implemented IETF Remediation Instructions attribute
authorAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 18 Oct 2012 16:24:04 +0000 (18:24 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 18 Oct 2012 16:24:26 +0000 (18:24 +0200)
src/libimcv/Makefile.am
src/libimcv/ietf/ietf_attr.c
src/libimcv/ietf/ietf_attr_remediation_instr.c [new file with mode: 0644]
src/libimcv/ietf/ietf_attr_remediation_instr.h [new file with mode: 0644]
src/libimcv/plugins/imc_os/imc_os.c
src/libimcv/plugins/imv_os/imv_os.c
testing/tests/tnc/tnccs-20-os/description.txt

index 41146c9..cb59999 100644 (file)
@@ -21,6 +21,7 @@ libimcv_la_SOURCES = \
        ietf/ietf_attr_pa_tnc_error.h ietf/ietf_attr_pa_tnc_error.c \
        ietf/ietf_attr_port_filter.h ietf/ietf_attr_port_filter.c \
        ietf/ietf_attr_product_info.h ietf/ietf_attr_product_info.c \
+       ietf/ietf_attr_remediation_instr.h ietf/ietf_attr_remediation_instr.c \
        ietf/ietf_attr_string_version.h ietf/ietf_attr_string_version.c \
        ita/ita_attr.h ita/ita_attr.c \
        ita/ita_attr_command.h ita/ita_attr_command.c \
index f183e06..d11ad7f 100644 (file)
@@ -23,6 +23,7 @@
 #include "ietf/ietf_attr_pa_tnc_error.h"
 #include "ietf/ietf_attr_port_filter.h"
 #include "ietf/ietf_attr_product_info.h"
+#include "ietf/ietf_attr_remediation_instr.h"
 #include "ietf/ietf_attr_string_version.h"
 
 
@@ -65,13 +66,14 @@ pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, chunk_t value)
                        return ietf_attr_pa_tnc_error_create_from_data(value);
                case IETF_ATTR_ASSESSMENT_RESULT:
                        return ietf_attr_assess_result_create_from_data(value);
+               case IETF_ATTR_REMEDIATION_INSTRUCTIONS:
+                       return ietf_attr_remediation_instr_create_from_data(value);
                case IETF_ATTR_FORWARDING_ENABLED:
                        return ietf_attr_fwd_enabled_create_from_data(value);
                case IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED:
                        return ietf_attr_default_pwd_enabled_create_from_data(value);
                case IETF_ATTR_TESTING:
                case IETF_ATTR_NUMERIC_VERSION:
-               case IETF_ATTR_REMEDIATION_INSTRUCTIONS:
                case IETF_ATTR_RESERVED:
                default:
                        return NULL;
diff --git a/src/libimcv/ietf/ietf_attr_remediation_instr.c b/src/libimcv/ietf/ietf_attr_remediation_instr.c
new file mode 100644 (file)
index 0000000..7ec0b3c
--- /dev/null
@@ -0,0 +1,361 @@
+/*
+ * Copyright (C) 2012 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "ietf_attr_remediation_instr.h"
+
+#include <pa_tnc/pa_tnc_msg.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
+#include <debug.h>
+
+typedef struct private_ietf_attr_remediation_instr_t private_ietf_attr_remediation_instr_t;
+
+/**
+ * PA-TNC Remediation Instructions type  (see section 4.2.10 of RFC 5792)
+ *
+ *                       1                   2                   3
+ *   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |    Reserved   |       Remediation Parameters Vendor ID        |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |                  Remediation Parameters Type                  |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |            Remediation Parameters (Variable Length)           |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ */
+
+#define REMEDIATION_INSTR_MIN_SIZE             8
+#define REMEDIATION_INSTR_RESERVED             0x00
+
+/**
+ * IETF Remediation Parameters URI type  (see section 4.2.10.1 of RFC 5792)
+ *
+ *                     1                   2                   3
+ *   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |                 Remediation URI (Variable Length)             |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+
+/**
+ * IETF Remediation Parameters String type  (see section 4.2.10.2 of RFC 5792)
+ *
+ *                     1                   2                   3
+ *   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |                   Remediation String Length                   |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |                Remediation String (Variable Length)           |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  | Lang Code Len |  Remediation String Lang Code (Variable Len)  |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ */
+
+/**
+ * Private data of an ietf_attr_remediation_instr_t object.
