<br> 734-944-0094<br>summer:<br> PO Box 221 Grand Marais, MI 49839<br> 906-494-2434<br>
<br />--
<br />This message has been scanned for viruses and
<br />dangerous content by
<a href="http://www.mailscanner.info/"><b>MailScanner</b></a>, and is
<br />believed to be clean.