[Nea] Requirements specifications
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nea] Requirements specifications
Keith Moore <moore at cs.utk.edu> wrote:
> I'm not joking. there are people who would use this mechanism to do all
> kinds of invasive searches. there are people in the us congress who
> would see nothing wrong with having networks search computers for
> "illegal" or "subversive" content if the mechanisms to do so were
> already in place. it's simply not acceptable to standardize a mechanism
> that can be used to do invasive searches of a computer.
To re-phrase that, NEA can permit such searches only with the
consent of the end host. And the party assessing posture has to prove
its identity to the end host, before the end host even admits it knows
about NEA.
And all of that has to happen before the end host gains full network
access. Remediation can be done later, but the initial assessment of
identities and consent has to be done before the end host is allowed
on the network, and before the end host accepts a connection to an
unknown network.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
