attachment-0001

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#ffffff" text="#000000">
    Bill,<br>
    <br>
    I've made a few (OK, a bunch) of suggestions. Use any of them you
    think are worthwhile. I added them to Joe's suggestions.<br>
    <pre class="moz-signature" cols="76">-- 
Regards,
Brian Smithson
PMP, CSM, CISSP, CISA, ISO 27000 PA
Security Research, Planning
Advanced Customer Technologies
Ricoh Americas Corporation
<a class="moz-txt-link-abbreviated" href="mailto:bsmithson@ricohsv.com">bsmithson@ricohsv.com</a>
(408)346-4435</pre>
    <br>
    <br>
    <br>
    On 2/9/2011 1:47 PM, Murdock, Joe wrote:
    <blockquote
cite="mid:C70EE88CBAB26740BA443BE0563268301956F9@wabex3.sharpamericas.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=ISO-8859-1">
      <meta name="Generator" content="Microsoft Word 14 (filtered
        medium)">
      <base href="x-msg://165/">
      <style><!--
/* Font Definitions */
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
        {font-family:Monaco;
        panose-1:0 0 0 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
        {mso-style-priority:99;
        mso-style-link:"Balloon Text Char";
        margin:0in;
        margin-bottom:.0001pt;
        font-size:8.0pt;
        font-family:"Tahoma","sans-serif";}
span.apple-style-span
        {mso-style-name:apple-style-span;}
span.apple-converted-space
        {mso-style-name:apple-converted-space;}
span.EmailStyle19
        {mso-style-type:personal;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
span.BalloonTextChar
        {mso-style-name:"Balloon Text Char";
        mso-style-priority:99;
        mso-style-link:"Balloon Text";
        font-family:"Tahoma","sans-serif";}
span.EmailStyle22
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
      <div class="WordSection1">
        <p class="MsoNormal"><span style="font-size: 11pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);">Bill,<o:p></o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 11pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 11pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);">I&#8217;ve made a few suggested update inline:<o:p></o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 11pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 11pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);"><a moz-do-not-send="true"
href="ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110209jbm.doc">ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110209jbm.doc</a>
            <o:p></o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 11pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 11pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);">Joe<o:p></o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 11pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 11pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);"><o:p>&nbsp;</o:p></span></p>
        <div>
          <div style="border-right: medium none; border-width: 1pt
            medium medium; border-style: solid none none; border-color:
            rgb(181, 196, 223) -moz-use-text-color -moz-use-text-color;
            padding: 3pt 0in 0in;">
            <p class="MsoNormal"><b><span style="font-size: 10pt;
                  font-family:
                  &quot;Tahoma&quot;,&quot;sans-serif&quot;;">From:</span></b><span
                style="font-size: 10pt; font-family:
                &quot;Tahoma&quot;,&quot;sans-serif&quot;;">
                <a class="moz-txt-link-abbreviated" href="mailto:ids-bounces@pwg.org">ids-bounces@pwg.org</a> [<a class="moz-txt-link-freetext" href="mailto:ids-bounces@pwg.org">mailto:ids-bounces@pwg.org</a>] <b>On
                  Behalf Of </b>William Wagner<br>
                <b>Sent:</b> Wednesday, February 09, 2011 1:11 PM<br>
                <b>To:</b> 'Michael Sweet'<br>
                <b>Cc:</b> <a class="moz-txt-link-abbreviated" href="mailto:mfd@pwg.org">mfd@pwg.org</a>; <a class="moz-txt-link-abbreviated" href="mailto:ids@pwg.org">ids@pwg.org</a>; <a class="moz-txt-link-abbreviated" href="mailto:wims@pwg.org">wims@pwg.org</a><br>
                <b>Subject:</b> [IDS] RE: [WIMS] MPSA Security Article<o:p></o:p></span></p>
          </div>
        </div>
        <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        <p class="MsoNormal"><span style="font-size: 14pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);">Many thanks to Michael for his comments&#8230;they have
            been reflected in the text. &nbsp;Any more comments, suggestions
            additions or deletions?&nbsp; I would like to send this to Jim by
            tomorrow afternoon.<o:p></o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 14pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 14pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);">Thanks,<o:p></o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 14pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 14pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);">Bill Wagner<o:p></o:p></span></p>
