Re: Fwd: [Nea] Re: use of a design team to develop requirements

[Alan DeKok <aland at deployingradius.com>]

Mike Fratto wrote:
> I think I can safely say that the purpose of NAC is NOT to impose
> anything on a host. The purpose of NAC is to allow a network owner to
> control access to it's resources, which is well within the network
> owner's right. Nothing more and nothing less. If a host is not upto
> snuff and the network owner requires certain actions to take place,
> the host can *choose* not to participate in the network. There is no
> forcing anything.

  So you're saying that the NEA protocol is informative:

a) client informs server what it has
b) server informs client what to do in order to gain network access
c) client does it, and is on the net, OR doesn't, and is kicked off.

> I can't speak for the IETF at large, but off the top of my noggin here
> are some other examples of potentially draconian standards,

  The "draconian standards" you reference are all informative, as
outlined above.  The issue with the NEA discussions is that NEA has been
claimed to allow arbitrary open-ended *queries* of the end host.

  Since you said above that NEA isn't about open-ended queries, I don't
think there's a need for more discussion on that point.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog

_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea