IDS> NAP binding spec new draft

IDS> NAP binding spec new draft

Randy Turner rturner at amalfisystems.com
Mon Feb 2 13:46:17 EST 2009 

Hi Brian,

I think what you're really proposing is that there would be an "IDS  
mapping document" and not a NAP document.  This one document would be  
single
reference for implementers.  Does this sound right?

Randy


On Feb 2, 2009, at 10:42 AM, Brian Smithson wrote:

> Regarding the new NAP draft:
>
> I tried to remove information that was already specified in other  
> specs (MS-SOH and HCD-ATR) but unless I am mistaken, it was not as  
> straightforward as we may have thought it might be. Nine of the  
> attributes are described in other specs, so they fit nicely into the  
> tabular format that was suggested back in October's meeting.  
> However, the other eleven needed to be described in the NAP spec and  
> for those I referred to subsequent sections for the details. Looking  
> at the overall result, I'm wondering if this has made the NAP spec  
> less usable for implementers. Some of the necessary information is  
> in the NAP spec itself, some of it needs to be retrieved from one of  
> two other documents, and some of it needs to be retrieved from yet  
> another document (PA-TNC) that is referenced by one of the  
> referenced documents (HCD-ATR).
>
> Maybe it would be better to fully specify things in the NAP spec? I  
> realize that this will place the same information in two documents  
> and risking that they lose sync with one another, but ultimately I  
> think we want a binding spec to be implementer-friendly.
>
> Let's discuss on Thursday's call...
> --
> Regards,
> Brian Smithson
> PM, Security Research
> PMP, CISSP, CISA, ISO 27000 PA
> Advanced Imaging and Network Technologies
> Ricoh Americas Corporation
> (408)346-4435
>
>
> Nevo, Ron wrote:
>>
>>
>> New NAP binding spec. updated by Brian is now posted.
>>
>> ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090130_ncb.pdf
>>
>>
>> Regards
>>
>> Ron Nevo
>>
>> Senior Product Manager
>>
>> Information Security, DVM, Standards and Compliance
>>
>> Sharp Imaging and Information Company of America
>>
>> www.sharpusa.com/products/applications/home/
>>
>> ______________________________________________
>>
>> Sharp Plaza  Mahwah    NJ 07430      nevor at sharpsec.com
>>
>> Phone: 201-760-3937   Fax: 201-529-9673  Cell: 201-220-5945
>>
>> The contents of this email are the property of the sender.
>>
>> If it was not addressed to you, you have no legal right to read it .
>>
>> If you think you received it in error, please notify the sender.
>>
>> Do not forward or copy without permission of the sender.
>>
>> "Be Secure. Be Sharp."
>>
>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.pwg.org/archives/ids/attachments/20090202/9c7ba54e/attachment.html

More information about the Ids mailing list