attachment

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#ffffff" text="#000000"> Randy, Well, now I'm not sure what I'm proposing :-). By "IDS mapping document", do you mean a document that contains describes how the IDS attributes apply to all of the schemes that we plan to support, e.g. NAP, NEA, TNC, ...? What I was think I was proposing was something like this: <ul> <li>[MS-SOH] specifies what is expected to support NAP. Other non-PWG documents specify what is expected for other schemes (NEA, TNC...).</li> <li>[HCD-ATR] specifies the HCD-specific attributes that shall/should be supported in all schemes.</li> <li>[HCD-NAP] specifies how the HCD-specific attributes are mapped to [MS-SOH], and if necessary, also contains describes how the standard NAP attributes should be interpreted when applied to HCDs. It would fully specify the bits and bytes of NAP support for HCDs, including both the standard NAP stuff and the HCD-specific stuff. [HCD-NEA], [HCD-TNC], ... would do the same thing for other schemes.</li> </ul> There would be some information in [HCD-NAP] that is also presented in [MS-SOH] and [HCD-ATR], and we would need to be careful to ensure that they stay in sync. I think that the main distinction between them would be that the protocol binding spec would focus on the bits and bytes, and the other documents (particularly [HCD-ATR]) would contain more descriptive information. <pre class="moz-signature" cols="76">-- Regards, Brian Smithson PM, Security Research PMP, CISSP, CISA, ISO 27000 PA Advanced Imaging and Network Technologies Ricoh Americas Corporation (408)346-4435</pre> Randy Turner wrote: <blockquote cite="mid:CC159EAE-9543-42AF-9CB6-5C3004B829D9@amalfisystems.com" type="cite">Hi Brian, <div> </div> <div>I think what you're really proposing is that there would be an "IDS mapping document" and not a NAP document.  This one document would be single</div> <div>reference for implementers.  Does this sound right?</div> <div> </div> <div>Randy</div> <div> </div> <div> <div> <div>On Feb 2, 2009, at 10:42 AM, Brian Smithson wrote:</div> <blockquote type="cite"> <div bgcolor="#ffffff" text="#000000"> Regarding the new NAP draft: I tried to remove information that was already specified in other specs (MS-SOH and HCD-ATR) but unless I am mistaken, it was not as straightforward as we may have thought it might be. Nine of the attributes are described in other specs, so they fit nicely into the tabular format that was suggested back in October's meeting. However, the other eleven needed to be described in the NAP spec and for those I referred to subsequent sections for the details. Looking at the overall result, I'm wondering if this has made the NAP spec less usable for implementers. Some of the necessary information is in the NAP spec itself, some of it needs to be retrieved from one of two other documents, and some of it needs to be retrieved from yet another document (PA-TNC) that is referenced by one of the referenced documents (HCD-ATR). Maybe it would be better to fully specify things in the NAP spec? I realize that this will place the same information in two documents and risking that they lose sync with one another, but ultimately I think we want a binding spec to be implementer-friendly. Let's discuss on Thursday's call... <pre class="moz-signature" cols="76">-- Regards, Brian Smithson PM, Security Research PMP, CISSP, CISA, ISO 27000 PA Advanced Imaging and Network Technologies Ricoh Americas Corporation (408)346-4435</pre> Nevo, Ron wrote: <blockquote cite="mid:B7923DC68925CF4293920DA4ACB1F75F0910D9BD@NJCEVS01.sharpamericas.com" type="cite"> <div> </div> New NAP binding spec. updated by Brian is now posted. <a moz-do-not-send="true" href="ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090130_ncb.pdf">ftp://ftp.pwg.org/pub/pwg/ids/wd/wd-ids-napsoh10-20090130_ncb.pdf</a> <div> </div> Regards Ron Nevo Senior Product Manager  Information Security, DVM, Standards and Compliance Sharp Imaging and Information Company of America <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="http://www.sharpusa.com/products/applications/home/">www.sharpusa.com/products/applications/home/</a> ______________________________________________ Sharp Plaza  Mahwah    NJ 07430      <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:nevor@sharpsec.com">nevor@sharpsec.com</a> Phone: 201-760-3937   Fax: 201-529-9673  Cell: 201-220-5945 The contents of this email are the property of the sender. If it was not addressed to you, you have no legal right to read it . If you think you received it in error, please notify the sender. Do not forward or copy without permission of the sender. "Be Secure. Be Sharp." <div>  </div> </blockquote> </div> </blockquote> </div> </div> </blockquote> </body> </html>