RE: [Nea] IETF67 NEA WG Meeting summary

To: <nea at ietf.org>
Subject: RE: [Nea] IETF67 NEA WG Meeting summary
From: Khaja Ahmed <khaja at windows.microsoft.com>
Date: Wed, 15 Nov 2006 10:59:16 -0800
Cc: Keith Moore <moore at cs.utk.edu>
In-reply-to: <455AAD0A.8060309@cs.utk.edu>
List-archive: <http://www1.ietf.org/pipermail/nea>
List-help: <mailto:nea-request@ietf.org?subject=help>
List-id: Network Endpoint Assessment discussion list <nea.ietf.org>
List-post: <mailto:nea@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/nea>, <mailto:nea-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/nea>, <mailto:nea-request@ietf.org?subject=unsubscribe>
Thread-index: AccIe56O16xgcGmcTrKKnt8fs9pP+AAZjwSg
Thread-topic: [Nea] IETF67 NEA WG Meeting summary

The risk is indeed easy to understand.  

It needs to have a mitigation mechanism and we need a mechanism that
allows the owner of a host to explicitly choose to undertake the risk or
not.

By way of mitigation measure we can articulate a requirement that the
protocol MUST be capable of employing some authentication measure to
determine who is asking for the information.

We should also have a requirement that the protocol MUST be run only
when authorized.  Meaning some mechanism in the host needs to explicitly
allow the protocol to communicate information.  There MAY, additionally,
be fine grained controls that authorize specific sub-sets of the
information based on identity/anonymity of the requestor.  The
authorization MAY allow that all requestors be provided the information
requested.  This is perfectly appropriate for situations that have other
mitigating measures.  For example a corporate server / desktop that is
never expected to leave the building and / or be on any other network.
As long as this is an explicit risk management choice made by the owner
of the asset it should be fine.  


Khaja

-----Original Message-----
From: Keith Moore [mailto:moore at cs.utk.edu] 
Sent: Tuesday, November 14, 2006 10:01 PM
To: Mike Fratto
Cc: nea at ietf.org
Subject: Re: [Nea] IETF67 NEA WG Meeting summary

> Can you please move this entire thread elsewhere? It is not
> sunstantive to the discussion of setting ID requirements. If you are
> unwilling to do that, then how about adding something substantive.

no, I'm not willing to move this thread elsewhere, because security and 
privacy issues are at the crux of the problem that NEA must solve if it 
is to meet rfc 2026 criteria and gain community consensus.

> For example, Keith, you have referenced time and time again vague
> risks to privacy.  Can you spell out in clear and actionable terms
> what those risks are? A bulleted list with a short description would
> be useful.

it's too simple a concept for a bulleted list.

how difficult is it to understand that people don't want the contents of

their hard drives to be subjected to arbitrary searches as a 
precondition to being able to access networks?


_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea

_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea

Follow-Ups:
- Re: [Nea] IETF67 NEA WG Meeting summary
  - From: Keith Moore

References:
- Re: [Nea] IETF67 NEA WG Meeting summary
  - From: Keith Moore

Prev by Date: Re: [Nea] privacy: exposing information to owner
Next by Date: Re: [Nea] privacy: exposing information to owner
Previous by thread: Re: [Nea] IETF67 NEA WG Meeting summary
Next by thread: Re: [Nea] IETF67 NEA WG Meeting summary
Index(es):
- Date
- Thread

RE: [Nea] IETF67 NEA WG Meeting summary

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.