        <p class="MsoNormal"><span style="font-size: 14pt; font-family:
            &quot;Calibri&quot;,&quot;sans-serif&quot;; color: rgb(31,
            73, 125);"><o:p>&nbsp;</o:p></span></p>
        <div>
          <div style="border-right: medium none; border-width: 1pt
            medium medium; border-style: solid none none; border-color:
            rgb(181, 196, 223) -moz-use-text-color -moz-use-text-color;
            padding: 3pt 0in 0in;">
            <p class="MsoNormal"><b><span style="font-size: 10pt;
                  font-family:
                  &quot;Tahoma&quot;,&quot;sans-serif&quot;;">From:</span></b><span
                style="font-size: 10pt; font-family:
                &quot;Tahoma&quot;,&quot;sans-serif&quot;;"> Michael
                Sweet [<a class="moz-txt-link-freetext" href="mailto:msweet@apple.com">mailto:msweet@apple.com</a>] <br>
                <b>Sent:</b> Tuesday, February 08, 2011 5:46 PM<br>
                <b>To:</b> William Wagner<br>
                <b>Cc:</b> <a class="moz-txt-link-abbreviated" href="mailto:wims@pwg.org">wims@pwg.org</a>; <a class="moz-txt-link-abbreviated" href="mailto:ids@pwg.org">ids@pwg.org</a>; <a class="moz-txt-link-abbreviated" href="mailto:mfd@pwg.org">mfd@pwg.org</a><br>
                <b>Subject:</b> Re: [WIMS] MPSA Security Article<o:p></o:p></span></p>
          </div>
        </div>
        <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        <div>
          <div>
            <p class="MsoNormal">On Feb 6, 2011, at 12:56 AM, William
              Wagner wrote:<o:p></o:p></p>
          </div>
          <blockquote style="margin-top: 5pt; margin-bottom: 5pt;">
            <div>
              <div>
                <p class="MsoNormal"><span style="font-size: 11pt;
                    font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;; color:
                    rgb(31, 73, 125);">An updated version reflecting
                    comments made during the February face-to-face is
                    posted at :</span><span style="font-size: 11pt;
                    font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;;"><o:p></o:p></span></p>
              </div>
              <div>
                <p class="MsoNormal"><span style="font-size: 11pt;
                    font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;; color:
                    rgb(31, 73, 125);"><a moz-do-not-send="true"
                      href="ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.pdf">ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.pdf</a><span
                      class="apple-converted-space">&nbsp;</span>and</span><span
                    style="font-size: 11pt; font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;;"><o:p></o:p></span></p>
              </div>
              <div>
                <p class="MsoNormal"><span style="font-size: 11pt;
                    font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;; color:
                    rgb(31, 73, 125);"><a moz-do-not-send="true"
                      href="ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.doc">ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.doc</a></span><span
                    style="font-size: 11pt; font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;;"><o:p></o:p></span></p>
              </div>
              <div>
                <p class="MsoNormal"><span style="font-size: 11pt;
                    font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;; color:
                    rgb(31, 73, 125);">&nbsp;</span><span style="font-size:
                    11pt; font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;;"><o:p></o:p></span></p>
              </div>
              <div>
                <p class="MsoNormal"><span style="font-size: 11pt;
                    font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;; color:
                    rgb(31, 73, 125);">This includes a short biblio and
                    a set of survey questions.</span><span
                    style="font-size: 11pt; font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;;"><o:p></o:p></span></p>
              </div>
              <div>
                <p class="MsoNormal"><span style="font-size: 11pt;
                    font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;; color:
                    rgb(31, 73, 125);">&nbsp;</span><span style="font-size:
                    11pt; font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;;"><o:p></o:p></span></p>
              </div>
              <div>
                <p class="MsoNormal"><span style="font-size: 11pt;
                    font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;; color:
                    rgb(31, 73, 125);">Comments and corrections are
                    solicited. It is our objective to finalize this
                    information and send it to MPSA by &nbsp;10 February so
