Meeting the InCommon Assurance profile criteria using Active Directory

[Eric Goodman <>]

That should say “somewhat” and not “someone” of course. (I hate typos!)

 

--- Eric

 

From: [mailto:] On Behalf Of Eric Goodman
Sent: Friday, June 07, 2013 10:15 AM
To:
Subject: [AD-Assurance] Cookbook edits

 

I didn’t say this as we got off the call, but I made some edits to the BitLocker statements already, to call out the use of approved algorithm.

 

I also did a quick scan of the appendices, and they look fine to me. I did rename the Appendix C from “Operational Considerations…[around use of]…Syskey” to “For Use of Disk Encryption Software” since Syskey is not considered sufficient.

 

I think Appendix F is someone non-sequitor-ish now that we removed any reference to password entropy from the rest of the doc, but I don’t see a problem leaving it in.

 

At this point I’ll stop editing to allow collection of comments on the doc as a “reference draft” we can all speak to.

 

--- Eric