[Nea] heads-up on distsec

[Pekka Savola <pekkas at netcore.fi>]

Hi,

I just read the NEA problem statement and it looked rather sensible. 
What you didn't explain very extensively is your threat model.  You 
can be sure this will come up in the BoF from someone..

You already raise NEA Client self-integrity as an issue in Section 
9.3.  But is NEA approach good enough here because the first thing a 
next-generation worm/virus/malware will do is trick the NEA client 
using one of various techniques, therefore making the real posture 
undetectable?

You may not be aware of the "distsec" effort (the lastest draft 
rewrite is draft-kaeo-distsec-framework-00.txt), which describes a 
superset problem.  I'd recommend taking a look for ideas how to refine 
the problem statement, threat model and assumptions.

--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea