IDS> NAP binding spec new draft

IDS> NAP binding spec new draft

IDS> NAP binding spec new draft

Randy Turner rturner at amalfisystems.com
Mon Feb 2 14:31:06 EST 2009


Ok, so when we're done, we would have 3 documents that the PWG/IDS  
group authors:

[HCD-ATR]
[HCD-NAP]
[HCD-NEA] or [HCD-TNC], depending on your perspective

and these documents would reference [MS-SOH], [IETF-NEA], etc.

If I have captured your proposal correctly, then the ATR document is  
the only change to what we've been doing. correct?

Randy


On Feb 2, 2009, at 11:24 AM, Brian Smithson wrote:

> Randy,
>
> Well, now I'm not sure what I'm proposing :-).
>
> By "IDS mapping document", do you mean a document that contains  
> describes how the IDS attributes apply to all of the schemes that we  
> plan to support, e.g. NAP, NEA, TNC, ...?
>
> What I was think I was proposing was something like this:
> [MS-SOH] specifies what is expected to support NAP. Other non-PWG  
> documents specify what is expected for other schemes (NEA, TNC...).
> [HCD-ATR] specifies the HCD-specific attributes that shall/should be  
> supported in all schemes.
> [HCD-NAP] specifies how the HCD-specific attributes are mapped to  
> [MS-SOH], and if necessary, also contains describes how the standard  
> NAP attributes should be interpreted when applied to HCDs. It would  
> fully specify the bits and bytes of NAP support for HCDs, including  
> both the standard NAP stuff and the HCD-specific stuff. [HCD-NEA],  
> [HCD-TNC], ... would do the same thing for other schemes.
> There would be some information in [HCD-NAP] that is also presented  
> in [MS-SOH] and [HCD-ATR], and we would need to be careful to ensure  
> that they stay in sync. I think that the main distinction between  
> them would be that the protocol binding spec would focus on the bits  
> and bytes, and the other documents (particularly [HCD-ATR]) would  
> contain more descriptive information.
> --
> Regards,
> Brian Smithson
> PM, Security Research
> PMP, CISSP, CISA, ISO 27000 PA
> Advanced Imaging and Network Technologies
> Ricoh Americas Corporation
> (408)346-4435
>
>
> Randy Turner wrote:
>>
>> Hi Brian,
>>
>> I think what you're really proposing is that there would be an "IDS  
>> mapping document" and not a NAP document.  This one document would  
>> be single
>> reference for implementers.  Does this sound right?
>>
>> Randy
>>
>>
>> On Feb 2, 2009, at 10:42 AM, Brian Smithson wrote:
>>
>>> Regarding the new NAP draft:
>>>
>>> I tried to remove information that was already specified in other  
>>> specs (MS-SOH and HCD-ATR) but unless I am mistaken, it was not as  
>>> straightforward as we may have thought it might be. Nine of the  
>>> attributes are described in other specs, so they fit nicely into  
>>> the tabular format that was suggested back in October's meeting.  
>>> However, the other eleven needed to be described in the NAP spec  
>>> and for those I referred to subsequent sections for the details.  
>>> Looking at the overall result, I'm wondering if this has made the  
>>> NAP spec less usable for implementers. Some of the necessary  
>>> information is in the NAP spec itself, some of it needs to be  
>>> retrieved from one of two other documents, and some of it needs to  
>>> be retrieved from yet another document (PA-TNC) that is referenced  
>>> by one of the referenced documents (HCD-ATR).
>>>
>>> Maybe it would be better to fully specify things in the NAP spec?  
>>> I realize that this will place the same information in two  
>>> documents and risking that they lose sync with one another, but  
>>> ultimately I think we want a binding spec to be implementer- 
>>> friendly.
>>>
>>> Let's discuss on Thursday's call...
>>> --
>>> Regards,
>>> Brian Smithson
>>> PM, Security Research
>>> PMP, CISSP, CISA, ISO 27000 PA
>>> Advanced Imaging and Network Technologies
>>> Ricoh Americas Corporation
>>> (408)346-4435
>>>
>>>
>>> Nevo, Ron wrote:
>>>>
>>>>
>>>> New NAP binding spec. updated by Brian is now posted.
>>>>
>>>> ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090130_ncb.pdf
>>>>
>>>>
>>>> Regards
>>>>
>>>> Ron Nevo
>>>>
>>>> Senior Product Manager
>>>>
>>>> Information Security, DVM, Standards and Compliance
>>>>
>>>> Sharp Imaging and Information Company of America
>>>>
>>>> www.sharpusa.com/products/applications/home/
>>>>
>>>> ______________________________________________
>>>>
>>>> Sharp Plaza  Mahwah    NJ 07430      nevor at sharpsec.com
>>>>
>>>> Phone: 201-760-3937   Fax: 201-529-9673  Cell: 201-220-5945
>>>>
>>>> The contents of this email are the property of the sender.
>>>>
>>>> If it was not addressed to you, you have no legal right to read  
>>>> it .
>>>>
>>>> If you think you received it in error, please notify the sender.
>>>>
>>>> Do not forward or copy without permission of the sender.
>>>>
>>>> "Be Secure. Be Sharp."
>>>>
>>>>
>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.pwg.org/archives/ids/attachments/20090202/3c0bd9e0/attachment.html


More information about the Ids mailing list