The reason I'm so adamant about this is....
If the TCG HCWG does indeed determine security/trust issues that are NOT covered by our existing work, there almost needs to be a "roadmap" document (maybe produced by the PWG) for hardcopy vendors that answers the question..."What specifications do I need to look at to determine how to create a secure product?" If there are overlapping methods to accomplish the same thing, the guidance is ambiguous (unless the product team has specific check-off items from customers as to which standards are required).
That being said, if the TCG HCWG does come up with something new, it's probably a good thing.......just another security/trust hole to be plugged.
----- Original Message -----
From: Dave Whitehead
To: Randy Turner
Cc: ids at pwg.org ; owner-ids at pwg.org ; STDS-2600 at LISTSERV.IEEE.ORG
Sent: Friday, April 10, 2009 6:54 AM
Subject: Re: IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference
I agree with Randy that the goals and objectives of the various bodies should not overlap. The goals and objectives of the TCG HCWG need to be complementary to those of the P2600 and PWG IDS groups.
David H. Whitehead
Lexmark International, Inc.
"Randy Turner" <rturner at amalfisystems.com>
Sent by: owner-ids at pwg.org
04/10/09 01:01 AM
To <STDS-2600 at LISTSERV.IEEE.ORG>
cc <ids at pwg.org>
Subject IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference
After reading the minutes from the latest TCG HCWG re-chartering discussion,
I have the following comment...
I think, at a minimum, any new charter for the TCG HCWG should be filtered
through the goals and objectives of the p2600 work
and the PWG-IDS activity to determine any new objectives.
in other words,
o1 = set of p2600 goals and objectives (both core standard and protection
o2 = set of PWG IDS goals and objectives (including NEA/TNC + IDS
o3 = The union of o1 and o2 (i.e., o1 U o2)
o4 = The set of proposed TCG HCWG goals and objectives
The intersection of o3 and o4 should be the empty set
----- Original Message -----
From: "Brian Smithson" <brian.smithson at RICOH-USA.COM>
To: <STDS-2600 at LISTSERV.IEEE.ORG>
Sent: Thursday, April 09, 2009 1:13 PM
Subject:  minutes from April 8 2009 TCG HCWG charter discussion
> Please see the attached meeting minutes from yesterday's teleconference
> discussion of the TCG Hardcopy Workgroup charter revision.
> Many thanks to Shah Bhatti for leading the discussion, Seigo Kotani for
> acting as interim chair and BoD liaison, Steve Hanna for providing
> perspective from the TNC WG, and Lee Farrell for contributing his
> excellent notes to the production of these minutes.
> Brian Smithson
> PM, Security Research
> PMP, CISSP, CISA, ISO 27000 PA
> Advanced Imaging and Network Technologies
> Ricoh Americas Corporation
-------------- next part --------------
An HTML attachment was scrubbed...