+ */
+struct private_ietf_attr_remediation_instr_t {
+
+       /**
+        * Public members of ietf_attr_remediation_instr_t
+        */
+       ietf_attr_remediation_instr_t public;
+
+       /**
+        * Vendor-specific attribute type
+        */
+       pen_type_t type;
+
+       /**
+        * Attribute value
+        */
+       chunk_t value;
+
+       /**
+        * Noskip flag
+        */
+       bool noskip_flag;
+
+       /**
+        * Remediation Parameters Type
+        */
+       pen_type_t parameters_type;
+
+       /**
+        * Remediation Parameters
+        */
+       chunk_t parameters;
+
+       /**
+        * Remediation String
+        */
+       chunk_t string;
+
+       /**
+        * Remediation Language Code
+        */
+       chunk_t lang_code;
+
+       /**
+        * Reference count
+        */
+       refcount_t ref;
+};
+
+METHOD(pa_tnc_attr_t, get_type, pen_type_t,
+       private_ietf_attr_remediation_instr_t *this)
+{
+       return this->type;
+}
+
+METHOD(pa_tnc_attr_t, get_value, chunk_t,
+       private_ietf_attr_remediation_instr_t *this)
+{
+       return this->value;
+}
+
+METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
+       private_ietf_attr_remediation_instr_t *this)
+{
+       return this->noskip_flag;
+}
+
+METHOD(pa_tnc_attr_t, set_noskip_flag,void,
+       private_ietf_attr_remediation_instr_t *this, bool noskip)
+{
+       this->noskip_flag = noskip;
+}
+
+METHOD(pa_tnc_attr_t, build, void,
+       private_ietf_attr_remediation_instr_t *this)
+{
+       bio_writer_t *writer;
+
+       if (this->value.ptr)
+       {
+               return;
+       }
+
+       writer = bio_writer_create(REMEDIATION_INSTR_MIN_SIZE);
+       writer->write_uint8 (writer, REMEDIATION_INSTR_RESERVED);
+       writer->write_uint24(writer, this->parameters_type.vendor_id);
+       writer->write_uint32(writer, this->parameters_type.type);
+       writer->write_data  (writer, this->parameters);
+
+       this->value = chunk_clone(writer->get_buf(writer));
+       writer->destroy(writer);
+}
+
+METHOD(pa_tnc_attr_t, process, status_t,
+       private_ietf_attr_remediation_instr_t *this, u_int32_t *offset)
+{
+       bio_reader_t *reader;
+       u_int8_t reserved;
+       status_t status = SUCCESS;
+       u_char *pos;
+
+       *offset = 0;
+
+       if (this->value.len < REMEDIATION_INSTR_MIN_SIZE)
+       {
+               DBG1(DBG_TNC, "insufficient data for IETF remediation instructions");
+               return FAILED;
+       }
+       reader = bio_reader_create(this->value);
+       reader->read_uint8 (reader, &reserved);
+       reader->read_uint24(reader, &this->parameters_type.vendor_id);
+       reader->read_uint32(reader, &this->parameters_type.type);
+       reader->read_data  (reader, reader->remaining(reader), &this->parameters);
+       
+       this->parameters = chunk_clone(this->parameters);
+       reader->destroy(reader);
+
+       if (this->parameters_type.vendor_id == PEN_IETF &&
+               this->parameters_type.type == IETF_REMEDIATION_PARAMETERS_STRING)
+       {
+               reader = bio_reader_create(this->parameters);
+               status = FAILED;
+               *offset = 8;
+
+               if (!reader->read_data32(reader, &this->string))
+               {
+                       DBG1(DBG_TNC, "insufficient data for IETF remediation string");
+                       goto end;
+               }
+               pos = memchr(this->string.ptr, '\0', this->string.len);
+               if (pos)
+               {
+                       DBG1(DBG_TNC, "nul termination in IETF remediation string");
+                       *offset += 1 + (pos - this->string.ptr);
+                       goto end;
+               }
+               *offset += 4 + this->string.len;
+
+               if (!reader->read_data8(reader, &this->lang_code))
+               {
+                       DBG1(DBG_TNC, "insufficient data for IETF remediation lang code");
+                       goto end;
+               }
+               status = SUCCESS;
+
+end:
+               reader->destroy(reader);
+       }
+       return status;
+}
+
+METHOD(pa_tnc_attr_t, get_ref, pa_tnc_attr_t*,
+       private_ietf_attr_remediation_instr_t *this)
+{
+       ref_get(&this->ref);
+       return &this->public.pa_tnc_attribute;
+}
+
+METHOD(pa_tnc_attr_t, destroy, void,
+       private_ietf_attr_remediation_instr_t *this)
+{
+       if (ref_put(&this->ref))
+       {
+               free(this->parameters.ptr);
+               free(this->value.ptr);
+               free(this);
+       }
+}
+
+METHOD(ietf_attr_remediation_instr_t, get_parameters_type, pen_type_t,
+       private_ietf_attr_remediation_instr_t *this)
+{
+       return this->parameters_type;
+}
+
+METHOD(ietf_attr_remediation_instr_t, get_parameters, chunk_t,
+       private_ietf_attr_remediation_instr_t *this)
+{
+       return this->parameters;
+}
+
+METHOD(ietf_attr_remediation_instr_t, get_uri, chunk_t,
+       private_ietf_attr_remediation_instr_t *this)
+{
+       return this->parameters;
+}
+
+METHOD(ietf_attr_remediation_instr_t, get_string, chunk_t,
+       private_ietf_attr_remediation_instr_t *this, chunk_t *lang_code)
+{
+       if (lang_code)
+       {
+               *lang_code = this->lang_code;
+       }
+       return this->string;
+}
+
+/**
+ * Described in header.