                    that it can be posted next weekend.</span><span
                    style="font-size: 11pt; font-family:
                    &quot;Calibri&quot;,&quot;sans-serif&quot;;"><o:p></o:p></span></p>
              </div>
            </div>
          </blockquote>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
        </div>
        <p class="MsoNormal">Comments (on the PDF version):<o:p></o:p></p>
        <div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        </div>
        <div>
          <p class="MsoNormal">Page 3: At the end of the first paragraph
            under "Log Generation and Availability", you have "... is
            often required for security purposes, (audit log), sometimes
            with alerts ..." - I don't think you meant to put commas
            around the parenthetical "audit log"...<o:p></o:p></p>
        </div>
        <div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        </div>
        <div>
          <p class="MsoNormal">Page 3: Paragraph starting with "Although
            the most secure approach" doesn't finish the thought. I
            think combining the first two sentences makes it clearer,
            e.g.:<o:p></o:p></p>
        </div>
        <div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        </div>
        <blockquote style="margin: 5pt 0in 5pt 30pt;">
          <div>
            <p class="MsoNormal">Although the most secure approach is
              for devices to continually send out log information to an
              external repository as events occur, this is&nbsp;often&nbsp;neither
              practical nor justifiable.<o:p></o:p></p>
          </div>
        </blockquote>
        <div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        </div>
        <div>
          <p class="MsoNormal">Page 7: Question 6 is multiple choice,
            right?<o:p></o:p></p>
        </div>
        <div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        </div>
        <div>
          <p class="MsoNormal">Page 8: Question 7 could also be multiple
            choice for a, b, or c... My recommendation would be to break
            this into two questions: "If you are implementing logging,
            where is it kept?" and "How to you implement billing?" with
            "Logs", "Simple copy count", "other", and "not implementing
            billing".<o:p></o:p></p>
        </div>
        <div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        </div>
        <div>
          <p class="MsoNormal">Otherwise shaping up very nicely - thanks
            for working on this, Bill!<o:p></o:p></p>
        </div>
        <div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        </div>
        <div>
          <div>
            <div>
              <div>
                <p class="MsoNormal"><span style="font-family:
                    &quot;Monaco&quot;,&quot;serif&quot;;">________________________________________________________________________<o:p></o:p></span></p>
              </div>
              <div>
                <p class="MsoNormal"><span style="font-family:
                    &quot;Monaco&quot;,&quot;serif&quot;;">Michael
                    Sweet, Senior Printing System Engineer, PWG Chair<o:p></o:p></span></p>
              </div>
              <div>
                <p class="MsoNormal"><span style="font-family:
                    &quot;Monaco&quot;,&quot;serif&quot;;"><o:p>&nbsp;</o:p></span></p>
              </div>
            </div>
            <p class="MsoNormal" style="margin-bottom: 12pt;"><o:p>&nbsp;</o:p></p>
          </div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        </div>
        <p class="MsoNormal"><br>
          -- <br>
          This message has been scanned for viruses and <br>
          dangerous content by <a moz-do-not-send="true"
            href="http://www.mailscanner.info/"><b>MailScanner</b></a>,
          and is <br>
          believed to be clean. <o:p></o:p></p>
      </div>
      <br>
      -- <br>
      This message has been scanned for viruses and
      <br>
      dangerous content by
      <a moz-do-not-send="true" href="http://www.mailscanner.info/"><b>MailScanner</b></a>,
      and is
      <br>
      believed to be clean.
      <pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
ids mailing list
<a class="moz-txt-link-abbreviated" href="mailto:ids@pwg.org">ids@pwg.org</a>
<a class="moz-txt-link-freetext" href="https://www.pwg.org/mailman/listinfo/ids">https://www.pwg.org/mailman/listinfo/ids</a>
</pre>
    </blockquote>
    <br>
  <br />-- 
<br />This message has been scanned for viruses and
<br />dangerous content by
<a href="http://www.mailscanner.info/"><b>MailScanner</b></a>, and is
<br />believed to be clean.
</body>
</html>

Comments are owned by the poster. All other material is Copyright © 2001-2024 The Printer Working Group. All rights reserved. IPP Everywhere, the IPP Everywhere logo, and the PWG logo are trademarks of the IEEE-ISTO.
About the PWG · Privacy Policy · PWG Webmaster