Re: [Nea] IETF67 NEA WG Meeting summary

To: Mike Fratto <mfratto at gmail.com>
Subject: Re: [Nea] IETF67 NEA WG Meeting summary
From: Keith Moore <moore at cs.utk.edu>
Date: Wed, 15 Nov 2006 15:47:18 -0500
Cc: nea at ietf.org
In-reply-to: <a96eb4980611150838h1f89f2e7wb40a2e1c9c2f2273@mail.gmail.com>
List-archive: <http://www1.ietf.org/pipermail/nea>
List-help: <mailto:nea-request@ietf.org?subject=help>
List-id: Network Endpoint Assessment discussion list <nea.ietf.org>
List-post: <mailto:nea@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/nea>, <mailto:nea-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/nea>, <mailto:nea-request@ietf.org?subject=unsubscribe>
References: <A07B77F32153944CA64E551D7C23674E02E7CC67@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com> <455AB195.90900@cs.utk.edu> <a96eb4980611150838h1f89f2e7wb40a2e1c9c2f2273@mail.gmail.com>
User-agent: Thunderbird 1.5.0.8 (Macintosh/20061025)

-------- Original Message --------

regarding NEA: what I might be okay with is giving authorized
third-parties yes or no assurance that the host meets or does not meet
their policies, without giving them fine-grained detail about what is
installed on the host.  so the owner of a host could get details about
why a host did or did not fit within a particular network's policy, but
the network (if owned by another party than the owner of the host) could
only get yes or no information.   I would like to see this option
examined further.


Nothing is gained here regarding privacy. A validation server could
glean what is installed by asking a series of questions and inferring
the response.


I already pointed out that the protocol would have to prevent this somehow.

I think a reasonable solution is one that Steve offered in the other
thread where (to summarize), the endpoint, including the user, and the
network agree on what will be shared during an assessment and then the
network bases an access control decision on that assessment.
Therefore, people with privacy concerns don't expose information and
the network operator enforces local policy.


unacceptable, for reasons already given.

Keith

_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea

References:
- RE: [Nea] IETF67 NEA WG Meeting summary
  - From: Khaja Ahmed
- Re: [Nea] IETF67 NEA WG Meeting summary
  - From: Keith Moore
- Re: [Nea] IETF67 NEA WG Meeting summary
  - From: Mike Fratto

Prev by Date: Re: [Nea] privacy: exposing information to owner
Next by Date: Re: [Nea] IETF67 NEA WG Meeting summary
Previous by thread: Re: [Nea] IETF67 NEA WG Meeting summary
Next by thread: Re: [Nea] third-party assurances
Index(es):
- Date
- Thread

Re: [Nea] IETF67 NEA WG Meeting summary

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.