+ */
+pa_tnc_attr_t *ietf_attr_remediation_instr_create(pen_type_t parameters_type,
+                                                                                                 chunk_t parameters)
+{
+       private_ietf_attr_remediation_instr_t *this;
+
+       INIT(this,
+               .public = {
+                       .pa_tnc_attribute = {
+                               .get_type = _get_type,
+                               .get_value = _get_value,
+                               .get_noskip_flag = _get_noskip_flag,
+                               .set_noskip_flag = _set_noskip_flag,
+                               .build = _build,
+                               .process = _process,
+                               .get_ref = _get_ref,
+                               .destroy = _destroy,
+                       },
+                       .get_parameters_type = _get_parameters_type,
+                       .get_parameters = _get_parameters,
+                       .get_uri = _get_uri,
+                       .get_string = _get_string,
+               },
+               .type = { PEN_IETF, IETF_ATTR_REMEDIATION_INSTRUCTIONS },
+               .parameters_type = parameters_type,
+               .parameters = chunk_clone(parameters),
+               .ref = 1,
+       );
+
+       return &this->public.pa_tnc_attribute;
+}
+
+/**
+ * Described in header.
+ */
+pa_tnc_attr_t *ietf_attr_remediation_instr_create_from_uri(chunk_t uri)
+{
+       pen_type_t type = { PEN_IETF, IETF_REMEDIATION_PARAMETERS_URI };
+
+       return ietf_attr_remediation_instr_create(type, uri);
+}
+
+/**
+ * Described in header.
+ */
+pa_tnc_attr_t *ietf_attr_remediation_instr_create_from_string(chunk_t string,
+                                                                                                                         chunk_t lang_code)
+{
+       pa_tnc_attr_t *attr;
+       bio_writer_t *writer;
+       pen_type_t type = { PEN_IETF, IETF_REMEDIATION_PARAMETERS_STRING };
+
+       /* limit language code to 255 octets */
+       lang_code.len = min(255, lang_code.len);
+
+       writer = bio_writer_create(4 + string.len + 1 + lang_code.len);
+       writer->write_data32(writer, string);
+       writer->write_data8 (writer, lang_code);
+
+       attr = ietf_attr_remediation_instr_create(type, writer->get_buf(writer));
+       writer->destroy(writer);
+
+       return attr;
+}
+
+/**
+ * Described in header.
