Fw: [2600] IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference

Fw: [2600] IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference

Randy Turner rturner at amalfisystems.com
Fri Apr 10 13:07:22 EDT 2009 



Following up on Bill's comments regarding "a bit more vigor" with regards to TCG goals, I think there is an area that is ripe for pursuing that has
been more or less avoided by the PWG IDS group, and that is "remediation"; preferably "automated remediation".

Randy
  ----- Original Message ----- 
  From: William Wagner 
  To: STDS-2600 at LISTSERV.IEEE.ORG 
  Sent: Friday, April 10, 2009 9:32 AM
  Subject: Re: [2600] IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference


  All,

   

  I suggest that the TCG HCWG, being part of the TCG and privy to the objectives and plans of the TCG, should concentrate on the how  hardcopy equipment  is to be compatible with the protocols, specification and practices that TCG is developing. It does not seem reasonable either from the  industry  of from the TCG perspective that the TCG HCWG go beyond consideration of TCG principals with respect to hardcopy equipment. This is not to suggest that there is little work there. Understanding what the TCG is doing and applying it to hardcopy equipment, developing use cases, and either developing or identifying solutions would seem to be important both to the meet the objectives of the TCG and to provide the industry with interoperable approaches.

   

  However, the TCG HCWG should seek to address the hardcopy specific aspects in a way that is not incompatible with approaches being developed by the industry to satisfy similar objectives under different auspices.  It is unclear what body, if any, will seek to standardize methods of meeting the requirements in IEEE2600; that is a separate issue. However, following up on a request from the TCG HCWG,  the PWG IDS group is seeking to address the hardcopy equipment health attributes in a way compatible with both TCG/NEA and NAP (and perhaps the several other proprietary network access control methods in existence). Therefore, some degree of mutual cooperation and overlap is highly desirable.

   

  Perhaps I see the TCG HCWG continuing to operate as it has with respect to network access control, but with a bit more vigor. That is, the HCWG might best act in determining HC specific use cases for TCG objectives, evaluating whether TCG or other protocols or procedures are effective and practical in addressing these objectives, and if necessary developing requirements specifications  for what additional features  to existing solutions or completely new solutions are necessary. However,  I suggest that the actual designs addressing any such requirements specifications best be done by a broader, non restricted industry group that can consider them in a wider non-TCG specific sense.

   

  I think these sentiments may  be in agreement with Dave and Randy's comments. 

   

  Bill Wagner

   

  From: owner-ids at pwg.org [mailto:owner-ids at pwg.org] On Behalf Of Dave Whitehead
  Sent: Friday, April 10, 2009 9:55 AM
  To: Randy Turner
  Cc: ids at pwg.org; owner-ids at pwg.org; STDS-2600 at LISTSERV.IEEE.ORG
  Subject: Re: IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference

   


  All, 

  I agree with Randy that the goals and objectives of the various bodies should not overlap.  The goals and objectives of the TCG HCWG need to be complementary to those of the P2600 and PWG IDS groups. 

  dhw 

  David H. Whitehead
  Development Engineer
  Lexmark International, Inc.
  859.825.4914
  davidatlexmarkdotcom 



        "Randy Turner" <rturner at amalfisystems.com> 
        Sent by: owner-ids at pwg.org 

        04/10/09 01:01 AM 
       To
             <STDS-2600 at LISTSERV.IEEE.ORG> 
             
              cc
             <ids at pwg.org> 
             
              Subject
             IDS> minutes from April 8 2009 TCG HCWG charter discussion teleconference
             

         

              
       



  Hi All,

  After reading the minutes from the latest TCG HCWG re-chartering discussion,
  I have the following comment...

  I think, at a minimum, any new charter for the TCG HCWG should be filtered
  through the goals and objectives of the p2600 work
  and the PWG-IDS activity to determine any new objectives.

  in other words,

  o1 = set of p2600 goals and objectives (both core standard and protection
  profiles)
  o2 = set of PWG IDS goals and objectives (including NEA/TNC + IDS
  attributes)
  o3 = The union of o1 and o2 (i.e., o1 U o2)

  o4 = The set of proposed TCG HCWG goals and objectives

  The intersection of o3 and o4 should be the empty set

  Thanks,
  Randy


  ----- Original Message -----
  From: "Brian Smithson" <brian.smithson at RICOH-USA.COM>
  To: <STDS-2600 at LISTSERV.IEEE.ORG>
  Sent: Thursday, April 09, 2009 1:13 PM
  Subject: [2600] minutes from April 8 2009 TCG HCWG charter discussion
  teleconference


  > Please see the attached meeting minutes from yesterday's teleconference
  > discussion of the TCG Hardcopy Workgroup charter revision.
  >
  > Many thanks to Shah Bhatti for leading the discussion, Seigo Kotani for
  > acting as interim chair and BoD liaison, Steve Hanna for providing
  > perspective from the TNC WG, and Lee Farrell for contributing his
  > excellent notes to the production of these minutes.
  >
  > --
  > Regards,
  > Brian Smithson
  > PM, Security Research
  > PMP, CISSP, CISA, ISO 27000 PA
  > Advanced Imaging and Network Technologies
  > Ricoh Americas Corporation
  > (408)346-4435
  >
  > 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.pwg.org/archives/ids/attachments/20090410/0f142fab/attachment.html

More information about the Ids mailing list