IDS> NAP SSOH required attributes

IDS> NAP SSOH required attributes

IDS> NAP SSOH required attributes

nchen at okidata.com nchen at okidata.com
Thu Jan 22 15:14:28 EST 2009


Hi All,

Here are the questions I raised in today's teleconference.

There are four System SoH attributes required by NAP we have not addressed 
so far. They are addressed by the IF-TNCCS document (the TNC-NAP binding 
document).

These three attributes are:

1) MS-Quarantine-State - used to communicate information about the desired 
or resulting permission to a requested network resource for an endpoint. 
This attribute must be present both in SSoH (request) and SSoHR (response) 
message from/to an endpoint.
2) MS-Machine-Inventory - used to communicate information about the host 
operating system and its processor architecture. These values may be used 
by a server to make policy decisions. This attribute must be present in 
SSoH in request.
3) MS-Packet-Info - used to communicate information version and intent 
(request or response) of the SSoH and SSoHR.
4) MS-CorrelationId - used for facilitates correlation messages related to 
a single transaction together across multiple machines. This attribute 
must be present in both SSoH and SSoR messages.

The TNC or NAP protocols are designed for PCs. Should we address these 
REQUIRED attributes in PWG HCD's health attribute mapping to NAP's SSoH 
and SSoHR? Should we require such attributes in HCD's health attribute for 
mapping to other protocols? As we proceed to propose our HCD Class plug-in 
to the MS NAP team, how should we address these REQUIRED attributes?

May be these questions are too early at this stage. But I think we should 
keep these in mind as we build the standard.

-Nancy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.pwg.org/archives/ids/attachments/20090122/e2863d58/attachment.html


More information about the Ids mailing list