[WIMS] MPSA Security Article

[WIMS] MPSA Security Article

[WIMS] MPSA Security Article

Michael Sweet msweet at apple.com
Tue Feb 8 22:46:15 UTC 2011


On Feb 6, 2011, at 12:56 AM, William Wagner wrote:
> An updated version reflecting comments made during the February face-to-face is posted at :
> ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.pdf and
> ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.doc
>  
> This includes a short biblio and a set of survey questions.
>  
> Comments and corrections are solicited. It is our objective to finalize this information and send it to MPSA by  10 February so that it can be posted next weekend.

Comments (on the PDF version):

Page 3: At the end of the first paragraph under "Log Generation and Availability", you have "... is often required for security purposes, (audit log), sometimes with alerts ..." - I don't think you meant to put commas around the parenthetical "audit log"...

Page 3: Paragraph starting with "Although the most secure approach" doesn't finish the thought. I think combining the first two sentences makes it clearer, e.g.:

Although the most secure approach is for devices to continually send out log information to an external repository as events occur, this is often neither practical nor justifiable.

Page 7: Question 6 is multiple choice, right?

Page 8: Question 7 could also be multiple choice for a, b, or c... My recommendation would be to break this into two questions: "If you are implementing logging, where is it kept?" and "How to you implement billing?" with "Logs", "Simple copy count", "other", and "not implementing billing".

Otherwise shaping up very nicely - thanks for working on this, Bill!

________________________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair





-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/wims/attachments/20110208/e657842c/attachment-0001.html>


More information about the wims mailing list