Re: [Nea] IETF67 NEA WG Meeting summary

To: dassa at dhs.org
Subject: Re: [Nea] IETF67 NEA WG Meeting summary
From: Keith Moore <moore at cs.utk.edu>
Date: Tue, 14 Nov 2006 09:32:48 -0500
Cc: nea at ietf.org
In-reply-to: <E1GjsFx-0002qU-P3@megatron.ietf.org>
List-archive: <http://www1.ietf.org/pipermail/nea>
List-help: <mailto:nea-request@ietf.org?subject=help>
List-id: Network Endpoint Assessment discussion list <nea.ietf.org>
List-post: <mailto:nea@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/nea>, <mailto:nea-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/nea>, <mailto:nea-request@ietf.org?subject=unsubscribe>
References: <E1GjsFx-0002qU-P3@megatron.ietf.org>
User-agent: Thunderbird 1.5.0.8 (Macintosh/20061025)

Couldn't the solution be as simple as allowing the client nodes the option
of deciding what information they are prepared to make available and the
network then using what is available to decide how they should be treated?

I really don't think so. The problem is with giving the network a way to interrogate the host in detail.

If not enough information is provided the node can be shunted off for some
form of remediation, if the network deems it has enough information then the
node can be allowed in.
Both parties have choices then, what information to provide and what is required to be accepted.

say you want to attend a conference, like IETF. but before we let you in the building where the conference is held we want to make sure you're okay. so we're going to lock you in a room with an interrogator and he's going to ask you an arbitrary number of arbitrary questions - maybe about your sex life, drug use, whatever. you're free to refuse to answer any question, but your failure to answer might determine whether we let you in or shunt you off for some form of remediation. after all, you have nothing to hide, right?

while we're at it, maybe we should examine your laptop too. maybe you have kiddie porn on there somewhere, maybe you have illegal mp3 files (despite the fact that we can't tell whether or not you have a license for such files - we'll decide for ourselves whether they're illegal or not). maybe you have open source software. that's bad enough - you never know what those guys will put in there. maybe you have p2p file sharing software - you must be a pirate! maybe you've even written some software of your own. we certainly don't want to trust that.

I'm not joking. there are people who would use this mechanism to do all kinds of invasive searches. there are people in the us congress who would see nothing wrong with having networks search computers for "illegal" or "subversive" content if the mechanisms to do so were already in place. it's simply not acceptable to standardize a mechanism that can be used to do invasive searches of a computer.

Keith

_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea

Follow-Ups:
- RE: [Nea] IETF67 NEA WG Meeting summary
  - From: Darryl \(Dassa\) Lynch
- [Nea] Requirements specifications
  - From: Alan DeKok

Prev by Date: Re: [Nea] IETF67 NEA WG Meeting summary
Next by Date: Re: [Nea] IETF67 NEA WG Meeting summary
Previous by thread: RE: [Nea] IETF67 NEA WG Meeting summary
Next by thread: [Nea] Requirements specifications
Index(es):
- Date
- Thread

Re: [Nea] IETF67 NEA WG Meeting summary

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.