Re: IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference

From: Randy Turner (rturner@amalfisystems.com)
Date: Fri Apr 10 2009 - 12:20:16 EDT

  • Next message: William Wagner: "RE: IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference"

    The reason I'm so adamant about this is....

    If the TCG HCWG does indeed determine security/trust issues that are NOT covered by our existing work, there almost needs to be a "roadmap" document (maybe produced by the PWG) for hardcopy vendors that answers the question..."What specifications do I need to look at to determine how to create a secure product?" If there are overlapping methods to accomplish the same thing, the guidance is ambiguous (unless the product team has specific check-off items from customers as to which standards are required).

    That being said, if the TCG HCWG does come up with something new, it's probably a good thing.......just another security/trust hole to be plugged.

    Randy

      ----- Original Message -----
      From: Dave Whitehead
      To: Randy Turner
      Cc: ids@pwg.org ; owner-ids@pwg.org ; STDS-2600@LISTSERV.IEEE.ORG
      Sent: Friday, April 10, 2009 6:54 AM
      Subject: Re: IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference

      All,

      I agree with Randy that the goals and objectives of the various bodies should not overlap. The goals and objectives of the TCG HCWG need to be complementary to those of the P2600 and PWG IDS groups.

      dhw

      David H. Whitehead
      Development Engineer
      Lexmark International, Inc.
      859.825.4914
      davidatlexmarkdotcom

            "Randy Turner" <rturner@amalfisystems.com>
            Sent by: owner-ids@pwg.org
            04/10/09 01:01 AM
           To <STDS-2600@LISTSERV.IEEE.ORG>
                  cc <ids@pwg.org>
                  Subject IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference

                  

           

      Hi All,

      After reading the minutes from the latest TCG HCWG re-chartering discussion,
      I have the following comment...

      I think, at a minimum, any new charter for the TCG HCWG should be filtered
      through the goals and objectives of the p2600 work
      and the PWG-IDS activity to determine any new objectives.

      in other words,

      o1 = set of p2600 goals and objectives (both core standard and protection
      profiles)
      o2 = set of PWG IDS goals and objectives (including NEA/TNC + IDS
      attributes)
      o3 = The union of o1 and o2 (i.e., o1 U o2)

      o4 = The set of proposed TCG HCWG goals and objectives

      The intersection of o3 and o4 should be the empty set

      Thanks,
      Randy

      ----- Original Message -----
      From: "Brian Smithson" <brian.smithson@RICOH-USA.COM>
      To: <STDS-2600@LISTSERV.IEEE.ORG>
      Sent: Thursday, April 09, 2009 1:13 PM
      Subject: [2600] minutes from April 8 2009 TCG HCWG charter discussion
      teleconference

    > Please see the attached meeting minutes from yesterday's teleconference
    > discussion of the TCG Hardcopy Workgroup charter revision.
    >
    > Many thanks to Shah Bhatti for leading the discussion, Seigo Kotani for
    > acting as interim chair and BoD liaison, Steve Hanna for providing
    > perspective from the TNC WG, and Lee Farrell for contributing his
    > excellent notes to the production of these minutes.
    >
    > --
    > Regards,
    > Brian Smithson
    > PM, Security Research
    > PMP, CISSP, CISA, ISO 27000 PA
    > Advanced Imaging and Network Technologies
    > Ricoh Americas Corporation
    > (408)346-4435
    >
    >

    This archive was generated by hypermail 2.1.4 : Fri Apr 10 2009 - 12:20:50 EDT