IDS> NAP binding spec new draft

IDS> NAP binding spec new draft

IDS> NAP binding spec new draft

Randy Turner rturner at
Mon Feb 2 14:31:06 EST 2009

Ok, so when we're done, we would have 3 documents that the PWG/IDS  
group authors:

[HCD-NEA] or [HCD-TNC], depending on your perspective

and these documents would reference [MS-SOH], [IETF-NEA], etc.

If I have captured your proposal correctly, then the ATR document is  
the only change to what we've been doing. correct?


On Feb 2, 2009, at 11:24 AM, Brian Smithson wrote:

> Randy,
> Well, now I'm not sure what I'm proposing :-).
> By "IDS mapping document", do you mean a document that contains  
> describes how the IDS attributes apply to all of the schemes that we  
> plan to support, e.g. NAP, NEA, TNC, ...?
> What I was think I was proposing was something like this:
> [MS-SOH] specifies what is expected to support NAP. Other non-PWG  
> documents specify what is expected for other schemes (NEA, TNC...).
> [HCD-ATR] specifies the HCD-specific attributes that shall/should be  
> supported in all schemes.
> [HCD-NAP] specifies how the HCD-specific attributes are mapped to  
> [MS-SOH], and if necessary, also contains describes how the standard  
> NAP attributes should be interpreted when applied to HCDs. It would  
> fully specify the bits and bytes of NAP support for HCDs, including  
> both the standard NAP stuff and the HCD-specific stuff. [HCD-NEA],  
> [HCD-TNC], ... would do the same thing for other schemes.
> There would be some information in [HCD-NAP] that is also presented  
> in [MS-SOH] and [HCD-ATR], and we would need to be careful to ensure  
> that they stay in sync. I think that the main distinction between  
> them would be that the protocol binding spec would focus on the bits  
> and bytes, and the other documents (particularly [HCD-ATR]) would  
> contain more descriptive information.
> --
> Regards,
> Brian Smithson
> PM, Security Research
> Advanced Imaging and Network Technologies
> Ricoh Americas Corporation
> (408)346-4435
> Randy Turner wrote:
>> Hi Brian,
>> I think what you're really proposing is that there would be an "IDS  
>> mapping document" and not a NAP document.  This one document would  
>> be single
>> reference for implementers.  Does this sound right?
>> Randy
>> On Feb 2, 2009, at 10:42 AM, Brian Smithson wrote:
>>> Regarding the new NAP draft:
>>> I tried to remove information that was already specified in other  
>>> specs (MS-SOH and HCD-ATR) but unless I am mistaken, it was not as  
>>> straightforward as we may have thought it might be. Nine of the  
>>> attributes are described in other specs, so they fit nicely into  
>>> the tabular format that was suggested back in October's meeting.  
>>> However, the other eleven needed to be described in the NAP spec  
>>> and for those I referred to subsequent sections for the details.  
>>> Looking at the overall result, I'm wondering if this has made the  
>>> NAP spec less usable for implementers. Some of the necessary  
>>> information is in the NAP spec itself, some of it needs to be  
>>> retrieved from one of two other documents, and some of it needs to  
>>> be retrieved from yet another document (PA-TNC) that is referenced  
>>> by one of the referenced documents (HCD-ATR).
>>> Maybe it would be better to fully specify things in the NAP spec?  
>>> I realize that this will place the same information in two  
>>> documents and risking that they lose sync with one another, but  
>>> ultimately I think we want a binding spec to be implementer- 
>>> friendly.
>>> Let's discuss on Thursday's call...
>>> --
>>> Regards,
>>> Brian Smithson
>>> PM, Security Research
>>> PMP, CISSP, CISA, ISO 27000 PA
>>> Advanced Imaging and Network Technologies
>>> Ricoh Americas Corporation
>>> (408)346-4435
>>> Nevo, Ron wrote:
>>>> New NAP binding spec. updated by Brian is now posted.
>>>> Regards
>>>> Ron Nevo
>>>> Senior Product Manager
>>>> Information Security, DVM, Standards and Compliance
>>>> Sharp Imaging and Information Company of America
>>>> ______________________________________________
>>>> Sharp Plaza  Mahwah    NJ 07430      nevor at
>>>> Phone: 201-760-3937   Fax: 201-529-9673  Cell: 201-220-5945
>>>> The contents of this email are the property of the sender.
>>>> If it was not addressed to you, you have no legal right to read  
>>>> it .
>>>> If you think you received it in error, please notify the sender.
>>>> Do not forward or copy without permission of the sender.
>>>> "Be Secure. Be Sharp."

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the Ids mailing list