+ */
+pa_tnc_attr_t *ietf_attr_remediation_instr_create_from_data(chunk_t data)
+{
+       private_ietf_attr_remediation_instr_t *this;
+
+       INIT(this,
+               .public = {
+                       .pa_tnc_attribute = {
+                               .get_type = _get_type,
+                               .get_value = _get_value,
+                               .build = _build,
+                               .process = _process,
+                               .get_ref = _get_ref,
+                               .destroy = _destroy,
+                       },
+                       .get_parameters_type = _get_parameters_type,
+                       .get_parameters = _get_parameters,
+                       .get_uri = _get_uri,
+                       .get_string = _get_string,
+               },
+               .type = { PEN_IETF, IETF_ATTR_REMEDIATION_INSTRUCTIONS },
+               .value = chunk_clone(data),
+               .ref = 1,
+       );
+
+       return &this->public.pa_tnc_attribute;
+}
+
diff --git a/src/libimcv/ietf/ietf_attr_remediation_instr.h b/src/libimcv/ietf/ietf_attr_remediation_instr.h
new file mode 100644 (file)
index 0000000..473280c
--- /dev/null
@@ -0,0 +1,109 @@
+/*
+ * Copyright (C) 2012 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ietf_attr_remediation_instrt ietf_attr_remediation_instr
+ * @{ @ingroup ietf
+ */
+
+#ifndef IETF_ATTR_REMEDIATION_INSTR_H_
+#define IETF_ATTR_REMEDIATION_INSTR_H_
+
+typedef struct ietf_attr_remediation_instr_t ietf_attr_remediation_instr_t;
+typedef enum ietf_remediation_parameters_t ietf_remediation_parameters_t;
+
+#include "ietf_attr.h"
+#include "pa_tnc/pa_tnc_attr.h"
+
+enum ietf_remediation_parameters_t {
+       IETF_REMEDIATION_PARAMETERS_URI =    1,
+       IETF_REMEDIATION_PARAMETERS_STRING = 2
+};
+
+/**
+ * Class implementing the IETF PA-TNC Remediation Instructions attribute.
+ *
+ */
+struct ietf_attr_remediation_instr_t {
+
+       /**
+        * Public PA-TNC attribute interface
+        */
+       pa_tnc_attr_t pa_tnc_attribute;
+
+       /**
+        * Get the Remediation Parameters Type (Vendor ID and Type)
+        *
+        * @return                              Remediation Parameters Type
+        */
+       pen_type_t (*get_parameters_type)(ietf_attr_remediation_instr_t *this);
+
+       /**
+        * Get the Remediation Parameters
+        *
+        * @return                              Remediation Parameters
+        */
+       chunk_t (*get_parameters)(ietf_attr_remediation_instr_t *this);
+
+       /**
+        * Get the Remediation URI
+        *
+        * @return                              Remediation URI
+        */
+       chunk_t (*get_uri)(ietf_attr_remediation_instr_t *this);
+
+       /**
+        * Get the Remediation String
+        *
+        * @param lang_code             Optional Language Code
+        * @return                              Remediation String
+        */
+       chunk_t (*get_string)(ietf_attr_remediation_instr_t *this,
+                                                 chunk_t *lang_code);
+};
+
+/**
+ * Creates a general ietf_attr_remediation_instr_t object
+ *
+ * @param parameters_type      Remediation Parameters Type
+ * @param parameters           Remediation Parameters
+ */
+pa_tnc_attr_t* ietf_attr_remediation_instr_create(pen_type_t parameters_type,
+                                                                                                 chunk_t parameters);
+
+/**
+ * Creates an ietf_attr_remediation_instr_t object of Remediation URI Type
+ *
+ * @param uri                          Remediation URI
+ */
+pa_tnc_attr_t* ietf_attr_remediation_instr_create_from_uri(chunk_t uri);
+
+/**
+ * Creates an ietf_attr_remediation_instr_t object of Remediation String Type
+ *
+ * @param string                       Remediation String
+ * @param lang_code                    Remediation String Language Code
+ */
+pa_tnc_attr_t* ietf_attr_remediation_instr_create_from_string(chunk_t string,
+                                                                                                                         chunk_t lang_code);
+
+/**
+ * Creates an ietf_attr_remediation_instr_t object from received data
+ *
+ * @param value                                unparsed attribute value
+ */
+pa_tnc_attr_t* ietf_attr_remediation_instr_create_from_data(chunk_t value);
+
+#endif /** IETF_ATTR_REMEDIATION_INSTR_H_ @}*/
index 32b1990..be8ca40 100644 (file)
@@ -24,6 +24,7 @@
 #include <ietf/ietf_attr_installed_packages.h>
 #include <ietf/ietf_attr_op_status.h>
 #include <ietf/ietf_attr_product_info.h>
+#include <ietf/ietf_attr_remediation_instr.h>
 #include <ietf/ietf_attr_string_version.h>
 #include <os_info/os_info.h>
 
@@ -309,6 +310,39 @@ static TNC_Result receive_message(imc_msg_t *in_msg)
                        }
                        e->destroy(e); 
                }
+               else if (attr_type.type == IETF_ATTR_REMEDIATION_INSTRUCTIONS)
+               {
