From: Randy Turner (rturner@amalfisystems.com)
Date: Mon Feb 02 2009 - 14:31:06 EST
Ok, so when we're done, we would have 3 documents that the PWG/IDS
group authors:
[HCD-ATR]
[HCD-NAP]
[HCD-NEA] or [HCD-TNC], depending on your perspective
and these documents would reference [MS-SOH], [IETF-NEA], etc.
If I have captured your proposal correctly, then the ATR document is
the only change to what we've been doing. correct?
Randy
On Feb 2, 2009, at 11:24 AM, Brian Smithson wrote:
> Randy,
>
> Well, now I'm not sure what I'm proposing :-).
>
> By "IDS mapping document", do you mean a document that contains
> describes how the IDS attributes apply to all of the schemes that we
> plan to support, e.g. NAP, NEA, TNC, ...?
>
> What I was think I was proposing was something like this:
> [MS-SOH] specifies what is expected to support NAP. Other non-PWG
> documents specify what is expected for other schemes (NEA, TNC...).
> [HCD-ATR] specifies the HCD-specific attributes that shall/should be
> supported in all schemes.
> [HCD-NAP] specifies how the HCD-specific attributes are mapped to
> [MS-SOH], and if necessary, also contains describes how the standard
> NAP attributes should be interpreted when applied to HCDs. It would
> fully specify the bits and bytes of NAP support for HCDs, including
> both the standard NAP stuff and the HCD-specific stuff. [HCD-NEA],
> [HCD-TNC], ... would do the same thing for other schemes.
> There would be some information in [HCD-NAP] that is also presented
> in [MS-SOH] and [HCD-ATR], and we would need to be careful to ensure
> that they stay in sync. I think that the main distinction between
> them would be that the protocol binding spec would focus on the bits
> and bytes, and the other documents (particularly [HCD-ATR]) would
> contain more descriptive information.
> --
> Regards,
> Brian Smithson
> PM, Security Research
> PMP, CISSP, CISA, ISO 27000 PA
> Advanced Imaging and Network Technologies
> Ricoh Americas Corporation
> (408)346-4435
>
>
> Randy Turner wrote:
>>
>> Hi Brian,
>>
>> I think what you're really proposing is that there would be an "IDS
>> mapping document" and not a NAP document. This one document would
>> be single
>> reference for implementers. Does this sound right?
>>
>> Randy
>>
>>
>> On Feb 2, 2009, at 10:42 AM, Brian Smithson wrote:
>>
>>> Regarding the new NAP draft:
>>>
>>> I tried to remove information that was already specified in other
>>> specs (MS-SOH and HCD-ATR) but unless I am mistaken, it was not as
>>> straightforward as we may have thought it might be. Nine of the
>>> attributes are described in other specs, so they fit nicely into
>>> the tabular format that was suggested back in October's meeting.
>>> However, the other eleven needed to be described in the NAP spec
>>> and for those I referred to subsequent sections for the details.
>>> Looking at the overall result, I'm wondering if this has made the
>>> NAP spec less usable for implementers. Some of the necessary
>>> information is in the NAP spec itself, some of it needs to be
>>> retrieved from one of two other documents, and some of it needs to
>>> be retrieved from yet another document (PA-TNC) that is referenced
>>> by one of the referenced documents (HCD-ATR).
>>>
>>> Maybe it would be better to fully specify things in the NAP spec?
>>> I realize that this will place the same information in two
>>> documents and risking that they lose sync with one another, but
>>> ultimately I think we want a binding spec to be implementer-
>>> friendly.
>>>
>>> Let's discuss on Thursday's call...
>>> --
>>> Regards,
>>> Brian Smithson
>>> PM, Security Research
>>> PMP, CISSP, CISA, ISO 27000 PA
>>> Advanced Imaging and Network Technologies
>>> Ricoh Americas Corporation
>>> (408)346-4435
>>>
>>>
>>> Nevo, Ron wrote:
>>>>
>>>>
>>>> New NAP binding spec. updated by Brian is now posted.
>>>>
>>>> ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090130_ncb.pdf
>>>>
>>>>
>>>> Regards
>>>>
>>>> Ron Nevo
>>>>
>>>> Senior Product Manager
>>>>
>>>> Information Security, DVM, Standards and Compliance
>>>>
>>>> Sharp Imaging and Information Company of America
>>>>
>>>> www.sharpusa.com/products/applications/home/
>>>>
>>>> ______________________________________________
>>>>
>>>> Sharp Plaza Mahwah NJ 07430 nevor@sharpsec.com
>>>>
>>>> Phone: 201-760-3937 Fax: 201-529-9673 Cell: 201-220-5945
>>>>
>>>> The contents of this email are the property of the sender.
>>>>
>>>> If it was not addressed to you, you have no legal right to read
>>>> it .
>>>>
>>>> If you think you received it in error, please notify the sender.
>>>>
>>>> Do not forward or copy without permission of the sender.
>>>>
>>>> "Be Secure. Be Sharp."
>>>>
>>>>
>>
This archive was generated by hypermail 2.1.4 : Mon Feb 02 2009 - 14:31:14 EST