The cyber agency wants feedback on rules that aim to prevent a repeat of an incident in which China-based hackers stole sensitive emails.