 |
 |
 |
 |
|
 |
|
 |
|
 |
|
 |
|
|
|
|
|
|
|
|
|
|
|
|
|
1.-After reading most of the messages on this topic I think that
having NEA endpoint/network negotiate to what level they are willing to
disclose attributes (endpoints) and policies (network) will expand the scope of
the WG and its applicability and perhaps is most desirable. 2.-I seem to have read that some of the requirements being
proposed include having NEA provide encryption and authentication: hopefully
that means leveraging existing protocols that already exist and not bulking NEA
with its own versions of those. 3.-Last, but not least J, when
endpoint and network are presented as adversaries, unwilling to disclose full
information about each other, what ensures that the assertions resulting from one
NEA negotiation/protocol query are reliable: say network queries the endpoint
about attributes or network provides endpoint client with policies: what part of
the protocol ensures the compliance assurance by the endpoint is reliable? Should
this be a requirement too? Regards, Juan Gomez |
_______________________________________________ Nea mailing list Nea at ietf.org https://www1.ietf.org/mailman/listinfo/nea