PB-TNC: A Posture Broker (PB) Protocol Compatible with Trusted Network Connect (TNC)
Note: This ballot was opened for revision 06 and is now closed.
(Tim Polk) Yes
(Ross Callon) No Objection
(Ralph Droms) (was Discuss) No Objection
Is there a reason that the Field Types defined in the PA-TNC document are not defined and used in this document? I guess the only two types that are used in this doc are Integer and String (perhaps OctetArray, which is used in the definition of string>). And, my curiosity is piqued by the choices of 16-bit versus 32-bit integers in various places, as well as the placement of various "Reserved" fields to the left or the right of some data fields. Section 4.6: The list of PB-Access-Recommendation codes cannot be extended; therefore this document does not request IANA to establish a registry. I think the list of PB-Assessment-Result codes also cannot be extended. Should there be a similar note about not establishing a registry? Nit: The citations to the reference entries for RFC 5209 and the PA-TNC specification are not attached to the first mentions of those docs; I assume the RFC Editor catches those editorial issues.
(Lars Eggert) (was Discuss) No Objection
(Pasi Eronen) No Objection
(Adrian Farrel) No Objection
(Russ Housley) (was Discuss) No Objection
(Alexey Melnikov) (was Discuss) No Objection
After talking to Tim about the issue I downgraded this to a comment: Should the expert review be required for Vendor specific registrations?
(Robert Sparks) (was Discuss) No Objection
I still find the mechanics of establishing and maintaining subscriptions very underspecified, but yield to the strong opinions of those closer to this work that such specification (and interoperability between these elements) is not needed.