attachment-0001

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body bgcolor="#ffffff" text="#000000">
Unless these are not already adequately covered elsewhere:<br>
<ol>
  <li>Assuming that there is a PWG plug-in, how will end customers
obtain it? Windows Update? Eventually, in the Windows Server 20XX
distribution? Optional download from Microsoft? Download from PWG? Or?</li>
  <li>If there are vendor-specific extensions to the plug-in, how will
end customers obtain those?</li>
  <li>Once customers have the attribute definitions for assessing HCDs,
how will they obtain the appropriate values? (e.g., what is the current
firmware revision for vendor X, product Y?). By what mechanism will
those be maintained by vendors?</li>
  <li>How will customers be assured that the sources for the plug-in,
extensions, and current values have not been spoofed, and that their
contents have not been tampered with?<br>
  </li>
</ol>
<pre class="moz-signature" cols="76">-- 
Regards,
Brian Smithson
PM, Security Research
PMP, CSM, CISSP, CISA, ISO 27000 PA
Advanced Imaging and Network Technologies
Ricoh Americas Corporation
(408)346-4435</pre>
<br />-- 
<br />This message has been scanned for viruses and
<br />dangerous content by
<a href="http://www.mailscanner.info/"><b>MailScanner</b></a>, and is
<br />believed to be clean.
</body>
</html>

Comments are owned by the poster. All other material is Copyright © 2001-2024 The Printer Working Group. All rights reserved. IPP Everywhere, the IPP Everywhere logo, and the PWG logo are trademarks of the IEEE-ISTO.
About the PWG · Privacy Policy · PWG Webmaster