attachment

David H. Whitehead Development Engineer Lexmark International, Inc. 859.825.4914 davidatlexmarkdotcom ----- Forwarded by Dave Whitehead/Lex/Lexmark on 12/05/08 11:41 AM ----- <table width=100%> <tr valign=top> <td width=40%>Erhan Soyer-Osman <erhanso@windows.microsoft.com> 12/04/08 07:19 PM <td width=59%> <table width=100%> <tr valign=top> <td> <div align=right>To</div> <td>Dave Whitehead <david@lexmark.com> <tr valign=top> <td> <div align=right>cc</div> <td>Mike Fenelon <Mike.Fenelon@microsoft.com> <tr valign=top> <td> <div align=right>Subject</div> <td>RE: PWG questions on IDS</table> <table> <tr valign=top> <td> <td></table> </table> Sorry for the late response – here is what I received from the NAP team. Thanks, Erhan   1.  The NAP spec states UTF-8 string encoding and TLV elements.  There is also a statement about strings being NULL terminated.  We believe the NULL terminator was inadvertently added since it is not required for TLV elements.  That is, do we really need NULL termination? [NAP Team] Yes. The current implementation requires “Null termination” 2.  Is it Microsoft's current and future desire/intent/direction for strings to be UTF-8 encoded? [NAP Team] Currently we use UTF-8 and as of now plan to use UTF-8 in the future releases (To the best of our knowledge) but we will notify/update the necessary document when this changes along with backward compatibility directions if this changes. 3.  Is Microsoft planning any type of interoperability between NAP and Network Endpoint Assessment (NEA) from the TNC?  Maybe a gateway?  [NAP Team] Microsoft has donated NAP’s Statement of Health specification to the TCG’s TNC group, companies wishing to support NAP in their products can download and use the specification free of charge. This SOH has also been made a standard by the TNC (IF-TNCCS-SOH). See the white paper at<a href="http://download.microsoft.com/download/c/1/2/c12b5d9b-b5c5-4ead-a335-d9a13692abbb/TNC_NAP_white_paper.pdf">http://download.microsoft.com/download/c/1/2/c12b5d9b-b5c5-4ead-a335-d9a13692abbb/TNC_NAP_white_paper.pdf.</a>   We will be working with TNC/NEA in future releases as well. 4.  What happens when a device passes assessment under one mechanism but then is challenged again?  For example, first over 802.1x to attach and then DHCP to receive an address.  Do we need to start the assessment again from scratch or is there a shortcut? [NAP Team] There is no shortcut. However customers will usually choose one enforcement.  Multiple enforcement is supported but there are no smarts targeted at multiple enforcement. You need to resend the SoH to the enforcement mechanism but you can use the cached SoH intelligently. 5.   It looks like most, if not all, of the evaluation attributes will be extensions to NAP.  The only NAP attribute that may be applicable is the Product Name.  Is it appropriate for the PWG to use Product Name or should we define all our attributes as extensions? [NAP Team] Product Name is an “optional” TLV.  It is defined to be used, but on the other hand they could define their own schema in the vendor specific TLV.  6.  How can we get the extended PWG attributes to be recognized by the Microsoft validator/assessor?  Is this a plug-in supplied by a third party?  If this is an industry supported solution, would Microsoft be willing to supply any required plug-in? [NAP Team] The Microsoft WSHA/V currently does not support this. The third party can develop their own SHA/V and plug into the NAP infrastructure. Please refer to the samples provided in the NAP SDK. 7.  Just to make sure we understand it, the PWG members would really like someone familiar with NAP to profile how it would operate with print devices.  Would this be possible? [NAP Team] Yes. The NAP team would like to profile how NAP will operate with Print devices. Please let us know how we can proceed.   From:Dave Whitehead [mailto:david@lexmark.com] Sent: Wednesday, December 03, 2008 9:35 AM To: Erhan Soyer-Osman Cc: Mike Fenelon Subject: RE: PWG questions on IDS   Hi Erhan, Mike, Any update on this? Thanks, dhw David H. Whitehead Development Engineer Lexmark International, Inc. 859.825.4914 davidatlexmarkdotcom <table width=100%> <tr valign=top> <td width=40%> Erhan Soyer-Osman <erhanso@windows.microsoft.com> 11/13/08 08:46 PM <td width=59%> <table width=100%> <tr valign=top> <td width=21%> <div align=right> To</div> <td width=78%> Dave Whitehead <david@lexmark.com>, Mike Fenelon <Mike.Fenelon@microsoft.com> <tr valign=top> <td> <div align=right> cc</div> <td> <tr valign=top> <td> <div align=right> Subject</div> <td> RE: PWG questions on IDS </table>   <table width=100%> <tr valign=top> <td width=50%> <td width=50%></table> </table> Hi Dave, Thanks for your email. We just got back from WinHEC, but we will look into your questions this week and send you back responses. Erhan   From:Dave Whitehead [mailto:david@lexmark.com] Sent: Wednesday, October 29, 2008 10:58 AM To: Mike Fenelon; Erhan Soyer-Osman Subject: PWG questions on IDS   Hi Mike, Erhan, The IDS WG came up with a few questions about NAP and the Statement of Health that we would like answered to guide our work efforts.  Out next teleconference will be Nov. 6th and it would be great if we could have someone available from Microsoft to discuss the following: 1.  The NAP spec states UTF-8 string encoding and TLV elements.  There is also a statement about strings being NULL terminated.  We believe the NULL terminator was inadvertently added since it is not required for TLV elements.  That is, do we really need NULL termination? 2.  Is it Microsoft's current and future desire/intent/direction for strings to be UTF-8 encoded? 3.  Is Microsoft planning any type of interoperability between NAP and Network Endpoint Assessment (NEA) from the TNC?  Maybe a gateway? 4.  What happens when a device passes assessment under one mechanism but then is challenged again?  For example, first over 802.1x to attach and then DHCP to receive an address.  Do we need to start the assessment again from scratch or is there a shortcut? 5.   It looks like most, if not all, of the evaluation attributes will be extensions to NAP.  The only NAP attribute that may be applicable is the Product Name.  Is it appropriate for the PWG to use Product Name or should we define all our attributes as extensions? 6.  How can we get the extended PWG attributes to be recognized by the Microsoft validator/assessor?  Is this a plug-in supplied by a third party?  If this is an industry supported solution, would Microsoft be willing to supply any required plug-in? 7.  Just to make sure we understand it, the PWG members would really like someone familiar with NAP to profile how it would operate with print devices.  Would this be possible? Thanks, dhw David H. Whitehead Development Engineer Lexmark International, Inc. 859.825.4914 davidatlexmarkdotcom