Here are my comments against the latest draft of the IDS-Model Spec:
1. The following documents referenced in the body of the text are not listed in Section 12: [MFD-REQ] (Line 294); [IEEE2600.1, IEEE2600.2, IEEE2600.3, IEEE2600.4 (Line 438); [RFC3629], [ISO10646] and [RFC5198] (Lines 573-574).
2. Line 366: I think there is a missing period. I believe it should be "As shown in the previous subsection, many of the Imaging Services allow the storage of Digital Documents in a Document repository. Organizations with higher security requirements..."
3. Line 443: I believe there is a missing word in the sentence as follows: "Since the log records generated MUST be available for review and analysis by Administrators or Auditors who may not be conveniently collocated with the distributed Imaging Devices across the network..."
4. Line 499: The reference here is [OASIS] but in Section 12 it is [OASIS1].
5. Line 519: I think there is something wrong in the wording with the sentence on that line "To assist in the definition and organization of allowed operations and capabilities, each user, device and service may be assigned to one or more specific roles used assign and categorize the capabilities and operation allowed." Not sure how to fix it.
6. Line 523: Small typo in the definition of Administrator in Table 1 as follows: "A user who is authorized to manage all aspects of a device or service".
7. Line 523: In Table 1, there is the definition of Network Administrator. There are other configuration aspects of the device besides network configuration (like setting trays on the device). What role handles those configuration aspects?
8. Line 523: In Table 1 the definition of User is "a user who is authorized to perform normal hard copy and imaging operations". Does imaging operations cover things like printing also?
9. Line 529: The discussion in Section 6.4 doesn't cover the 'Signature' shown in Figure 1.
10. Line 548: The attribute in 184.108.40.206 is titled 'Organizational Security Elements', but it is listed as 'OrganizationSecurity' in Figure 2.
11. Line 565: The sentence indicates that there are multiple sections below ("...SHOULD support the alerts listed in the following sections" but there is only one subsection (7.2.1) included.
-------------- next part --------------
An HTML attachment was scrubbed...