[MFD] RE: [IDS] RE: [WIMS] MPSA Security Article

[MFD] RE: [IDS] RE: [WIMS] MPSA Security Article

William Wagner wamwagner at comcast.net
Wed Feb 9 23:17:02 UTC 2011 

Thanks Joe,

 

Updated version at
ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110209.doc 

 

Bill Wagner

 

From: Murdock, Joe [mailto:jmurdock at sharplabs.com] 
Sent: Wednesday, February 09, 2011 4:48 PM
To: William Wagner
Cc: mfd at pwg.org; ids at pwg.org; wims at pwg.org
Subject: RE: [IDS] RE: [WIMS] MPSA Security Article

 

Bill,

 

I've made a few suggested update inline:

 

 

Joe

 

 

From: ids-bounces at pwg.org [mailto:ids-bounces at pwg.org] On Behalf Of William
Wagner
Sent: Wednesday, February 09, 2011 1:11 PM
To: 'Michael Sweet'
Cc: mfd at pwg.org; ids at pwg.org; wims at pwg.org
Subject: [IDS] RE: [WIMS] MPSA Security Article

 

Many thanks to Michael for his comments.they have been reflected in the
text.  Any more comments, suggestions additions or deletions?  I would like
to send this to Jim by tomorrow afternoon.

 

Thanks,

 

Bill Wagner

 

From: Michael Sweet [mailto:msweet at apple.com] 
Sent: Tuesday, February 08, 2011 5:46 PM
To: William Wagner
Cc: wims at pwg.org; ids at pwg.org; mfd at pwg.org
Subject: Re: [WIMS] MPSA Security Article

 

On Feb 6, 2011, at 12:56 AM, William Wagner wrote:

An updated version reflecting comments made during the February face-to-face
is posted at :

ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.pdf and

ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.doc

 

This includes a short biblio and a set of survey questions.

 

Comments and corrections are solicited. It is our objective to finalize this
information and send it to MPSA by  10 February so that it can be posted
next weekend.

 

Comments (on the PDF version):

 

Page 3: At the end of the first paragraph under "Log Generation and
Availability", you have "... is often required for security purposes, (audit
log), sometimes with alerts ..." - I don't think you meant to put commas
around the parenthetical "audit log"...

 

Page 3: Paragraph starting with "Although the most secure approach" doesn't
finish the thought. I think combining the first two sentences makes it
clearer, e.g.:

 

Although the most secure approach is for devices to continually send out log
information to an external repository as events occur, this is often neither
practical nor justifiable.

 

Page 7: Question 6 is multiple choice, right?

 

Page 8: Question 7 could also be multiple choice for a, b, or c... My
recommendation would be to break this into two questions: "If you are
implementing logging, where is it kept?" and "How to you implement billing?"
with "Logs", "Simple copy count", "other", and "not implementing billing".

 

Otherwise shaping up very nicely - thanks for working on this, Bill!

 

________________________________________________________________________

Michael Sweet, Senior Printing System Engineer, PWG Chair

 

 

 


-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/mfd/attachments/20110209/7bc8f1dd/attachment-0001.html>

More information about the mfd mailing list