+                       ietf_attr_remediation_instr_t *attr_cast;
+                       pen_type_t parameters_type;
+                       chunk_t parameters, string, lang_code;
+
+                       attr_cast = (ietf_attr_remediation_instr_t*)attr;
+                       parameters_type = attr_cast->get_parameters_type(attr_cast);
+                       parameters = attr_cast->get_parameters(attr_cast);
+
+                       if (parameters_type.vendor_id == PEN_IETF)
+                       {
+                               switch (parameters_type.type)
+                               {
+                                       case IETF_REMEDIATION_PARAMETERS_URI:
+                                               DBG1(DBG_IMC, "remediation uri: '%.*s'",
+                                                                          parameters.len, parameters.ptr);
+                                               break;
+                                       case IETF_REMEDIATION_PARAMETERS_STRING:
+                                               string = attr_cast->get_string(attr_cast, &lang_code);
+                                               DBG1(DBG_IMC, "remediation string: '%.*s' [%.*s]",
+                                                                          string.len, string.ptr,
+                                                                          lang_code.len, lang_code.ptr);
+                                               break;
+                                       default:
+                                               DBG1(DBG_IMC, "remediation parameters %B", &parameters);
+                               }                                               
+                       }
+                       else
+                       {
+                               DBG1(DBG_IMC, "remediation parameters %B", &parameters);
+                       }
+               }       
        }
        enumerator->destroy(enumerator);
 
index f5f7afe..f4ab0c6 100644 (file)
@@ -25,6 +25,7 @@
 #include <ietf/ietf_attr_op_status.h>
 #include <ietf/ietf_attr_pa_tnc_error.h>
 #include <ietf/ietf_attr_product_info.h>
+#include <ietf/ietf_attr_remediation_instr.h>
 #include <ietf/ietf_attr_string_version.h>
 #include <os_info/os_info.h>
 
@@ -224,6 +225,9 @@ static TNC_Result receive_message(imv_state_t *state, imv_msg_t *in_msg)
        if (os_name.len && os_version.len)
        {
                char *product_info;
+               char *uri = "http://remediation.strongswan.org/fix-it/";
+               char *string = "use a Linux operating system instead of Windows 1.2.3";
+               char *lang_code = "en";
 
                os_state = (imv_os_state_t*)state;
                os_state->set_info(os_state, os_name, os_version);
@@ -233,6 +237,14 @@ static TNC_Result receive_message(imv_state_t *state, imv_msg_t *in_msg)
                {
                        DBG1(DBG_IMV, "OS '%s' is not supported", product_info);
 
+                       attr = ietf_attr_remediation_instr_create_from_string(
+                                                               chunk_create(string, strlen(string)),
+                                                               chunk_create(lang_code, strlen(lang_code)));
+                       out_msg->add_attribute(out_msg, attr);
+                       attr = ietf_attr_remediation_instr_create_from_uri(
+                                                               chunk_create(uri, strlen(uri)));
+                       out_msg->add_attribute(out_msg, attr);
+
                        state->set_recommendation(state,
                                                                TNC_IMV_ACTION_RECOMMENDATION_ISOLATE,
                                                                TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MINOR);
index b3e1a31..91c53a2 100644 (file)
@@ -8,11 +8,13 @@ is using the <b>IF-M 1.0</b> measurement protocol defined by <b>RFC 5792 PA-TNC<
 exchange PA-TNC attributes.
 <p>
 <b>carol</b> sends information on her operating system consisting of the PA-TNC attributes
-<em>Product Information</em>, <em>String Version</em> and <em>Forwarding Enabled</em> up-front,
+<em>Product Information</em>, <em>String Version</em>, <em>Operational Status</em>,
+<em>Forwarding Enabled</em>, and <em>Factory Default Password Enabled</em> up-front,
 whereas <b>dave</b> must be prompted by the IMV to do so via an <em>Attribute Request</em>
 PA-TNC attribute. <b>carol</b> is then prompted to send a list of installed packages
 using the <em>Installed Packages</em> PA-TNC attribute whereas <b>dave</b>'s "Windows 1.2.3"
-operating system is not supported.
+operating system is not supported and thus <b>dave</b> receives a <em>Remediation
+Instructions</em> PA-TNC attribute.
 <p>
 <b>carol</b> passes the health test and <b>dave</b> fails. Based on these assessments
 which are communicated to the IMCs using the <em>Assessment Result</em> PA-TNC attribute,